Here's a simplified version of the code I'm using to perform simple HTTPS requests:
// Assume the variables host, file and postData have valid String values
final URL url = new URL("https", host, file);
final HttpURLConnection connection = (HttpURLConnection) url.openConnection();
connection.setRequestMethod("POST");
connection.setDoInput(true);
connection.setDoOutput(true);
connection.setRequestProperty("Content-length", String.valueOf(postData.length()));
final DataOutputStream output = new DataOutputStream(connection.getOutputStream());
output.writeBytes(postData);
output.close();
final InputStream input = new DataInputStream(connection.getInputStream());
for (int c = input.read(); c != -1; c = input.read()) {
System.out.print((char) c);
}
System.out.println();
input.close();
This used to work well for connecting to our server (and still does if I use http as the protocol) until recently when some security upgrades were done.
Now it's giving me the "Could not generate DH keypair" and "Prime size must be multiple of 64, and can only range from 512 to 1024 (inclusive)" errors mentioned in this question:
Java: Why does SSL handshake give 'Could not generate DH keypair' exception?
Turns out it's a known bug in Java and the recommendation is to use BouncyCastle's JCE implementation.
My question is... how do I use BouncyCastle for something like this? Or are there more alternatives?
Disclaimer: I have very little knowledge of and interest in cryptology and the underlying technology that makes HTTPS queries possible. Rather, I'd prefer to focus on my application logic and let various libraries take care of low level issues.
I checked out the BouncyCastle website and documentation and Googled to find out more about JCE etc, but all in all it's quite overwhelming and I haven't been able to find any simple code examples for doing something like the above code.