-1

The communication is made one way ,Though truststore is empty from client side ,SSL handshake failure is not happening which is expected instead the communication is going through.

My understanding by adding this ((SSLSocket)s).setNeedClientAuth(true); will check for one-way . this particular code is added in client side

Rajiv
  • 179
  • 1
  • 2
  • 16
  • You need to set that at the server, not the client, but it doesn't do what you claim here. Clearly you haven't configured your empty truststore correctly. – user207421 Sep 12 '19 at 17:54
  • In case of two-way wt should i include in code with respect to both client side & server side to validate the exchange of certificates ? @user207421 – Rajiv Sep 13 '19 at 03:21
  • No. What part of 'at the server' and 'doesn't do what you claim here' didn't you understand? You need to provide some evidence here of how you have configured your empty truststore. NB `setNeedClientAuth(true)` causes *two*-way authentication: your question is about *one*-way authentication. – user207421 Sep 13 '19 at 07:36
  • @user207421 , Sorry it was my misunderstanding , once you have a valid keystore & truststore loaded part of server & client , it's by default it starts working as one-way for which we don't need to set any field in case if required to implement two-way from server side you need to set setNeedClientAuth(true) – Rajiv Sep 17 '19 at 03:59
  • Yes, that's what I already told you, last week. – user207421 Sep 17 '19 at 04:48

1 Answers1

0

Sorry it was my misunderstanding , once you have a valid keystore & truststore loaded part of server & client , it's by default it starts working as one-way for which we don't need to set any field in case if required to implement two-way from server side you need to set setNeedClientAuth(true)

Rajiv
  • 179
  • 1
  • 2
  • 16