SSL configuration of the RAD 6

  • goto https://url.you.want.to.open.https.connection.to url using internet explorer.
  • in the bottom of internet explorer look for padlock icon, click on that icon, goto Details tab
  • in Details tab click on “Copy to File…” button, it will open a “Certificate Export Wizard”, Click on Next button
  • in “Select the format you want to use:” click on Base-64 encoded X.509 (.CER) radio button, then click on Next button
  • give absolute path of the file name you want certifcate to export to, for example I put, C:\certificates\test.com-base64.cer
  • Run following command from command prompt–

    %JAVA_HOME%\jre\bin\keytool -v -import -trustcacerts -file <cer-file-path> -keystore <keystore-file-path>

    for example

    keytool -v -import -trustcacerts -file c:\certificates\test.com-base64.cer -keystore c:\certificates\.keystore
    Enter keystore password: topsecret
    Certificate was added to keystore
    [Saving c:\certificates\.keystore]

    Make sure c:\certificates\.keystore file not empty (if it exists), if its empty delete it. You can store multiple certificate in one keystore file, for that when you are importing certificate to keystore you need to provide alias for the certificate.
    for example–
    keytool -alias test -v -import -trustcacerts -file c:\certificates\test.com-base64.cer -keystore c:\certificates\.keystore

  • Have following system properties set to your jvm–


    -Djavax.net.ssl.trustStore=C:/certificates/.keystore
    -Djavax.net.ssl.trustStorePassword=topsecret
    -Djavax.net.ssl.keyStore=C:/certificates/.keystore
    -Djavax.net.ssl.keyStorePassword=topsecret
    -Djava.protocol.handler.pkgs=com.ibm.net.ssl.internal.www.protocol

  • list all the keys is keystore

    keytool -list -keystore c:\certificates\.keystore

NOTE
For some reason Httpclient was still failing to executeMethod after all this.

httpConnectionManagerParams.setConnectionTimeout(35*1000);

was the reason for that, (I dont know why, probable bug in httpclient I was using)

I did

httpConnectionManagerParams.setConnectionTimeout(0);

then it worked.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s