11 August 2015

Accessing SSL site using Java HttpsURLConnection class

1.       Get certificate:





Click on marked Certificate button














Click on View Certificates



















Click on View Certificate

Copy certificate to file:






















Click on next
Enter file name e.g. C:\Users\PGadekar\Desktop\gmail.cer


Click on next


Click on finish






2.       Create keystore from gmail.cer file

-          Create directory
Ø  mkdir C:\TEMP\cert
-          Copy certificate to this directory
Ø  copy C:\Users\PGadekar\Desktop\gmail.cer C:\Temp\cert
Ø  cd C:\Temp\cert
-          Create key store using java keystore command
Ø  keytool -import -alias "GMAIL-Certificate-1" -file  gmail.cer -keystore gmailstore



We can check if certificate is added to store successfully or not by using kestory list command.



3.       Accessing the HTTPs pages
In java program
We can get certificate using following method
public static void getCertDetails() {
       String keystoreFilename = "C:\\TEMP\\cert\\gstore";
       char[] password = "changeit".toCharArray();
       String alias = "GMAIL-Certificate";
       FileInputStream fIn;
       try {
              fIn = new FileInputStream(keystoreFilename);
              KeyStore keystore = KeyStore.getInstance("JKS");
              keystore.load(fIn, password);
              Certificate cert = keystore.getCertificate(alias);
              System.out.println(cert);
       } catch (Exception e) {
              e.printStackTrace();
       }
}

                Accessing page using ssl

Create SSL Factory
public static SSLSocketFactory getSSLFactory() throws Exception {
       String keystoreFilename = "C:\\TEMP\\cert\\gmailstore";
       char[] password = "changeit".toCharArray();
       FileInputStream fIn = new FileInputStream(keystoreFilename);
       KeyStore keystore = KeyStore.getInstance("JKS");
       keystore.load(fIn, password);

       TrustManagerFactory tmf = TrustManagerFactory
                     .getInstance(TrustManagerFactory.getDefaultAlgorithm());
       tmf.init(keystore);
       SSLContext ctx = SSLContext.getInstance("TLS");
       ctx.init(null, tmf.getTrustManagers(), null);
       SSLSocketFactory sslFactory = ctx.getSocketFactory();

       return sslFactory;
}

Set the SSL factory to HttpsURLConnection connection object
public static void sendSSLRequest() throws Exception {
       SSLSocketFactory sslFactory = getSSLFactory();
       String reqURL = "https://accounts.google.com/ServiceLogin?service=mail&continue=https://mail.google.com/mail/#identifier";
       URL url = new URL(reqURL);
       HttpsURLConnection c = (HttpsURLConnection) url.openConnection();
       c.setSSLSocketFactory(sslFactory);
       HttpURLConnection conn = c;
       conn.setDoInput(true);
       conn.setRequestMethod("POST");
       conn.setDoOutput(true);
       OutputStream post = conn.getOutputStream();
       OutputStreamWriter outputWriter = new OutputStreamWriter(
                     conn.getOutputStream());

       //outputWriter.write(postContent);
       outputWriter.flush();
       outputWriter.close();
       post.flush();
       post.close();

       BufferedReader in = new BufferedReader(new InputStreamReader(
                     conn.getInputStream()));
       String inputLine, response = "";
       while ((inputLine = in.readLine()) != null) {
              response += inputLine;
       }
       in.close();
       System.out.println("URL: " + reqURL);
       System.out.println("*********************************** START");
       System.out.println(response);
       System.out.println("*********************************** END");
}

Output:
*********************************** START
  .. OUTPUT TRUNCATED  ..

*********************************** END

Add above method to following test class

import java.io.BufferedReader;
import java.io.FileInputStream;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.io.OutputStreamWriter;
import java.net.HttpURLConnection;
import java.net.URL;
import java.security.KeyStore;
import java.security.cert.Certificate;

import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManagerFactory;

public class TestKeyStore {

       public static void main(String[] args) {
              try {
                     //getCertDetails();
                     sendSSLRequest();
              } catch (Exception e) {
                     e.printStackTrace();
              }
       }

                //getCertDetails();
                // sendSSLRequest();
}


No comments:

Post a Comment