Show TOC Start of Content Area

Function documentation Secure Connection Factory API for HTTPS Clients  Locate the document in its SAP Library structure

Use

The AS Java can also be the client component for HTTPS connections. To use such connections in applications, we provide the secure connection factory (class: SecureConnectionFactory).

Note

Although the secure connection factory’s primary purpose is to provide the framework to set up HTTPS connections where the AS Java is the client component, you can also use the factory to establish HTTP connections.

Keystores

To be a client for HTTPS connections, the AS Java must be able to verify the identity of the servers that it connects to. For this purpose, the secure connection factory uses the trusted store keystore. Store the CA root certificates belonging to the trusted CAs in this keystore. If connections should use SSL with mutual authentication, then the AS Java must also possess its own key pair to use for SSL, along with the corresponding public-key certificate. The secure connection factory uses the credentials keystore to store these items.

Connection Types

You can use the factory to create HTTPS connections using a URL or you can create an SSL socket instance. When setting up a URL connection, you can use the secure connection factory to establish a connection that uses both the HTTP and the SSL layers. For cases where the HTTP connection is established using a different method, for example, when using extended HTTP features such as WebDav, then use the secure connection factory to create only the SSL socket.

Logging

The secure connection factory uses the AS Java’s logging API. Any debugging messages from the underlying SAP Java Cryptographic Toolkit are written to the location com.sap.security.core.server.https.IAIK using the severity level DEBUG.

Integration

The SSL routines are performed using the SAP Java Cryptographic Toolkit, which is deployed on the AS Java during the installation process.

Activities

To enable your application to be an HTTPS client for connections, the application must perform the following steps.

...

       1.      Initialize the secure connection factory.

In this step, you set up the two keystores for the secure connection factory, the trusted store and the credentials keystore.

       2.      Create the connection using an URL or create an SSL socket instance. The methods available are:

¡        CreateURLConnection

¡        CreateSocket

       3.      Manage the connection.

There are also methods available for additional functions, for example, for supporting the use of proxy servers or for comparing the target server’s host name with the server name found in its public-key certificate. For more information, see Interfaces and Classes for Using the Secure Connection Factory and the JavaDocs for the SecureConnectionFactory class.

Example

See Examples for Using the Secure Connection Factory.

 

End of Content Area