On Sat, 11 Dec 2004, Andrew M wrote:
> The only problem with this is, how do you copy an openssl {key|crt}
> pair into a keytool keystore?
No this isn't the problem. The problem is telling the SSL implementation
that you want to use this cert for client authentication. The best I can
gather is that you would need to implement a javax.net.ssl.X509KeyManager
and make chooseClientAlias() return the alias of the cert you want to use
in the keystore. Implementing a X509KeyManager does not look like an easy
thing to do though and there doesn't seem to be a good way of only
extending part of it and falling back to the default implmentation for the
rest.
Kris Jurka