Commit 16c41a10 authored by j.hoerdt's avatar j.hoerdt
Browse files

successfull client cert authentication

parent 6ad87fa6
......@@ -13,24 +13,34 @@ import java.net.http.HttpResponse.BodyHandlers;
public class Session {
private static TrustManager[] get_trust_managers() throws Exception {
var certificate = CertificateFactory.getInstance("X.509").generateCertificate(new FileInputStream("server_cert"));
var server_self_signed_certificate = CertificateFactory.getInstance("X.509").generateCertificate(new FileInputStream("server_cert"));
var keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(null, null);
keyStore.setCertificateEntry("vm13.pid.gwdg.de", certificate);
var server_cert_public_key_store = KeyStore.getInstance(KeyStore.getDefaultType());
server_cert_public_key_store.load(null, null);
server_cert_public_key_store.setCertificateEntry("vm13.pid.gwdg.de", server_self_signed_certificate);
var trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(keyStore);
return trustManagerFactory.getTrustManagers();
var trust_manager_factory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trust_manager_factory.init(server_cert_public_key_store);
return trust_manager_factory.getTrustManagers();
}
private static KeyManager[] get_key_managers() throws Exception {
var private_key_store = KeyStore.getInstance(KeyStore.getDefaultType());
private_key_store.load(new FileInputStream("keystore.p12"), "asdfasdf".toCharArray());
var key_manager_factory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
key_manager_factory.init(private_key_store, "asdfasdf".toCharArray());
return key_manager_factory.getKeyManagers();
}
public static void main(String[] args) throws Exception {
var sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, get_trust_managers(), null);
var trust_self_signed_cert_and_provide_client_cert = SSLContext.getInstance("TLS");
trust_self_signed_cert_and_provide_client_cert.init(get_key_managers(), get_trust_managers(), null);
var client = HttpClient.newBuilder().sslContext(sslContext).connectTimeout(Duration.ofSeconds(20)).build();
var client = HttpClient.newBuilder().sslContext(trust_self_signed_cert_and_provide_client_cert).connectTimeout(Duration.ofSeconds(20)).build();
var challenge_request = HttpRequest.newBuilder(URI.create("https://vm13.pid.gwdg.de:8000/api/handles?prefix=21.11138"))
.header("Accept", "application/json")
.header("Authorization", "Handle clientCert=\"true\"")
.method("POST", BodyPublishers.noBody()).build();
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment