azizkhani.net

I know that I know nothing

https test using certificate & keystore

clock June 13, 2014 20:58 by author Administrator

 

package org.springframework.integration.samples.rest;

import java.io.BufferedReader;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.net.MalformedURLException;
import java.net.URL;

import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

public class HttpsTest {
    public static void main(String[] args) {
        System.setProperty("javax.net.ssl.keyStore","/azizkhani/keystore.jks");
        System.setProperty("javax.net.ssl.keyStorePassword", "pass");

        // full log for debugging
        System.setProperty("javax.net.debug", "all");

        try {
            try {
                javax.net.ssl.HttpsURLConnection.setDefaultHostnameVerifier(
                        new javax.net.ssl.HostnameVerifier(){
                     
                            public boolean verify(String hostname,
                                    javax.net.ssl.SSLSession sslSession) {
                                if (hostname.equals("ansarrootca")) {
                                    return true;
                                }
                                return false;
                            }
                        });
                URL url = new URL("https://site:3443");
                InputStream is = url.openStream();
                BufferedReader in = new BufferedReader(new InputStreamReader(is));
                String inputLine = null;
                while ((inputLine = in.readLine()) != null)
                    System.out.println(inputLine);
                in.close();
                is.close();
            } catch (MalformedURLException e) {
                e.printStackTrace();
            }

        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}

 



disable java check for subject alternative names in certificate

clock June 13, 2014 20:41 by author Administrator

when i want to invoke https webservice by certificate(keystore.jks) .

i get this exception

 java.security.cert.CertificateException: No subject alternative names present

ip of webservice is 192.168.1.10 but certificate is created for 192.168.1.20

java check this in client and throw this exception 

i add host for 192.168.1.20  in my os and add this line in application

this code disable this check


javax.net.ssl.HttpsURLConnection.setDefaultHostnameVerifier(
                new javax.net.ssl.HostnameVerifier(){
            
                    public boolean verify(String hostname,
                            javax.net.ssl.SSLSession sslSession) {
                        if (hostname.equals("azizkhanihost")) {
                            return true;
                        }
                        return false;
                    }
        });

 



About the author

 Welcome to this web site . This page has two purposes: Sharing information about my professional life such as articles, presentations, etc.
This website is also a place where I would like to share content I enjoy with the rest of the world. Feel free to take a look around, read my blog


Java,J2EE,Spring Framework,JQuery,

Hibernate,NoSql,Cloud,SOA,Rest WebService and Web Stack tech...

RecentPosts

Month List

Sign In