If the web service uses an HTTPS connection, then this will communicate using SSL. SSL, or Secure Socket Layer, is a technology which allows the web service client and remote web service server to communicate over a secured connection. The data is encrypted before being transmitted and decrypted when the data is received before processing. This is a two-way process, meaning that both the server AND the browser encrypt all traffic before sending out data. A certificate is required for SSL communication.
A public key certificate (known just as a certificate) is a digitally-signed statement that binds the value of a public key to the identity of the person, device, or service that holds the corresponding private key. One of the main benefits of certificates is that passwords are not needed for individual clients who need to be authenticated as a prerequisite to access. Instead, the host merely establishes trust in a certificate issuer.
Most certificates used are based on the X.509v3 certificate standard.
Certificates contain the following information:
A Certificate Authority (CA) is an organization that issues certificates to other organizations that wish to prove their identity. The CA asks the certificate requester to provide information about itself and the CA gives back a certificate in return. The returned certificate is chained to the root certificate, establishing a chain of trust. In this way someone dealing with a company identifying itself through a certificate issued by a certain CA doesn't have to trust every company, but it is sufficient to trust the root CA.
Java (J2SE) recognises the common root certificates Verisign, Twarte etc...; these
are stored in the JRE's lib/security/cacerts truststore. But sometimes
the certificate is not recognised and the certificate must be imported into a
Java keystore.
If the web service provider is using a self-signed
certificate or one signed by an in-house CA, it must be imported and saved in
the keystore of the client Java system. A keystore is a file that contains all the trusted
certificates available for HTTPS communication between Verj.io
and the remote web service server. Certificates can be imported into the keystore using java’s keytool
utility. The keytool is part of the standard Java
Development Kit (JDK) shipment and can be found in the $JDK_HOME/bin directory.
If the
certificate has not been imported, a call to the web service may throw an
exception such as: "ValidatorException: PKIX
path building failed: sun.security.provider.certpath.SunCertPathBuilderException:
unable to find valid certification path to requested target".
If the certificate has been signed by one of the recognised CAs, the certificate does not normally need to be imported.
Follow the instructions below to import a certificate. This example uses Internet Explorer 9 to obtain the certificate, but other browsers or equivalent tools can also be used.
If you already
have the Certificate .cer file then proceed to step
9.
Import the certificate into the Java key store
Import a certificate into the studio
Import a certificate into the server