19

Say I have two Java apps that I wrote: Ping.jar and Pong.jar and they get deployed and ran on two separate servers (Ping.jar deploys to srv-01.myorg.com and Pong.jar deploys to srv-02.myorg.com), and these two apps need to communicate with each other (2-way) via SSL. Let's also assume that each app has its own SSL Certificate.

  • How do I, a Java programmer, code Ping and Pong to verify each other's SSL cert? Does each CA provide some kind of RESTful API that I can hit with, say, HttpClient? Does Java have its own certificate-verifying API? Are there open source third party JARs or services I can use?

I was surprised by how little turned up when I searched for this online.

IAmYourFaja
  • 55,468
  • 181
  • 466
  • 756
  • What webservers are you using? Enabling SSL (in your case mutual-ssl) is usually a case of server configuration, not coding. – npe Jun 21 '12 at 17:41
  • Well, let's say both scenarios: (1) a pure Java app using raw sockets/NIO (as my use case above implies), and (2) Oracle GlassFish. I'm actually interested in both use cases now. – IAmYourFaja Jun 21 '12 at 17:46
  • Ad 1. Never tried, this might be a hell of a task to start from scratch. Ad 2. Check out [this link](http://glassfish.java.net/javaee5/security/faq.html), especially two questions about SSL and client certificate authentication. There is far more to it so read Glassfish docs about security, but like I said, it's all about configuration, not coding. – npe Jun 21 '12 at 18:07

4 Answers4

32

If you're connecting using the Java SE SSL/TLS classes (e.g. SSLSocket or SSLEngine), you're using the Java Secure Socket Extension (JSSE).

It will verify the remote party's certificate according to the SSLContext that was used to create this SSLSocket or SSLEngine.

This SSLContext will be initialised with TrustManager that dictate how trust should be established.

Unless you need specific configuration, you can often rely on the default values: this will rely on the PKIX algorithm (RFC 3280) to verify the certificate against a set of trust anchors (in cacerts by default). cacerts, shipped with the Oracle JRE is a JKS keystore to which you can add additional certificates. You can add certificates explicitly using keytool for example.

You can also create an X509TrustManager based on a custom keystore programmatically (as described in this answer) and use it in a specific SSLContext that doesn't affect the default one.

In addition to this, if you're using your own protocol, you'll need to verify that the certificate you've obtained matches the host name you were looking for (see RFC 6125). Typically, you can look for the subject alternative name in the X509Certificate you get (get the first peer certificate in the chain from the SSLSession), failing that, look for the CN RDN in the Subject Distinguished Name.

Community
  • 1
  • 1
Bruno
  • 119,590
  • 31
  • 270
  • 376
  • 1
    This procedure does not cover checking if the certificate got revoked or not. Signature verification is not enough as revoked certificates still have valid CA signature. – Krzysztof Tomaszewski May 13 '20 at 09:19
1

You can get the peer certificate either by attaching a HandshakeCompletedListener to the SSLSocket and getting the certificate from the event, or else by getting the SSLSession from the SSLSocket and getting the peer certificate from the session.

SSL provides privacy, integrity, and authentication of the peer identity. Whether that peer identity is the one the application expects, and what that identity is allowed to do in the application, should be checked by the application if necessary. This is the 'authorization' step, and SSL cannot do it for you.

user207421
  • 305,947
  • 44
  • 307
  • 483
0

AFAIK certificate verification should consist of following steps:

  1. Certificate formal verification by verifying its signature, validity in terms of current time and validity in terms of a domain that is using given certificate. These things can be checked without any additional network communication.
  2. Checking if certificate was not revoked - this is what is missing in answer given by @Bruno (otherwise I agree with him). I think this check can be only done after getting a fresh CRL (certificate revocation list) from the CA that signed the certificate (network communication with CA).
Krzysztof Tomaszewski
  • 1,033
  • 11
  • 16
-1

You don´t have to manually check each other´s certificates.

You just have to import each server certificate into each other´s cacerts, this way both application servers will automatically trust each other.

Eduardo Andrade
  • 946
  • 7
  • 10
  • What if both endpoints are lying? I provided this Ping/Pong example to illustrate the concept of trying to verify a cert in pure Java. The fact that I wrote Ping/Pong should not imply they can trust each other! Thinking more abstractly: if Ping and Pong were written by different development shops and hosted on 2 totally separate networks, what would they have to do to verify each other's certs? – IAmYourFaja Jun 21 '12 at 19:30
  • Yes you do. SSL provides privacy, integrity, and authentication of the peer identity. Whether that peer identity is the one the application expects, and what that identity is allowed to do in the application, should be checked by the application if necessary. This is the 'authorization' step, and SSL cannot do it for you. – user207421 Jun 22 '12 at 00:12
  • This answer is fragile (and dangerous if done in production). When either endpoint's Certificate is renewed, things will break. – Signal15 May 11 '21 at 16:40