I install the licensing servlet in Java along with a client application that will send a request for new licenses and check existing licenses on this server. Servlet runs on Tomcat. I configured Tomcat so that it only connects to the servlet via https and this works fine.
I created a self-signed certificate using 'keytool -genkey -alias www.mysite.com -keyalg RSA -keystore license.store' , which creates a license.store file and pointed tomcat to this keystoreFile with its password asdf1234 .
When I just try to connect from the client to servlets via https in Java, I get the familiar PKIX path building failed because the certificate is not in a proxy. I tried to fix this using this sentence, resulting in the code below:
private SSLSocketFactory getSSLFactory() throws Exception { KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); InputStream is = this.getClass().getResourceAsStream("license.store"); if(is ==null) { return null; } keyStore.load(is, "asdf1234".toCharArray()); is.close(); TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); tmf.init(keyStore); SSLContext ctx = SSLContext.getInstance("TLS"); ctx.init(null, tmf.getTrustManagers(), null); return ctx.getSocketFactory(); }
After which I call:
HttpsURLConnection con = (HttpsURLConnection)url.openConnection(); con.setSSLSocketFactory(getSSLFactory());
leading to a successful connection.
Now the problem is that I only get this when copying license.store client and loading it into KeyStore.load() . It is not very safe for me to copy the private key and its password, which the server uses for the client. Is there a way to extract only the public key from license.store and use it? I searched this forum and others during the day and just can't get it.
hinsbergen
source share