0

We have multiple servers with each server having different CARoot/CABundle, using jetty client is it possible to create a connection with servers by providing server specific TLS details?

For instance, if Server A has CARoot file a.pem and Server B has b.pem, in this case with one jetty client instance can we specify a.pem while establishing connection towards A and similarly b.pem while establishing connecting towards B?

In our Java application, we are reading multiple TLS certificates and using them to create the keystore and truststore files. Then we load those files into the JVM. Using that, we are creating a Jetty HttpClient over TLS and sending requests to servers. Is it possible to select a server-specific certificate while sending the request using Jetty HttpClient connections?

techie_901
  • 1
  • Just to understand your question better (without having an answer in mind): Do you mean you want to implement _certificate pinning_ where you specify the certificate that has to be presented by a specific server? (Or specify the CA that a server has to have signed a specific servers certificate.) – cyberbrain Jun 20 '23 at 15:56
  • using bearer token that's created by jks or p12 ? – cscmh99 Jun 20 '23 at 16:25
  • @cyberbrain we are not implementing certificate pinning. We are using one jetty client instance for establishing connection towards A & B. Is there any way to specific server specific TLS details programmatically. – techie_901 Jun 21 '23 at 12:11
  • @cscmh99 Server is not supporting bearer token to validate SSL connection – techie_901 Jun 21 '23 at 12:17
  • Maybe one of the answers to this other SO question [Jetty: How to use SSL in Jetty client side](https://stackoverflow.com/q/33146476/2846138) will help you out. – cyberbrain Jun 21 '23 at 12:54

0 Answers0