I am using Apache Httpclient (commons httpclient 3.1). As of now we make a client call by specifying the physical path to a Keystore and Trustsore file. At the same time these are also confugured in Websphere 8.5.
for example at : SSL certificate and key management > Key stores and certificates > CellDefaultTrustStore > Signer certificates
How do in my code, I specify to use the Keystore and Trustsore from webshphere, rather than fetching as a physical file.
I am using the similar code as specified at here:
You can create namespace bindings holding the paths to the files so that the paths are externalized from your code.
Set up two namespace bindings in WAS, one for the keystore and one for the truststore. This is in the admin console under Environment > Naming > Name space bindings.
Set the scope to reference your application or cluster. Set the binding type to String. Set the binding identifier and name relative to lookup name prefix to a name that identifies it, like (your application)keystorefile. Give the string value as the path to the keystore on the server.
With those entries set, you can use JNDI to retrieve the keystore and truststore file locations. Spring has a JndiObjectFactoryBean that you can configure with the binding identifier and expected type in a Configuration class, with a qualifier to identify it to Spring:
@Bean @Qualifier("fooAppKeyStorePath")
public JndiObjectFactoryBean fooAppKeyStorePath() {
JndiObjectFactoryBean jndiObjectFactoryBean = new JndiObjectFactoryBean();
jndiObjectFactoryBean.setJndiName("yourBindingIdentifier");
jndiObjectFactoryBean.setExpectedType(String.class);
return jndiObjectFactoryBean;
}
The string value gets injected into configuration method arguments marked with that qualifier.