[Info-vax] Java Is UnbeluckingFievable (was Re: Versioning fun)
Lawrence D'Oliveiro
ldo at nz.invalid
Wed Mar 27 17:16:33 EDT 2024
On Wed, 27 Mar 2024 09:11:43 -0400, Arne Vajhøj wrote:
> A relative little know fact about the JVM is that it implicit prefixes
> class names with the id of the classloader.
I currently have to use Java for a project that involves connecting to an
in-house server via HTTPS (modifying an existing app). If there is one
word that sums up the Java language and APIs, it is “bureaucracy”.
Consider setting up a TLS/SSL context. In Python, creating the context
object is one call:
sctx = ssl.SSLContext(protocol = ssl.PROTOCOL_TLS_CLIENT)
Loading a private CA cert is one call:
sctx.load_verify_locations(ca_cert_file)
Loading a cert and key for client-side authentication is one call:
sctx.load_cert_chain(client_cert_file, client_key_file)
But in Java, you first need to create a KeyStore. Load the CA cert via a
CertificateFactory and creating a TrustedCertificateEntry. Call the
factory’s generateCertificate routine to load the client cert. Then go
through a whole lot more contortions to load the client key file.
And then, you have to set up a TrustManagerFactory to create a
TrustManager, and a KeyManagerFactory to create a KeyManager, so that you
can load the contents of the KeyStore, via those two separate intermediary
objects, into an actual SSLContext for use in HTTPS connections.
More information about the Info-vax
mailing list