tags:

views:

336

answers:

1
Q: 

REST service & X.509 client-side certificate

Hello, I have developed a REST service with Apache Jersey, running on Tomcat.

It works OK, but now I have to securize it using data obtained from a X.509 client certificate. I don't know where to start...

Could you guys give me some advices?? Thank you for your valuable help.

A: 

As a starting point, you need Tomcat to perform certificate validation. There are tutorials on how to do that, here and here.

Martin v. Löwis  2009-08-31 13:22:40
If you just want to make sure that the data is encrypted and cannot be intercepted or tampered with during transmission, then you just need to configure the server certificate for 1-way SSL(and not worry about client certificates). The SSL How-To should get you going.
Mads Hansen  2009-08-31 15:46:02

related questions

Mocking WebResponse's from a WebRequest
What's the best way to learn server RESTful code?
JAX-RS Frameworks
SOAP or REST
Are REST request headers encrypted by SSL?
REST in Java
REST type API for non web based applications, Is It a good idea?
Getting started with REST
Plain text passwords in Ruby on Rails using Restful_Authentication
Where WCF and ADO.Net Data services stand?
REST how to handle query parameters when put to resource?
Any way to handle Put and Delete verbs in ASP.Net MVC?
How do you implement resource "edit" forms in a RESTful way?
Friendly URLs for ASP.NET
Possible to create REST web service with ASP.NET 2.0
Strange Rails Authentication Issue
How to respond to an alternate URI in a RESTful web service
Guide to choosing between REST vs SOAP services?
guid REST URL for ado.net dataservice call?
RESTful web services and HTTP verbs
Calling REST web services from a classic asp page
Best way to write a RESTful service "client" in .Net?
Best Practices for securing a REST API / web service
Document or RPC based web services
Modify Address Bar URL in AJAX App to Match Current State