This project is a companion piece to the blog post "Everything You Ever Wanted to Know About SSL (but Were Afraid to Ask)".
It is a Java 8 Spring Boot application to demonstrate two-way SSL. It enables both HTTP and HTTPS communication (with client certificates).
Unit tests use Apache's HttpClient
and HttpServer
:
execute_WithNoScheme_ThrowsClientProtocolExceptionInvalidHostname
httpRequest_Returns200OK
httpsRequest_WithNoSSLContext_ThrowsSSLExceptionPlaintextConnection
httpsRequest_With1WaySSLAndValidatingCertsButNoClientTrustStore_ThrowsSSLException
httpsRequest_With1WaySSLAndTrustingAllCertsButNoClientTrustStore_Returns200OK
httpsRequest_With1WaySSLAndValidatingCertsAndClientTrustStore_Returns200OK
httpsRequest_With2WaySSLAndUnknownClientCert_ThrowsSSLExceptionBadCertificate
httpsRequest_With2WaySSLButNoClientKeyStore_ThrowsSSLExceptionBadCertificate
httpsRequest_With2WaySSLAndHasValidKeyStoreAndTrustStore_Returns200OK
Integration tests use the Spring Boot application and TestRestTemplate
:
rest_OverPlainHttp_GetsExpectedResponse
rest_WithMissingClientCert_ThrowsSSLHandshakeExceptionBadCertificate
rest_WithUntrustedServerCert_ThrowsSSLHandshakeExceptionUnableFindValidCertPath
rest_WithTwoWaySSL_AuthenticatesAndGetsExpectedResponse