I am trying to achieve a mutually authenticated REST API server using spark-java and from the <a href="http://sparkjava.com/documentation.html#secure" rel="nofollow">documentation</a> I see:
secure(keystoreFilePath, keystorePassword, truststoreFilePath, truststorePassword);
... which looks like exactly what I need. However I am only able to do one way authentication of the server, the client certificate never seems to be verified against the truststore. I'm using version 2.1, any advise or pointers would be greatly appreciated.Answer1:
It seems that Spark in version 2.6.0 has added what you need. Now, there is a second version of
setWantClientAuth(true) on the underlying Jetty webserver SslContextFactory object.