|
|||||||||
PREV PACKAGE NEXT PACKAGE | FRAMES NO FRAMES |
See:
Description
Interface Summary | |
---|---|
PKCS12Https.PKCS12Communicator | Interface for PKCS12Https communication with the user. |
SURFCAHttps.SURFCACommunicator | Interface for SURFCAHttps communication with the user. |
Class Summary | |
---|---|
CAConnection | This class provides methods to post data to a (CA) website and retrieve and store the response. |
CAHttps | Abstract class for communication to a Certificate Authority (CA), an implementation should include methods to initialize (e.g authenticate at an Online CA) and to retrieve and store a certificate. |
PKCS12Https | Implementation of the abstract CAHttps for importing a
PKCS12 file from disk. |
PKCS12Https.StdioComm | This Implementation uses only stdio/stderr for I/O. |
SURFCAHttps | Implementation of the abstract CAHttps for obtaining a
certificate from the SURFnet online CA. |
SURFCAHttps.StdioComm | Implementation of a SURFCAHttps.SURFCACommunicator using simple text via
stdin/stderr/stdout. |
TestSURFCA | Test class providing a TestSURFCA.main(String[]) method to test
SURFCAHttps and PKCS12Https . |
Provides classes to communicate with an online CA, in particular the one implemented by SURFnet in collaboration with the Max Planck Institute for Psycholinguistics and Nikhef, in order to setup client-side authentication for https connections.
For testing purposes a
main()
method is provided
by TestSURFCA
, which shows
PKCS12Https
and
SURFCAHttps
. It can be called using e.g.:
java -D... -jar slcshttps_jdk15_v0.1.jar "https://www.nikhef.nl/~msalle/cert/showcert?nohtml=1"where ... denote any of the following properties:
nl.nikhef.slcshttps.CERT_URL
CSR
to, and
get the Certificate from as response. Used by SURFCAHttps
.
nl.nikhef.slcshttps.AUTH_URL
http(s)://
or uses it as a postfix to the value of
nl.nikhef.slcshttps.CERT_URL
and then adds the CSR hash. Used by
SURFCAHttps
.
nl.nikhef.slcshttps.comm
stdio
or popups for user
communication by classes SURFCAHttps
, PKCS12Https
and TrustManagerImpl
. For SURFCAHttps
another way to communicate is used by the SURFCAInitDialog
which hence also ignores this setting
by implementing and empty SURFCAHttps.SURFCACommunicator
. Other applications using
this package probably want to provide their own implementations of these
communicator interfaces
SURFCAHttps.SURFCACommunicator
,
PKCS12Https.PKCS12Communicator
and
TrustManagerImpl.TrustCommunicator
.stdio popup
nl.nikhef.slcshttps.https
HttpsURLConnection
or HttxURLConnection
(which is firefox-like in its
asking for confirmation about invalid server certificates). The default is to
use "mask"
, which means it's behaving as if only
HttxURLConnection
is used, but in practise also
HttpsURLConnection
is setup for using the client side certificates.
Value "both"
does practically the same except for the
CAPanel
/SerialPanel
classes: value "both"
will
show for both HttpsURLConnection
and HttxURLConnection
which certificate is in use for client side authentication, while value
"mask"
will only show HttxURLConnection
(although both
will be set).https httx both mask
nl.nikhef.slcshttps.acknowledge
true false
|
|||||||||
PREV PACKAGE NEXT PACKAGE | FRAMES NO FRAMES |
nl.nikhef.slcshttps | Mischa Sallé - msalle(AT)nikhef.nl |