Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Question: post using HTTPS

2 views
Skip to first unread message

Sasan Iman

unread,
Sep 5, 2000, 10:20:23 PM9/5/00
to


I need to post to an HTTPS server. That's all I need to do and I am not
very familiar with Java programming. What is that path of minimal effort
for me to get this done?
I hear about JSSE, SSLeay, OPENSSL, etc. etc. But I am not sure if
I need them all.

All I need to do is:

post to an https server and dump the result into a file on regular
intervals.

Thanks.

Si


Sasan Iman

unread,
Sep 6, 2000, 6:19:12 PM9/6/00
to
Please let me know if you can help with the following question. Or if you
think its too hard to do.

Spock

unread,
Sep 6, 2000, 6:44:14 PM9/6/00
to
Grab your favorite java security toolkit (all of them have SSL).

If your HTTPS server enforces client authentication you will
need to generate a keypair and get the public key certified by
a CA that the server knows about. If no client authentication
is enforced you don't need a key or certificate.

Connecting via a secure socket is just about as easy as any
other socket but the syntax will vary depending on the toolkit
you choose. Most toolkits will include sample programs and
your application sounds easy to implement based on a trivial
"show-me-the-secure-page" example.

If you implement your client as an applet downloaded from the
secure site or as an application you don't need to deal with
signing. Otherwise look under "migraine" in your dictionary...

Good luck

"Sasan Iman" <si...@el.nec.com> wrote in message
news:39B6C2DD...@el.nec.com...

Pascal Lambert

unread,
Sep 11, 2000, 5:30:23 PM9/11/00
to
Hear is a simple program that do what you try to do.
It use JSSE 1.0.1 of Sun.

------------------------------------------------------------------------------

import java.security.*;
import java.net.*;
import java.io.*;

import com.sun.net.ssl.*;
import java.security.KeyStore;
import com.sun.net.ssl.HttpsURLConnection;
import javax.net.ssl.*;
import javax.security.cert.*;
import java.security.cert.CertificateFactory;
import hostVerifier;

/*
* This example illustrates using a URL to access resources
* on a secure site.
*
* To use Sun's reference implementation of HTTPS protocol, Please set
* the following Java system property:
*
* java.protocol.handler.pkgs = com.sun.net.ssl.internal.www.protocol
*
* If you are running inside a firewall, please also set the following
* Java system properties to the appropriate value:
*
* https.proxyHost = <secure proxy server hostname>
* https.proxyPort = <secure proxy server port>
*
*/

public class SSLPostUrl {
public static void main(String[] args) {
try {

// System.setProperty ("javax.net.debug", "all"); // Active this line to
get debug info.
System.setProperty ("java.protocol.handler.pkgs",
"com.sun.net.ssl.internal.www.protocol");
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());

SSLSocketFactory factory = null;
SSLContext ctx;
KeyManagerFactory kmf;
TrustManagerFactory tmf;
KeyStore ks;

// If the server you want to connect to need a client authification
// set this block to your need.
char[] passphrase = "your password".toCharArray();
kmf = KeyManagerFactory.getInstance("SunX509");
ks = KeyStore.getInstance("PKCS12");
ks.load(new FileInputStream("your certificate.p12"), passphrase);
kmf.init(ks, passphrase);

// If the server you want to connect to have it is certificate or the
chain,
// the flag "criticality=true", then load the public certificate of the web
server.
//
// You have to choice:
// 1- Load directly the server certificate.
KeyStore ksSvr = KeyStore.getInstance("JKS");
ksSvr.load(null, null);

java.security.cert.CertificateFactory cf =
CertificateFactory.getInstance("X.509");
java.security.cert.Certificate serverCert =
cf.generateCertificate(new FileInputStream("server certificate.cer"));

ksSvr.setCertificateEntry("server", serverCert);

//
// OR
// 2- Load a keystore that already contain the web certificate.
// ksSvr.load(new FileInputStream("d:\\pascal\\ssl\\pascal.key"),
passphrase);

tmf = TrustManagerFactory.getInstance("SunX509");
tmf.init(ksSvr);

// The SSLContext is use to automatically accept server certitificate
// and to automatically send YOUR certificate if required.
ctx = SSLContext.getInstance("TSLv1");
ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
factory = ctx.getSocketFactory();

// Try one of those URL if you want.
// URL url = new URL("https://www.verisign.com/");
// URL url = new URL("https://www.fortify.net/sslcheck.html");

HttpsURLConnection https = (HttpsURLConnection) url.openConnection();
https.setSSLSocketFactory(factory);
https.setRequestMethod("POST");
https.setDoInput(true);
https.setDoOutput(true);

// In this example we send a text file by the POST.
https.setRequestProperty("Content-type", "text/plain");

// You may obtionnally need to create a class that implement the
// HostNameVerifier interface in the case that the CN field of the server
// certificate is different than the hostname of th URL.
// https.setHostnameVerifier(new myOwnHostVerifier());


// By requesting an OutputStream, this will automatically initiated the
connection
// and by the fact the SSL handshake.
DataOutputStream out = new DataOutputStream(https.getOutputStream());

// open the source of data e.g. a file
DataInputStream file = new DataInputStream(
new BufferedInputStream(new FileInputStream("file to send.txt")));

// Pump the data down the output stream. This information will be
// buffered locally before being sent so as the connection can work
// out the content length before sending.
int c;
while ((c=file.read()) != -1)
out.writeByte(c);

// Open a InputStream to read the response.
BufferedReader in = new BufferedReader(new
InputStreamReader(https.getInputStream()));
String inputLine;
while ((inputLine = in.readLine()) != null)
System.out.println(inputLine);

in.close();
out.close();

} catch (Exception e) {
e.printStackTrace();
}
}
}
------------------------------------------------------------------------------

Sasan Iman wrote :

Pascal Lambert

unread,
Sep 12, 2000, 8:39:31 AM9/12/00
to

------------------------------------------------------------------------------

ksSvr.setCertificateEntry("server", serverCert);

in.close();
out.close();

Sasan Iman wrote :

> Please let me know if you can help with the following question. Or if you

Caspar von Seckendorff

unread,
Sep 12, 2000, 2:11:45 PM9/12/00
to
I am also interested in this issue, cause I'm writing a similar applet.

In article <39BE2403...@hydro.qc.ca>,


Pascal Lambert <Lambert...@hydro.qc.ca> wrote:
> Hear is a simple program that do what you try to do.
> It use JSSE 1.0.1 of Sun.
>

This is exactly my problem. I expect the user to have JRE 1.2
installed, but JSSE is not part of it and I do not want the user to
have to download JSSE and install it by hand. Is there any way to use
SSL Sockets transparently with the standart JRE 1.2 Installation?

--Caspar


Sent via Deja.com http://www.deja.com/
Before you buy.

0 new messages