Skip to content

A Spring Boot application to demonstrate two-way SSL (client certificates) with unit and integration tests

Notifications You must be signed in to change notification settings

robinhowlett/everything-ssl

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
 
 
 
 
 
 
 
 

Repository files navigation

Everything You Ever Wanted to Know About SSL (but Were Afraid to Ask)

This project is a companion piece to the blog post "Everything You Ever Wanted to Know About SSL (but Were Afraid to Ask)".

It is a Java 8 Spring Boot application to demonstrate two-way SSL. It enables both HTTP and HTTPS communication (with client certificates).

Unit tests use Apache's HttpClient and HttpServer:

  • execute_WithNoScheme_ThrowsClientProtocolExceptionInvalidHostname
  • httpRequest_Returns200OK
  • httpsRequest_WithNoSSLContext_ThrowsSSLExceptionPlaintextConnection
  • httpsRequest_With1WaySSLAndValidatingCertsButNoClientTrustStore_ThrowsSSLException
  • httpsRequest_With1WaySSLAndTrustingAllCertsButNoClientTrustStore_Returns200OK
  • httpsRequest_With1WaySSLAndValidatingCertsAndClientTrustStore_Returns200OK
  • httpsRequest_With2WaySSLAndUnknownClientCert_ThrowsSSLExceptionBadCertificate
  • httpsRequest_With2WaySSLButNoClientKeyStore_ThrowsSSLExceptionBadCertificate
  • httpsRequest_With2WaySSLAndHasValidKeyStoreAndTrustStore_Returns200OK

Integration tests use the Spring Boot application and TestRestTemplate:

  • rest_OverPlainHttp_GetsExpectedResponse
  • rest_WithMissingClientCert_ThrowsSSLHandshakeExceptionBadCertificate
  • rest_WithUntrustedServerCert_ThrowsSSLHandshakeExceptionUnableFindValidCertPath
  • rest_WithTwoWaySSL_AuthenticatesAndGetsExpectedResponse

About

A Spring Boot application to demonstrate two-way SSL (client certificates) with unit and integration tests

Resources

Stars

Watchers

Forks

Packages

No packages published

Languages