Chilkat HOME .NET Core C# Android™ AutoIt C C# C++ Chilkat2-Python CkPython Classic ASP DataFlex Delphi ActiveX Delphi DLL Go Java Lianja Mono C# Node.js Objective-C PHP ActiveX PHP Extension Perl PowerBuilder PowerShell PureBasic Ruby SQL Server Swift 2 Swift 3,4,5... Tcl Unicode C Unicode C++ VB.NET VBScript Visual Basic 6.0 Visual FoxPro Xojo Plugin
(Android™) HTTPS Client Certificate using Smartcard or TokenSee more HTTP ExamplesExplains how to use a client certificate for HTTP TLS mutual authentication where the certificate and private key exists on an HSM (Smartcard or USB Token).
// Important: Don't forget to include the call to System.loadLibrary // as shown at the bottom of this code sample. package com.test; import android.app.Activity; import com.chilkatsoft.*; import android.widget.TextView; import android.os.Bundle; public class SimpleActivity extends Activity { private static final String TAG = "Chilkat"; // Called when the activity is first created. @Override public void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); CkHttp http = new CkHttp(); // To do HTTPS mutual authentication where the certificate and private key are stored // on a smartcard or token, first load the Chilkat certificate object from the smartcard/token, // and then pass the certificate object to the Http object's SetSslClientCert method. // Doing HTTP mutual authentication is the same regardless of the source of the cert + private key. // The steps are to first load the certificate from the source, then pass the cert object to the HTTP object. // Chilkat provides methods for loading the certificate from a variety of sources, such as smartcards, tokens, // .pfx/.p12 files, Windows registry-based certificate stores, PEM files, or other file formats. CkCert cert = new CkCert(); // The easiest way to load a certificate from an HSM is to call cert.LoadFromSmartcard with // an empty string argument. Chilkat will detect the HSM and will choose the most appropriate // underlying means for accessing and loading the default certificate + key from the HSM. // The underlying means could be PKCS11, ScMinidriver, or MSCNG, depending on the HSM what it // supports. // For example: // If you know the smart card PIN, it's good to set it prior to loading from the smartcard/USB token. cert.put_SmartCardPin("12345678"); // To let Chilkat discover what smartcard or token is connected, pass an empty string to LoadFromSmartcard. // When testing in this way, it's best to have only a single smartcard or token connected to the system. boolean success = cert.LoadFromSmartcard(""); if (success == false) { Log.i(TAG, cert.lastErrorText()); Log.i(TAG, "Certificate not loaded."); return; } // If there are multiple certificates stored on the smartcard/token, then // you can be more specific. See these examples: // Load a Certificate from an HSM by Common Name // Load a Certificate from an HSM by Serial Number // It may be that you need to code at a lower level with a specific // supported interface, such as PKCS11. // See these examples: // Use PKCS11 to Find a Specific Certificate // Use PKCS11 to Find a Certificate with a Specified Key Usage // Once you have the desired certificate, pass it to SetSslClientCert. // Set the certificate to be used for mutual TLS authentication // (i.e. sets the client-side certificate for two-way TLS authentication) success = http.SetSslClientCert(cert); if (success != true) { Log.i(TAG, http.lastErrorText()); return; } // At this point, the HTTP object instance is setup with the client-side cert, and any SSL/TLS // connection will automatically use it if the server demands a client-side cert. } static { System.loadLibrary("chilkat"); // Note: If the incorrect library name is passed to System.loadLibrary, // then you will see the following error message at application startup: //"The application <your-application-name> has stopped unexpectedly. Please try again." } } |
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.