JDK (Java Development Kit) Tutorials

∟SSL Client Authentication

∟SSL Client Authentication Test Result

This section provides the test result of running the SSL server program and the SSL client program. The result shows that the server and the client authenticated each other's identity correctly.

With SslReverseEchoerRevised.java and server.jks prepared on the server side, I am ready to start the server program:

>java -cp . SslReverseEchoerRevised server.jks ServerJKS ServerKey

Server socket class: 
   class com.sun.net.ssl.internal.ssl.SSLServerSocketImpl
   Socker address = 0.0.0.0/0.0.0.0
   Socker port = 8888
   Need client authentication = true
   Want client authentication = false
   Use client mode = false

Now switch to the client side, and run the client program:

java -cp . SslSocketClientRevised client.jks ClientJKS ClientKey

Socket class: class com.sun.net.ssl.internal.ssl.SSLSocketImpl
   Remote address = localhost/127.0.0.1
   Remote port = 8888
   Local socket address = /127.0.0.1:1418
   Local address = /127.0.0.1
   Local port = 1418
   Need client authentication = false
Session class: class com.sun.net.ssl.internal.ssl.SSLSessionImpl
   Cipher suite = TLS_DHE_DSS_WITH_AES_128_CBC_SHA
   Protocol = TLSv1
   PeerPrincipal = CN=my.server.com,OU=My Unit,O=My Home,L=My City...
   LocalPrincipal = CN=my.client.com,OU=My Unit,O=My Home,L=My Cit...

Welcome to SSL Reverse Echo Server. Please type in some words.
Client authentication is working!
!gnikrow si noitacitnehtua tneilC
.

Looking at the server side again, you will see messages:

Socket class: class com.sun.net.ssl.internal.ssl.SSLSocketImpl
   Remote address = /127.0.0.1
   Remote port = 1418
   Local socket address = /127.0.0.1:8888
   Local address = /127.0.0.1
   Local port = 8888
   Need client authentication = true
Session class: class com.sun.net.ssl.internal.ssl.SSLSessionImpl
   Cipher suite = TLS_DHE_DSS_WITH_AES_128_CBC_SHA
   Protocol = TLSv1
   PeerPrincipal = CN=my.client.com,OU=My Unit,O=My Home,L=My City...
   LocalPrincipal = CN=my.server.com,OU=My Unit,O=My Home,L=My Cit...

Wonderful! Everything worked I expected. Client program authenticated the server's identity ok, and server program authenticated the client's identity ok too.

Last update: 2006.

Table of Contents

 About This JDK Tutorial Book

 Downloading and Installing JDK 1.3.1 on Windows

 Downloading and Installing JDK 1.4.1 on Windows

 Downloading and Installing JDK 1.5.0 on Windows

 Downloading and Installing JDK 1.6.2 on Windows

 Date, Time and Calendar Classes

 Date and Time Object and String Conversion

 Number Object and Numeric String Conversion

 Locales, Localization Methods and Resource Bundles

 Calling and Importing Classes Defined in Unnamed Packages

 HashSet, Vector, HashMap and Collection Classes

 Character Set Encoding Classes and Methods

 Character Set Encoding Maps

 Encoding Conversion Programs for Encoded Text Files

 Socket Network Communication

 Datagram Network Communication

 DOM (Document Object Model) - API for XML Files

 SAX (Simple API for XML)

 DTD (Document Type Definition) - XML Validation

 XSD (XML Schema Definition) - XML Validation

 XSL (Extensible Stylesheet Language)

 Message Digest Algorithm Implementations in JDK

 Private key and Public Key Pair Generation

 PKCS#8/X.509 Private/Public Encoding Standards

 Digital Signature Algorithm and Sample Program

 "keytool" Commands and "keystore" Files

 KeyStore and Certificate Classes

 Secret Key Generation and Management

 Cipher - Secret Key Encryption and Decryption

 The SSL (Secure Socket Layer) Protocol

 SSL Socket Communication Testing Programs

►SSL Client Authentication

 What Is SSL Client Authentication?

 Preparing Certificates for Client Authentication

 Test Server Program for Client Authentication

 Test Client Program for Client Authentication

►SSL Client Authentication Test Result

 HTTPS (Hypertext Transfer Protocol Secure)

 References

 PDF Printing Version