This Java library provides tools for client-side TLS operations. This project is currently stable and used in Helios.
Download the latest JAR or grab via Maven.
<dependency>
<groupId>com.spotify</groupId>
<artifactId>ssh-agent-tls</artifactId>
<version>0.0.1</version>
</dependency>This example shows how to present a static TLS certificate stored on disk.
Specify the paths of the certificate "cert.pem" and private key "key.pem" for CertKeyPaths.
Then create an instance of CertFileHttpsHandler, an implementation of HttpsHandler,
and use it to handle() the HttpsURLConnection.
final URL url = new URL("https://example.net");
final HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
final CertKeyPaths certKeyPaths = CertKeyPaths.create(Paths.get("/cert.pem"), Paths.get("/key.pem"));
final CertFileHttpsHandler certFileHttpsHandler =
HttpsHandlers.createCertFileHttpsHandler("username", false, certKeyPaths);
certFileHttpsHandler.handle(conn);This example shows how to use an SSH key pair via ssh-agent (only RSA keys are supported right now)
to sign a randomly generated X.509 certificate. Create an instance of SshAgentHttpsHandler,
an implementation of HttpsHandler, and use it to handle() the HttpsURLConnection.
import com.spotify.sshagentproxy.AgentProxies;
import com.spotify.sshagentproxy.Identity;
final URL url = new URL("https://example.net");
final HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
final AgentProxy agentProxy = AgentProxies.newInstance();
final List<Identity> identities = agentProxy.list();
final SshAgentHttpsHandler sshAgentHttpsHandler =
HttpsHandlers.createSshAgentHttpsHandler("username", false, agentProxy, identities.get(0));
sshAgentHttpsHandler.handle(conn);Any platform that has the following
- Java 7+
- Maven 3 (for compiling)
This project adheres to the Open Code of Conduct. By participating, you are expected to honor this code.