It took me a bit longer than I thought to do mutual authentication but in the end, today it worked. How to present own certificates to remote party? Quite easily, 3 lines of code:
//Create KeyManagerFactory KeyManagerFactory kmf = getInstance(String algorithm, String provider); //Initialize it with content of the Keystore - it have to contain private key as well as certificate which will be send to remote server public void init(KeyStore ks, char password); //and during initializing SSLContext add: context.init(kmf.getKeyManagers(), tmf.getTrustManagers(), new SecureRandom());
So what took me so long? It appears that somehow I was losing my private key during importing it to the Keystore. Also I had to create GUI for that. Still I have to polish it a bit and finish functionalities to create Certificate Sign Request and Self Signed certificates.
Here screenshot how it looks now:
Generally compared to Certificates tab, here table showing Keystore content is smaller as I assume user rarely will need more than one certificate. However it might happen, especially when user often switch domains using the same client and different servers have different CA in it’s Truststores. I hope to finish it over weekend and then I will move to bugs from earlier part of project. There is some of them but one is particularly bad as during moving certificates from and to Exceptions it happens that content of one of the Keystores is deleted. I still didn’t figured out what is reason but soon, after finishing mutual authentication panel I should be able to look more into that.