4

I want to connect my Eclipse plug-in to an HTTPS URL, but have a problem because the user would need to accept the certificate. Of course there are a couple of tutorials for how to do this in plain Java, but that might be hard to do inside an Eclipse plug-in and I think I'd reinvent the wheel that way.

Because Eclipse has some built in tooling to connect to sites with different network protocols. An example would be the "Install new Software..." action. The tooling even has a preference page that lists HTTPS separately.

According to the Eclipse Help, the KeyStore is used "as a repository for Certificates used for trust decisions [...] when making SSL connections". Yet I couldn't figure out how to use it.

So my question is: How do I use the Eclipse's build in facilities to connect to my HTTPS site?

Stefan S.
  • 3,950
  • 5
  • 25
  • 77
  • There is an example of using the Eclipse proxy service [here](http://blog.vogella.com/2009/12/08/eclipse-rcp-proxy-preference/) – greg-449 Sep 06 '16 at 09:04
  • @greg-449 I checked that one already out. Sadly there is no certificate handling, which I'm sure Eclipse has to do at some point. – Stefan S. Sep 06 '16 at 09:12

1 Answers1

0

Based on this answer here I build my own plug-in which loads just the one certificate I need (lucky me) in its EarlyStartup:

public class EarlyStartup implements IStartup {

    private static final String ALIAS = "ACME"; 

    @Override
    public void earlyStartup() {
        final char[] passphrase = "changeit".toCharArray();
        final char separator = File.separatorChar;
        final File dir = new File(System.getProperty("java.home") + separator + "lib" + separator + "security");
        final File file = new File(dir, "cacerts");

        try (InputStream certIn = getClass().getResourceAsStream("acme.org.crt");
                final InputStream localCertIn = new FileInputStream(file);) {

            final KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
            keystore.load(localCertIn, passphrase);
            if (keystore.containsAlias(ALIAS)) {
                return;
            }

            final CertificateFactory cf = CertificateFactory.getInstance("X.509");
            final Certificate cert = cf.generateCertificate(certIn);
            keystore.setCertificateEntry(ALIAS, cert);

            try (OutputStream out = new FileOutputStream(file)) {
                keystore.store(out, passphrase);
            }
        } catch (final Exception e) {
            e.printStackTrace();
        }
    }
}
Community
  • 1
  • 1
Stefan S.
  • 3,950
  • 5
  • 25
  • 77