How do I use Java and SSL for a POST request?
2 posts in topic
Flat View  Flat View

Posted By:   Daniel_Breitner
Posted On:   Tuesday, October 7, 2008 04:11 AM

Hello everybody,

I am trying to set up a Servlet that creates a SSL-POST request to a specific web site, say http://localhost:8080/doSomething.html.

Because I am relatively new to this whole SSL - thing ;) I just wanted to ask some questions:

1) How do I send a SSL-POSt request in Java ?
2) Do I also have to provide a certificate or just the server I am connecting to ?

Best regards

Daniel Breitner

Re: How do I use Java and SSL for a POST request?

Posted By:   Robert_Lybarger  
Posted On:   Tuesday, November 25, 2008 06:27 PM

The Java code you write effectively just connects to a URL that starts with "https://" and this will induce the Java framework to handle the connection via SSL w/ no real additional work on the part of the coder. The remote server being connected to (by/from your servlet) WILL need some form of an SSL certificate to identify itself with. Exactly how that is obtained and configured is a function of the web server. The only really tricky part is that the JVM that your servlet runs with will need to "trust" the SSL certificate of the remote server. If you are using a self-signed certificate, or a certificate not signed by an of the root CAs that Java already trusts by default, then you will need to add a few "-D" arguments to specify a custom truststore (a file into which the server's certificate has been imported) to use. If you don't do this, the connection to the remote server will fail, probably silently (depending on what exceptions you catch/print). (And there are some deeper programmatic APIs to setup the truststore and that sort of thing, but the above techniques are generally the easiest to work out when you aren't overly familiar with SSL in general, the jargon, or these deeper APIs.)

Re: How do I use Java and SSL for a POST request?

Posted By:   Daniel_Breitner  
Posted On:   Tuesday, November 25, 2008 08:56 AM

1) Create a certificate

2) start a tomcat running ssl using this certificate

3) start a second tomcat using a keystore with this certificate already imported

4) use Apache HTTP Client

That´s it :)

About | Sitemap | Contact