Java client certificates over HTTPS/SSL

1. Using keytool to import SSL certificates into Sun JDK

A.Download certificate through Firefox. 

B.Create cacerts file.

 keytool -import -keystore "d:/cacerts" -file d:\SERVICE.cer  
 move d:/cacerts to /java-home/lib/security/cacerts  
 keytool -v -list -keystore /java-home/lib/security/cacerts  

C.Write Jersey Client to connect https service.

 public class SSLClient {  
   private WebResource baseResource;  
   private final static MediaType RESPONSE_TYPE = MediaType.APPLICATION_JSON_TYPE;  
   public SSLClient() throws Exception {  
     ClientConfig clientConfig = new DefaultClientConfig();  
     clientConfig.getFeatures().put(JSONConfiguration.FEATURE_POJO_MAPPING, Boolean.TRUE);  
     Client client = Client.create(clientConfig);  
     baseResource = client.resource("https://xxx.xxx");  
     // Added Logging filter to make debugging easier.  
     baseResource.addFilter(new LoggingFilter());  
   }  
   public VoObject getService() {  
     return baseResource.type(RESPONSE_TYPE).get(VoObject.class);  
   }  
   public static void main(String[] args) throws Exception {  
     System.out.println(new SSLClient().getService());  
   }  
 }  

2.  Create All trust manager

A.Download certificate through Firefox. 

 public class SSLClient {  
   private WebResource baseResource;  
   private final static MediaType RESPONSE_TYPE = MediaType.APPLICATION_JSON_TYPE;  
   public SSLClient() throws Exception {  
     ClientConfig clientConfig = new DefaultClientConfig();  
     // =======================================================SSL  
     SSLContext ctx = SSLContext.getInstance("SSL");  
     ctx.init(null, getAllTrustManager(), null);  
     clientConfig.getProperties().put(  
       HTTPSProperties.PROPERTY_HTTPS_PROPERTIES,  
       new HTTPSProperties(getHostnameVerifier(), ctx)  
     );  
     // =======================================================  
     clientConfig.getFeatures().put(JSONConfiguration.FEATURE_POJO_MAPPING, Boolean.TRUE);  
     Client client = Client.create(clientConfig);  
     baseResource = client.resource("https://xxx.xxx/");  
     baseResource.addFilter(new LoggingFilter());  
   }  
   private HostnameVerifier getHostnameVerifier() {  
     return new HostnameVerifier() {  
       public boolean verify(String hostname, javax.net.ssl.SSLSession sslSession) {  
         return true;  
       }  
     };  
   }  
   // Trust all the certificates  
   private TrustManager[] getAllTrustManager() {  
     return new TrustManager[] { new X509TrustManager() {  
       public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {}  
       public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {}  
       public X509Certificate[] getAcceptedIssuers() {  
         return null;  
       }  
     } };  
   }  
   public VoService getService() {  
     return baseResource.type(RESPONSE_TYPE).get(VoService.class);  
   }  
   public static void main(String[] args) throws Exception {  
     System.out.println(new SSLClient().getService());  
   }  
 }  

References

http://stackoverflow.com/questions/3434309/accessing-secure-restful-web-services-using-jersey-client

http://www.coderanch.com/t/206450/sockets/java/SSL-client-side-trusting-untrusted