SSL and Java (ciak 2)

credits: Vagamundos (from flickr)

credits: Vagamundos (from flickr)

Last time we spoke about accessing a site via HTTPS using the pure Sun way.

Today, we see the same problem, solved with the apache HttpClient libraries. This library require a keystore specified in the code. In order to generate a keystore, you will have to download a certification file as described in the previous post and then create a keystore using the keytool program. I don’t remember well how to create a new keystore with the required certificate via keytool (I did’t write it down), but reading the help of the program it should be something like:

keytool -importcert -alias <my_alias_certificate> -file <path_to_the_cer_file> -keystore myKeystore.ks

where myKeystore.ks is the name of the file containing the keystore. The pros of using this approach is that you can provide a .ks file among with the program, in a location desired and the program will use it, avoiding post-installation procedures to register the certificate on each jvm.

So, assuming to have our keystore into a sub-directory certs the code for using the site is in the pdf as usual.