Skip to content
Advertisement

Including a .pem certificate in a Java HTTP request

I am currently able to access a web service that requires a client certificate using the following curl command:

curl -k -v –cert ./certificate.pem https://api.com/unit

How do I make this request in a Java application?

Notice that I need the -k flag which allows curl to make “insecure” SSL connections. This needs to be done in the Java application as well.

Advertisement

Answer

The solution to this problem was to include the server’s certificates in the Java trust store.

To download and import the above certificates of the server I used InstallCert Java code from GitHub.

The keyStore and trustStore were then defined in system properties like below:

-Djavax.net.ssl.keyStore=/home/wildfly/key.pfx
-Djavax.net.ssl.keyStorePassword=xxxx
-Djavax.net.ssl.trustStore=$JAVA_HOME/jre/lib/security/cacerts
-Djavax.net.ssl.trustStorePassword=xxxx
-Djavax.net.ssl.keyStoreType=PKCS12"
5 People found this is helpful
Advertisement