0

I am pretty new to authenticating web services using Java.

I have started working on a task wherein I am supposed to upload a document to a server using POST request. I did that task.

Another requirement is to use x.509 certificate for authentication as a client (not server). This is where I am getting a bit confused.

I did some research on google. Here is what I could found

  1. https://www.geeksforgeeks.org/x-509-authentication-service/
  2. Where do I get an x509 certificate from?
  3. What is the right way to send a client certificate with every request made by the resttemplate in spring?

I Found multiple things but could not link these together. So coming here to link the dots. Here's what I could gather

  1. x.509 certificates is used to authenticate the client itself
  2. It contains key value pairs such as public key information, subject name, issuer name
  3. There is JKS file(.jks) file which also contains some public and private key information

Here are my questions:

  1. How x.509 certificate and JKS file are related?
  2. Is it mandatory to have jks file for x509 authentication?
  3. How public and private keys are stored as far as x509 authentication is concerned?
  4. Where do I get x509 certificates? If I can generate, do I need to generate two of them - one having public key and the other having private key
  5. Once I have the certificates, where should I store the certificates for a real world application?
  6. Can someone share some code or point me to some code which can be a sample program explaining the concepts?

Basically the working of x509 authentication

  1. https://www.geeksforgeeks.org/x-509-authentication-service/
  2. Where do I get an x509 certificate from?
  3. What is the right way to send a client certificate with every request made by the resttemplate in spring?
Tech Savy
  • 1
  • 2

0 Answers0