This project is a companion piece to the blog post "Everything You Ever Wanted to Know About SSL (but Were Afraid to Ask)".
It is a Java 8 Spring Boot application to demonstrate two-way SSL. It enables both HTTP and HTTPS communication (with client certificates).
Unit tests use Apache's HttpClient and HttpServer:
execute_WithNoScheme_ThrowsClientProtocolExceptionInvalidHostnamehttpRequest_Returns200OKhttpsRequest_WithNoSSLContext_ThrowsSSLExceptionPlaintextConnectionhttpsRequest_With1WaySSLAndValidatingCertsButNoClientTrustStore_ThrowsSSLExceptionhttpsRequest_With1WaySSLAndTrustingAllCertsButNoClientTrustStore_Returns200OKhttpsRequest_With1WaySSLAndValidatingCertsAndClientTrustStore_Returns200OKhttpsRequest_With2WaySSLAndUnknownClientCert_ThrowsSSLExceptionBadCertificatehttpsRequest_With2WaySSLButNoClientKeyStore_ThrowsSSLExceptionBadCertificatehttpsRequest_With2WaySSLAndHasValidKeyStoreAndTrustStore_Returns200OK
Integration tests use the Spring Boot application and TestRestTemplate:
rest_OverPlainHttp_GetsExpectedResponserest_WithMissingClientCert_ThrowsSSLHandshakeExceptionBadCertificaterest_WithUntrustedServerCert_ThrowsSSLHandshakeExceptionUnableFindValidCertPathrest_WithTwoWaySSL_AuthenticatesAndGetsExpectedResponse