Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
HTTPS - Breaking client authentication on server side
See original GitHub issueHi Guys,
When you don’t specify a sslSocketFactory okhttp recreate a TLS SSLcontext instead of using SSLContext.getDefault. Doing so you init the SSLContext without giving the default keyStore and this break server side client certificate authentication.
In a system where you configure your trustCertificate and keyStore using system properties like “javax.net.ssl.keyStore” & “javax.net.ssl.trustStore” , java merge them and init the SSLContext.getDefault for you. Basically you just need to get the socketFactory from that default context.
To make sure the sslsocket factory contain my client certificate from the keystore I have to call
OkHttpClient.builder.slSocketFactory(**SSLContext.getDefault().getSocketFactory**, trustManager)
Let me know if you guys need something or if i got it wrong I will try to follow with a pull request.
Best,
Issue Analytics
- State:
- Created 4 years ago
- Comments:19 (2 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
Won’t fix.
Let me know how you go, if you are still stuck I can take a look at the weekend.
I will try to make a clean sample of the CapturingTrustManager and make it smart enough to log the issue, as I think it might simplify a lot of these types of investigations.