Path: csiph.com!x330-a1.tempe.blueboxinc.net!feeder1.hal-mli.net!news.glorb.com!news-out.readnews.com!news-xxxfer.readnews.com!news-out.news.tds.net!newsreading01.news.tds.net!86597e80!not-for-mail From: "Ronny Schuetz" Subject: Re: Secure Sopckets and M Message-ID: <6lmc80Fd5u7tU1@mid.individual.net> X-Comment-To: comp.lang.java.security Newsgroups: comp.lang.java.security In-Reply-To: References: Content-Type: text/plain; charset=IBM437 Content-Transfer-Encoding: 8bit X-Gateway: time.synchro.net [Synchronet 3.15a-Win32 NewsLink 1.92] Lines: 29 Date: Wed, 27 Apr 2011 16:08:41 GMT NNTP-Posting-Host: 96.60.20.240 X-Complaints-To: news@tds.net X-Trace: newsreading01.news.tds.net 1303920521 96.60.20.240 (Wed, 27 Apr 2011 11:08:41 CDT) NNTP-Posting-Date: Wed, 27 Apr 2011 11:08:41 CDT Organization: TDS.net Xref: x330-a1.tempe.blueboxinc.net comp.lang.java.security:195 To: comp.lang.java.security dave.clarke@reflective.com wrote: > Using JDK 6 (embedded JSSE) we need some code that can set up an SSL > socket for an HTTPS connection where BOTH server and client > certifricates can be exchanged. > > We have tried all sorts of things, but I wonder if someone out there > has a code fragment we can look at which is known to work. For SSLServerSockets, you just need a flag to request the client certificate during the handshake: http://java.sun.com/javase/6/docs/api/javax/net/ssl/SSLSocket.html#setNeedClientAuth(boolean) The client certificate can be retrieved from the SSLSession after the handshake. It is up to the server to request the client certificate, i.e. if you're working on a client, I don't think that you can send your certificate to the server by your own in a SSL compliant way if the server didn't requested it. Ronny --- * Synchronet * The Whitehouse BBS --- whitehouse.hulds.com --- check it out free usenet! --- Synchronet 3.15a-Win32 NewsLink 1.92 Time Warp of the Future BBS - telnet://time.synchro.net:24