SSL Certificate Verification in Java

Question

Say I have two Java apps that I wrote: Ping.jar and Pong.jar and they get deployed and ran on two separate servers (Ping.jar deploys to srv-01.myorg.com and Pong.jar deploys to srv-02.myorg.com), and these two apps need to communicate with each other (2-way) via SSL. Let's also assume that each app has its own SSL Certificate.

• How do I, a Java programmer, code Ping and Pong to verify each other's SSL cert? Does each CA provide some kind of RESTful API that I can hit with, say, HttpClient? Does Java have its own certificate-verifying API? Are there open source third party JARs or services I can use?

I was surprised by how little turned up when I searched for this online.

Answer 1

If you're connecting using the Java SE SSL/TLS classes (e.g. SSLSocket or SSLEngine), you're using the Java Secure Socket Extension (JSSE).

It will verify the remote party's certificate according to the SSLContext that was used to create this SSLSocket or SSLEngine.

This SSLContext will be initialised with TrustManager that dictate how trust should be established.

Unless you need specific configuration, you can often rely on the default values: this will rely on the PKIX algorithm (RFC 3280) to verify the certificate against a set of trust anchors (in cacerts by default). cacerts, shipped with the Oracle JRE is a JKS keystore to which you can add additional certificates. You can add certificates explicitly using keytool for example.

You can also create an X509TrustManager based on a custom keystore programmatically (as described in this answer) and use it in a specific SSLContext that doesn't affect the default one.

In addition to this, if you're using your own protocol, you'll need to verify that the certificate you've obtained matches the host name you were looking for (see RFC 6125). Typically, you can look for the subject alternative name in the X509Certificate you get (get the first peer certificate in the chain from the SSLSession), failing that, look for the CN RDN in the Subject Distinguished Name.

Answer 2

You can get the peer certificate either by attaching a HandshakeCompletedListener to the SSLSocket and getting the certificate from the event, or else by getting the SSLSession from the SSLSocket and getting the peer certificate from the session.

SSL provides privacy, integrity, and authentication of the peer identity. Whether that peer identity is the one the application expects, and what that identity is allowed to do in the application, should be checked by the application if necessary. This is the 'authorization' step, and SSL cannot do it for you.