1

I have set of user certificates, I would like to authenticate users using respective user cert.

I configured the server to enable user authentication. It works fine from browser. In case of multiple user certs, it prompts me to select the cert need to be used. My question is, how can I do that from java?? I am using RestTemplate to communicate to the server.

In case of single user certs I can add that to the java key store and make use of it. How can I use a particular user cert for a particular rest call??

August Lilleaas
  • 54,010
  • 13
  • 102
  • 111
Kajal
  • 709
  • 8
  • 27

1 Answers1

2

The standard terminology to use here are "client certificates", so you would probably have more luck Googling for that, e.g. "RestTemplate client certificate".

Here's some copy/pasted code from another Stack Overflow answer: 

KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(new FileInputStream(new File("keystore.jks")),
        "secret".toCharArray());
SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(
        new SSLContextBuilder()
                .loadTrustMaterial(null, new TrustSelfSignedStrategy())
                .loadKeyMaterial(keyStore, "password".toCharArray()).build());
HttpClient httpClient = HttpClients.custom().setSSLSocketFactory(socketFactory).build();
ClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory(
        httpClient);
RestTemplate restTemplate = new RestTemplate(requestFactory);
ResponseEntity<String> response = restTemplate.getForEntity(
        "https://localhost:8443", String.class);
Community
  • 1
  • 1
August Lilleaas
  • 54,010
  • 13
  • 102
  • 111
  • Thank you @August Lilleaas. I want to use the particular cert for a particular call. There may be simultaneously call to the remote server. Each call I may need to use different certs. – Kajal May 06 '16 at 09:28
  • 1
    Exactly - this code shows how to make a single RestTemplate instance to perform a single request to localhost:8443, where only this particular request is configured to use a specific key/cert. – August Lilleaas May 06 '16 at 09:29
  • Thank you so much. – Kajal May 06 '16 at 09:31
  • You can have multiple certs in a KeyStore, but if you want to make sure that only a specific one is valid for a request, then you would need one KeyStore for each certificate. – August Lilleaas May 06 '16 at 09:34
  • Thank you so much. – Kajal May 06 '16 at 09:35