Re: JSSE & SSL
Patrick Wallingford wrote:
SSLSocket socket =
((SSLSocketFactory)SSLSocketFactory.getDefault()).createSocket(host,
port);
SSLSession session = socket.getSession();
Certificate[] certs = session.getPeerCertificates();
One more question, though, how do I setup proxy for the socket if that's
needed?
Then you need to set that up yourself, and it gets more complicated. You
need to use the HTTP CONNECT method to tell your proxy to connect you to
the remote host, before you layer SSL on top of the socket you have
created. Keep in mind that you may need to authenticate to the proxy,
and a few other details.
String host;
int port;
String proxyHost;
int proxyPort;
Socket socket = new Socket();
if (proxyHost != null && proxyPort > 0 && proxyPort < 65536) {
socket.connect(new InetSocketAddress(proxyHost, proxyPort), timeout);
OutputStream os = socket.getOutputStream();
InputStream is = socket.getInputStream();
BufferedInputStream bis = new BufferedInputStream(is);
os.write("CONNECT " + host + ":" + port + " HTTP/1.0\r\n\r\n");
String response = bis.readLine();
String code = response.split(" ",3)[1];
if (code.equals("200")) {
// read the rest of the header lines
while (!bis.readLine().equals(""));
} else {
throw new IOException("Unexpected response line : " + response);
}
} else {
socket.connect(new InetSocketAddress(host, port), timeout);
}
SSLSocketFactory factory = (SSLSocketFactory)SSLSocketFactory.getDefault();
// layer SSL on top of our existing socket
SSLSocket sslSocket = (SSLSocket)factory.createSocket(socket, host,
port, true);
SSLSession session = sslSocket.getSession();
Certificate[] certs = session.getPeerCertificates();
This was written straight into my news reader, and is completely
untested. However, it is taken from working code with only a few
modifications, so the idea is sound. If you have any troubles, explore
the API calls used here, and I'm sure you'll figure it out.
Rogan