Authentication using X.509 client certificates (SSL mutual authentication) uses a challenge response as part of the SSL handshake.
You need the certificate <i>and</i> the private key as for authenticating with an X.509 certificate. After all: the certificate only contains the public key and some additional text (subject name, issuer,...). So for authentication, the private key is needed.
You may i.e. use an PKCS12 file (or .pfx in the Windows world) for reading private key and certificate from a file.
Some code example using iaik_jce.jar (part for SAP Cryptographic toolkit for Java)
import iaik.pkcs.pkcs12.CertificateBag;
import iaik.pkcs.pkcs12.PKCS12;
import java.io.FileInputStream;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
//when running outside the engine, add IAIK as
//crypto provider
IAIK.addAs14Provider();
PKCS12 pkcs12 = new PKCS12(new FileInputStream(file));
pkcs12.decrypt(password.toCharArray());
PrivateKey pk = pkcs12.getKeyBag().getPrivateKey();
X509Certificate[] certificates = CertificateBag.getCertificates(pkcs12.getCertificateBags());
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.