We used this functionality in the Core API as part of the process to call an external secured API. One of our partners is about to begin development on the same task in Fluent, and we'd like to give them guidance on how to proceed.
Yes. As Malcolm mentioned, one of my Avoka exchange component is using keystore to establish SSL connection.
Here is what I did
// initialize socketFactory using CA certificate on local server
String protocols = [ "TLSv1" ]
// get private key info, currently re-using password for keyStorePass
String keyStorePass = svcConn.password
byte keyData = svcConn.fileData
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType())
keyStore.load(new ByteArrayInputStream(keyData), keyStorePass.toCharArray())
SSLContext sslContext = SSLContexts.custom()
.loadKeyMaterial(keyStore, keyStorePass.toCharArray()) // load client certificate
SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(
sslContext, protocols, null, SSLConnectionSocketFactory.getDefaultHostnameVerifier())
// call service using initialized socketFactory
HttpRequest postRequest = new PostRequest(endPoint)
The Fluent API includes the SvcConn class which can provide which can be used to store binary key store data in the fileData attribute.
I would recommend reaching out to Dan who I believe is using this facility for storing credentials for Exchange components.