KeyStore, HttpClient, and HTTPS: Can someone explain this code to me?

Posted by stormin986 on Stack Overflow See other posts from Stack Overflow or by stormin986
Published on 2010-04-29T23:44:45Z Indexed on 2010/04/30 0:17 UTC
Read the original article Hit count: 335

Filed under:

java

|

keystore

|

httpclient

|

https

I'm trying to understand what's going on in this code.

KeyStore trustStore  = KeyStore.getInstance(KeyStore.getDefaultType());        
FileInputStream instream = new FileInputStream(new File("my.keystore")); 
try {
    trustStore.load(instream, "nopassword".toCharArray());
} finally {
    instream.close();
}

SSLSocketFactory socketFactory = new SSLSocketFactory(trustStore);
Scheme sch = new Scheme("https", socketFactory, 443);
httpclient.getConnectionManager().getSchemeRegistry().register(sch);

My Questions:

trustStore.load(instream, "nopassword".toCharArray()); is doing what exactly? From reading the documentation load() will load KeyStore data from an input stream (which is just an empty file we just created), using some arbitrary "nopassword". Why not just load it with null as the InputStream parameter and an empty string as the password field?

And then what is happening when this empty KeyStore is being passed to the SSLSocketFactory constructor? What's the result of such an operation?

Or -- is this simply an example where in a real application you would have to actually put a reference to an existing keystore file / password?

© Stack Overflow or respective owner

Related posts about java

Tomcat 6: Access Control Exception?

as seen on Server Fault - Search for 'Server Fault'
I'm trying to setup a tomcat6 server, and I'm trying to match another setup someone else established. However, my deployment (default Ubuntu install) uses a policy.d/ directory structure, and the established server just uses a catalina.policy file. I've tried setting every entry in policy.d to match… >>> More
Problem in creation MDB Queue connection at Jboss StartUp

as seen on Stack Overflow - Search for 'Stack Overflow'
I am not able to create a Queue connection in JBOSS4.2.3GA Version & Java1.5, as I am using MDB as per the below details. I am putting this MDB in a jar file(named utsJar.jar) and copied it in deploy folder of JBOSS, In the test env. this MDB works well but in another env. [ env settings and… >>> More
failing to establish connection between Postgres db and gwt

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi, I am using Postgres and gwt 2.0 for one of my applications. I am facing problem connecting to the database. When I try to connect it gives "ClassNotFoundException". Here is what I get when I try to connect to database: java.lang.ClassNotFoundException: org.postgresql.Driver at java.net… >>> More
failing to establish connection between postgre db and gwt

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi, For i am using postgre and gwt 2.0 for one of my applications. I am facing problem connecting to the database. When i try to connect it gives "ClassNotFoundException". Here is what i get when i try to connect to database: java.lang.ClassNotFoundException: org.postgresql.Driver at java.net… >>> More
Migration and deployement problems JBoss 4.2.2.GA to JBoss 6.0.0.M2

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi, I'm trying to migrate an application running on JBoss 4.2.2.GA to JBoss 6.0.0.M2 I give you some log to explain my problem : boot.log : 2010-03-16 09:59:29,406 ERROR [org.jboss.system.server.profileservice.ProfileServiceBootstrap] (Thread-2) Failed to load profile: Summary of incomplete deployments… >>> More

Related posts about keystore

iPack -The iOS Application Packager

as seen on Oracle Blogs - Search for 'Oracle Blogs'
iOS applications are distributed in .ipa archive files. These files are regular zip files which contain application resources and executable-s. To protect them from unauthorized modifications and to provide identification of their sources, the content of the archives is signed. The signature… >>> More
Axis over SSL and authentication with a PKCS#12 keystore

as seen on Stack Overflow - Search for 'Stack Overflow'
I have PKCS#12 keystore that I've sucessfully imported in my browser for accessing a server that needs 2-way SSL authentication. Works perfectly reaching any https URL there. However, I'm unable to access an URL in the same server, and from the same host when using Axis 1.4. The given Axis faultString… >>> More
Import .pem public and private keys to JKS keystore

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi, I have public and private keys in separate .pem files that I would need to get into a JKS keystore somehow. Tried using the -import command in KeyTool for this, which gives an "not an X.509 certificate" error. I'm guessing the solution has to do with OpenSSL, but I'm not entirely sure what… >>> More
Accessing xml from jsp on tomcat server is throwing FileNotFoundException trying to access .keystore

as seen on Stack Overflow - Search for 'Stack Overflow'
I am trying to access an XML file from JSP on my Tomcat server. The error is from Catalina's protocol handler and the exception is java.io.FileNotFoundException trying to access my .keystore in the 'documents and settings' folder for my signed-on user (with admin, but not the user that installed… >>> More
2 way SSL between SOA and OSB

as seen on Oracle Blogs - Search for 'Oracle Blogs'
If you have a need to use 2 way SSL between SOA composite and external partner links, you can follow these steps. Create the identity keystores, trust keystores, and server certificates. Setup keystores and SSL on WebLogic Setup server to use 2 way SSL Configure your SOA… >>> More