Use a client certificate for a service call

[Marcel Groeneweg]

If you are experiencing an issue please mention the full platform your issue applies to:
IDE: NetBeans
Desktop OS Win 7

Hi,

I have just started with Codename One and I really like it so far. For a new opportunity, we need to connect to a service that requires a client certificate for authentication. Is that even possible with a mobile device, and with Codename One?

If so, I really appreciate any tips to get it working. I already have a similar service, without certificates, the service call from the Codename One project works just fine.

Thanks in advance,

Marcel

[Shai Almog]

Hi,
thanks!
Its possible with most devices but we don't have any builtin support for that. Do you mean to actually use the certificate as an https certificate or to use it for encryption of the data?
Both might be possible with our bouncy castle port but I'm not sure about it.

[Marcel Groeneweg]

Hi Shai,

Thanks. First idea is to use the certificate as https certificate for the connection. Basically we don't want the service exposed with only user ID / password validation. I hope we can include the client certificate in the distribution and use it when connecting to the server. 

Thanks in advance for your help.

With regards,

Marcel

[Shai Almog]

Hi,
we don't have that capability at the moment since its pretty fragmented when working between devices.
You can use an encryption key (same thing as using a certificate essentially) and encrypt the authorization request using bouncy castle. You can use an algorithm like MD5 so credentials are never sent on top of the wire.
Naturally you can use HTTPS on devices when connecting with a standard certificate without a problem so you can get a double layer of security.