0

Consuming Webservice over HTTPS

We have a webservice that we are consuming from our end.

Webservice can run both on HTTP and HTTPS protocol. With HTTP no issues, but how to access with HTTPS.

Can anybody tell me the java code for the same. I need to do this at the application level.

Keystores and truststores will be required but how to use in java code and and trust them.

Any help will be appreciated.

csturtz
  • 6,380
  • 2
  • 24
  • 34
Ankur Singhal
  • 26,012
  • 16
  • 82
  • 116
  • 2
    I think you need to add some detail to your question so we know exactly what you're looking for. For example, do you need ot know how to get a certificate into the provided cacerts truststore or are you wanting to know how to use a truststore other than cacerts? Also, do you already have your client certificate that the server will receive? Are you using the Java provided HTTP classes or Apache's? – csturtz Mar 08 '12 at 16:35
  • Hi csturtz..I have the client certificates and i have imported them as well. We are suing axis 2 API to consume the webservice. My concern is how to make use of these certificates into java code and do SSL handshake. For that part i need some java code. – Ankur Singhal Mar 09 '12 at 04:53

1 Answers1

0

The server authentication part should be easy. Just stick the required cert(s) in the provided cacerts truststore.. see this documentation for some info on using keytool to work with the cacerts truststore.

As far as the client authentication part, I'd look at some other questions here on Stack Overflow for your answer or at least some code to get you started. Here are some questions you should look at:

Creating SSL Client with Axis2/JAVa, and Choosing SSL client certificate in Java should be a couple for you to look at.

Last, I'm going to submit another edit to add the 'axis2' tag to your question. That should get some more people looking at this that have the appropriate experience.

Community
  • 1
  • 1
csturtz
  • 6,380
  • 2
  • 24
  • 34
  • Cacerts part has been done succesfully, there is no issue with that.I want to load these certificates in java code, then enable 2 way SSL in the code, this part i am not very sure how to start with. I have gobe through forums, i got some basic idea that we need to create SSL context/factory, but not very clear on this. – Ankur Singhal Mar 09 '12 at 16:52
  • Ok. Until you have a more specific problem you need help solving, I'm not sure how much more specific of an answer. There are plenty of resources (existing SO questions, tutorials, blogs, etc) that should give you a starting point for the SSL context/factory work. I don't think you'll get better information on this question than what's already available to you. This goes back to you needing to be more specific with your question. MY suggestion would be to start trying it yourself and post more specific questions here as you get stuck on something. – csturtz Mar 09 '12 at 17:04
  • 1
    I have gone thru few forums, understood little bit. Loading keystores/trustsores is fine now. Creating SSLContext, securefacotory i got it. But in the end they check for instanceof HttpsURLConnection, using this they open a connection..But what code needs to be written after that. How tomake use of this code in webservice. Please need some help on this. Even i do not have the environment where i can test, for security reasons i cannot access webservice over HTTPS. – Ankur Singhal Mar 12 '12 at 17:06