HttpClient 4 SSL and client side certificates

Posted by Luke on Stack Overflow See other posts from Stack Overflow or by Luke
Published on 2010-05-07T03:34:32Z Indexed on 2010/05/07 3:38 UTC
Read the original article Hit count: 576

Filed under:

httpclient

|

ssl

|

https

|

client-side

|

certificate

Hi All,

I am having trouble working out how I can get get HttpClient 4 to use SSL in the way I need.

I have X https servers that I send requests to. One requires a client side certificate while the others have trusted certificates and therefore require no client side certificate. I have no issue connecting to the server requiring the client side certificate (its in my keystore), however every time I try to connect to the servers with trusted certificates, my client side certificate is offered by HttpClient and therefore fails authentication.

My question is this: is there a way for HttpClient to offer the client side certificate only to the server requiring it and not to the others?

Thanks in advance, Luke

© Stack Overflow or respective owner

Related posts about httpclient

HttpClient commons-httpclient Digest Authentication.

as seen on Stack Overflow - Search for 'Stack Overflow'
I am getting this error from a PostMethod using commons-httpclient No credentials available for DIGEST 'realm'@localhost and a 401 back from the server. I followed the example from this post java client program to send digest authentication request using HttpClient API (2) However, it still seems… >>> More
Rails : soap4r - Error while running wsdl2ruby.rb

as seen on Stack Overflow - Search for 'Stack Overflow'
when I execute Mathieu$ /Users/Mathieu/.gem/ruby/1.8/bin/wsdl2ruby.rb path --wsdl https://www.arello.com/webservice/verify.cfc?wsdl --type client --force I get at depth 0 - 20: unable to get local issuer certificate F, [2010-05-06T10:41:11.040288 #35933] FATAL -- app: Detected an exception. Stopping… >>> More
org.apache.commons.httpclient.HttpClient stuck on request

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi All I have that code : while(!lastPage && currentPage < maxPageSize){ StringBuilder request = new StringBuilder("http://catalog.bizrate.com/services/catalog/v1/us/" + " some more ..."); currentPage++; HttpClient client = new HttpClient(new MultiThreadedHttpConnectionManager()); … >>> More
HttpClient automatically retires before the response is received from server

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi all, I'm come upon a wierd problem with java HttpClient library. Specifically the library automatically retries my request (POST requests) even before the response is received from the server. Moreover the weirder problem is that this only happens on specific hosts (machines). So the end… >>> More
Java - Trying to log into website with invalid ssl certificate using httpclient

as seen on Stack Overflow - Search for 'Stack Overflow'
I'm trying to log into site with invalid ssl certificate and I have the following code. I bypass the the invalid cert by using my all certificate and then bypass the invalid Hostname by using hostnameverifier. However, the hostnameverifier does not seem to work and I still get the error message javax… >>> More

Related posts about ssl

Plesk SSL Certificate (Default cert when SSL enabled, CORRECT cert when SSL is disabled)

as seen on Server Fault - Search for 'Server Fault'
I'm running Plesk 8.6.0: I have an SSL cert installed through Plesk's admin interface. But I have a bit of an issue: When I enabled SSL for the site, and selected my cert, then restart httpd, Plesk defaults to using my self-signed default certificate. Conversely, when I disable SSL support for the… >>> More
apache renew ssl not working [on hold]

as seen on Server Fault - Search for 'Server Fault'
Downloaded a new ssl cert from go daddy and installed the cert on apache2 server put the cert in /etc/ssl/certs/ folder put the gd_bundle.crt in the /etc/ssl/ folder private key is in /etc/ssl/private/private.key I just replaced the original files with the new files, did not replace the private… >>> More
Cant connect to mysql using self signed SSL certificate

as seen on Server Fault - Search for 'Server Fault'
After creating a self-signed SSL certificate, I have configured my remote mysqld to use them (and ssl is enabled) I ssh into my remote server, and try connecting to its own mysqld using ssl (mysql server is 5.5.25).. ~> mysql -u <user> -p --ssl=1 --ssl-cert=client.cert --ssl-key=client… >>> More
How to log invalid client SSL certificate in SSL

as seen on Server Fault - Search for 'Server Fault'
I have a IIS web site which requires client certificate. I have turned off CRL checking. The client is unable to access the web site - he gets 403.17 (certificate expired) error. I would like to log the certificate he is using, becaue I think he is using the wrong certificate. Is there a way to… >>> More
Mixing SSL and non-SSL content in an Apache2 virtual host

as seen on Server Fault - Search for 'Server Fault'
I have a (hopefully) common scenario for one of my sites that I just can't seem to figure out how to deploy correctly. I have the following site and directories for example.com: These need to require SSL: /var/www/example.com/admin /var/www/example.com/order These need to be non-SSL: /var/www/example… >>> More