Skip to Content
author's profile photo Former Member
Former Member

web service standalone client

I trying to design a standalone client for a web service which uses X509 Certificate based Authentication.

but while attaching the certificate to the stub by using following code

SecurityProtocol securityProtocol = (SecurityProtocol) stub._getGlobalProtocols().getProtocol("SecurityProtocol");

AuthenticationContext context = securityProtocol.getAuthenticationContext();

context.addClientCertificate(certificate, null);

for the last line the documentation says it should have following syntax

addClientCertificate(X509Certificate[] certificates, PrivateKey privateKey);

I have genrated a client certificate. but what about last parameter.

OR else iwant to know weather there is any tutoral for designing Webservice client with Certificate based Authentication

Add a comment
10|10000 characters needed characters exceeded

Related questions

1 Answer

  • Posted on Feb 21, 2005 at 07:59 PM

    Authentication using X.509 client certificates (SSL mutual authentication) uses a challenge response as part of the SSL handshake.

    You need the certificate <i>and</i> the private key as for authenticating with an X.509 certificate. After all: the certificate only contains the public key and some additional text (subject name, issuer,...). So for authentication, the private key is needed.

    You may i.e. use an PKCS12 file (or .pfx in the Windows world) for reading private key and certificate from a file.

    Some code example using iaik_jce.jar (part for SAP Cryptographic toolkit for Java)

    import iaik.pkcs.pkcs12.CertificateBag;

    import iaik.pkcs.pkcs12.PKCS12;

    import java.io.FileInputStream;

    import java.security.PrivateKey;

    import java.security.cert.X509Certificate;

    //when running outside the engine, add IAIK as

    //crypto provider

    IAIK.addAs14Provider();

    PKCS12 pkcs12 = new PKCS12(new FileInputStream(file));

    pkcs12.decrypt(password.toCharArray());

    PrivateKey pk = pkcs12.getKeyBag().getPrivateKey();

    X509Certificate[] certificates = CertificateBag.getCertificates(pkcs12.getCertificateBags());

    Add a comment
    10|10000 characters needed characters exceeded

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.