For the client program to invoke a REST web service with a two-way SSL ability, you need to include the Apache HTTP components (http://hc.apache.org/) dependency to your project. The program should include the following parameters to act as a secure web service client.

• Server TrustStore file name, including the path
• Server TrustStore password
• Client KeyStore file name, including the path
• Client KeyStore password
• Client key password
• target URI

Additionally, from the client program, the following details need to be verified in order to rightly produce the HTTPS client:

1. Verify the URI protocol and confirm for a secured web request.
2. The expected server certificate must be in a trust store and the corresponding KeyTool must report trustedCertEntry when listing the contents.
3. The required user key must be in a KeyStore and the corresponding KeyTool must report PrivateKeyEntry when listing the contents.
4. Create and register a socket factory for all HTTPS connections.
5. Verify the secure port invocation, which is by default 443 and others are also allowed.
6. After validating all the preceding steps successfully, produce the response.

Once the Server application is started, run the preceding client program to successfully invoke the service and print the response. Note that, the specifics required for the two-way, SSL-enabled web service call are only mentioned in this example, not your web service implementation.