Databases
StackOverflow2013
Postsdbo
PO
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    primarykey
    data
    text
    <p>The twist here is that you are using client authentication, so you need a private key and a certificate to identify yourself. You provide this to JSSE by specifying KeyManagers when you initialize an SSLContext. </p> <h2>Customizable Setup</h2> <p>Following are the basic steps. The JSSE API was significantly improved in Java 6, but I'll stick with Java 5, in case you're stuck on that version.</p> <pre><code>KeyStore tks = KeyStore.getInstance(KeyStore.getDefaultType()); tks.load(...); /* Load the trust key store with root CAs. */ TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); tmf.init(tks); KeyStore iks = KeyStore.getInstance(KeyStore.getDefaultType()); iks.load(...); /* Load the identity key store with your key/cert. */ KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); kmf.init(iks, password); SSLContext ctx = SSLContext.getInstance("TLS"); ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null); SocketFactory factory = ctx.getSocketFactory(); Socket socket = factory.createSocket(host, port); </code></pre> <h2>System Configuration</h2> <p>An alternative "zero-config" scenario can be used when using the <code>SunJSSE</code> provider. I believe many other providers (like IBM) have followed the same pattern and will work as well. The mechanism uses <a href="http://java.sun.com/j2se/1.5.0/docs/api/java/lang/System.html#getProperties()" rel="nofollow noreferrer">system properties,</a> and is described in detail by the <a href="http://java.sun.com/j2se/1.5.0/docs/guide/security/jsse/JSSERefGuide.html#InstallationAndCustomization" rel="nofollow noreferrer">JSSE Reference Guide.</a></p> <p>For client authentication, the <a href="http://java.sun.com/j2se/1.5.0/docs/guide/security/jsse/JSSERefGuide.html#CustomizingStores" rel="nofollow noreferrer">important properties</a> are <code>javax.net.ssl.keyStore</code> and <code>javax.net.ssl.keyStorePassword</code>. The values should be the path to the user's key store and the password for that key store's "key entries", respectively.</p> <p>When using these properties, you can create a new SSLSocket that supports client authentication like this:</p> <pre><code>SocketFactory factory = SSLSocketFactory.getDefault(); Socket socket = factory.createSocket(host, port); </code></pre> <p>Since you are using the "default" <code>SSLSocketFactory</code>, which depends on the system-wide properties, all sockets created in the JVM will authenticate with the same certificate. If you need more control than that, you have to use the "Customizable Setup" above.</p>
    singulars
    1. This table or related slice is empty.
    1. POJava Client to connect to Server with Openssl and Client Auth
      singulars
      1. PTQuestion
    1. PTAnswer
    1. USerickson
    1. USerickson
    plurals
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. VO
      singulars
      1. PO
      1. This table or related slice is empty.
      1. VTUpMod
    2. VO
      singulars
      1. PO
      1. This table or related slice is empty.
      1. VTUpMod
    3. VO
      singulars
      1. PO
      1. This table or related slice is empty.
      1. VTUpMod
    1. COI'm currently trying to get your code to work, but have some questions: 1. KeyStore.getDefaultAlgorithm() doesn't seem to exist. 2. Is there some (any) way of having a zero-configuration method of getting/generating the key stores? At the moment, I'm stymied by the "..." inside the calls to load.
      singulars
      1. PO
      1. USZarkonnen
    2. COSorry, the "KeyStore" there was wrong; I fixed that. As for initializing the key stores, yes, there is a method that uses system properties, with default values for the important properties. I'll update my answer with that.
      singulars
      1. PO
      1. USerickson
    3. COIf you need help actually creating a key pair, getting a certificate, and getting them all into a KeyStore, please ask.
      singulars
      1. PO
      1. USerickson
 

Querying!

 
Guidance
A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload