I need to write Android app that will be communicate with .Net service. I have to make server/client authentication. I found some useful topics (this blog and this blog) , but they both show how to made server authentication. How can I made client authentication? I found a useful discussion, but there author uses Sockets, but i need to make it via HttpClient.
Asked
Active
Viewed 4,952 times
4
-
KeyManagerFactory.getInstance("sunX509"); TrustManagerFactory tmf = trustManagerFactory.getInstance("X509"); tmf.init(ks); – drifter May 01 '11 at 16:08
1 Answers
5
the following allows me to use my own rootca and client+server certificates. ie, security without paying anyone money :-)
create your rootca, and client and server keys and certs using openssl (many tutorials for this on the web)
create rootcacert.bks using keytool with bouncycastle as provider and -importcert
create clientcertandkey.p12 using openssl pkcs12 -export ...
HttpClient httpClient = null;
try {
HttpParams httpParameters = new BasicHttpParams();
KeyStore rootca = KeyStore.getInstance("BKS");
rootca.load(getResources().openRawResource(R.raw.rootcacert),"bkskeystorepass".toCharArray());
KeyStore mycert = KeyStore.getInstance("pkcs12");
mycert.load(getResources().openRawResource(R.raw.clientcertandkey),"pkcs12storepass".toCharArray());
SSLSocketFactory sockfact = new SSLSocketFactory(mycert,null,rootca);
SchemeRegistry registry = new SchemeRegistry();
registry.register(new Scheme("https",sockfact , 443));
httpClient = new DefaultHttpClient(new ThreadSafeClientConnManager(httpParameters, registry), httpParameters);
} catch (Exception e) {
e.printStackTrace();
}
SteelBytes
- 6,905
- 1
- 26
- 28