Hello,
What’s going on this week? I started working on next and the last big feature which is client side authentication. Support for it will allow for response to server certificate request from client. If we add it to server side authentication then we can say that it is Mutual Authentication. It isn’t so wide used as usually server presenting it’s certificates to the client is enough. Nonetheless if server is meant to connect only to trusted clients then it is nice feature.
Adding client side authentication require to provide to client’s certificate chain and having private key for decryption. Overly this adding client side authentication seems simpler than validating chain of certificates received from server. As I understand it for now I have to only create instance KeyManagerFactory and initialize it with credentials which will be provided by SSLContext to the server. As part of implementation of mutual authentication I intend to add utilities for creating certificate signing request and self signed certificates. So far this with proper KeyStore managing and connect it well with GUI can give me some headache but I hope to overcome any problems soon. There is still some things I am yet to figure how to do but I know general direction for implementing mutual authentication.
See you next week,
Paweł