1

I'm very new to this, so I don't understand most of the basics. I need to authenticate with a REST API service in Java. I have both the login/password as well as the SSL cert which both are needed to authenticate. How do I go about doing this? Looking at some of the examples that I found using HTTPClient only shows how to authenticate with a username/password only, which isn't enough in my case.

Thanks

harcot
  • 317
  • 1
  • 4
  • 7
  • See if [this question](http://stackoverflow.com/questions/875467/java-client-certificates-over-https-ssl) helps you get what you want. – goncalotomas May 26 '15 at 23:36
  • Hmm, well that post doesn't seem like it shows how to do it with a username and password as well, which is what I need unless I am misreading it. – harcot May 26 '15 at 23:50
  • what certificate? server self-signed certificate? or a client certificate given to you? – ZhongYu May 26 '15 at 23:51
  • I'm not sure the difference? I was told it is an ssl cert and I was given the file – harcot May 26 '15 at 23:56
  • It depends on what you're programming, but both servers and clients can have certificates. If you only have one, odds are that it is the server certificate. – goncalotomas May 27 '15 at 11:01

1 Answers1

1

You will need to use an HttpsURLConnection (so you are using https instead of http), and on that connection, you will need to set an "Authorization" header with the base 64 encoded user name and password in the request.

Setting up an HttpsURLConnection as mentioned in comments:

Java client certificates over HTTPS/SSL

More detailed information on certificates, key stores, and trust stores at the end of the first answer here:

Secret Key SSL Socket connections in Java

Details of setting the "Authorization" header, which is done the same way on an HttpsURLConnection as it is on an HttpURLConnection:

Preemptive Basic Auth with HttpUrlConnection?

Community
  • 1
  • 1
Warren Dew
  • 8,790
  • 3
  • 30
  • 44