You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cxf.apache.org by "whitewolff@tiscali.it" <wh...@tiscali.it> on 2008/03/26 17:57:12 UTC
HTTPS and CXF Protocol mismatch: engine's protocol is http, the url
protocol is https
Hi guys,
I have some problems with CXF and HTTPS.
My configuration file (server side) is:
<?xml version="1.0" encoding="UTF-8"?>
<!--
** This file configures the HTTPS Server.
-->
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:sec="http://cxf.apache.org/configuration/security"
xmlns:http="http://cxf.apache.org/transports/http/configuration"
xmlns:httpj="http://cxf.apache.org/transports/http-
jetty/configuration"
xmlns:jaxws="http://java.sun.com/xml/ns/jaxws"
xsi:schemaLocation="
http://cxf.apache.org/configuration/security http:
//cxf.apache.org/schemas/configuration/security.xsd
http://cxf.apache.org/transports/http/configuration
http://cxf.apache.org/schemas/configuration/http-conf.xsd
http://cxf.apache.org/transports/http-jetty/configuration
http://cxf.apache.org/schemas/configuration/http-jetty.xsd
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-
2.0.xsd">
<http:destination name="{http://package}AnInterfacePort.http-
destination">
</http:destination>
<httpj:engine-factory bus="cxf">
<httpj:engine port="9001">
<httpj:tlsServerParameters>
<sec:keyManagers keyPassword="password">
<sec:keyStore type="JKS" password="password"
file="C:/certs/cherry.jks"/>
</sec:keyManagers>
<sec:trustManagers>
<sec:keyStore type="JKS" password="password"
file="C:/certs/truststore.jks"/>
</sec:trustManagers>
<sec:cipherSuitesFilter>
<!-- these filters ensure that a ciphersuite with
export-suitable or null encryption is used,
but exclude anonymous Diffie-Hellman key change as
this is vulnerable to man-in-the-middle attacks -->
<sec:include>.*_EXPORT_.*</sec:include>
<sec:include>.*_EXPORT1024_.*</sec:include>
<sec:include>.*_WITH_DES_.*</sec:include>
<sec:include>.*_WITH_NULL_.*</sec:include>
<sec:exclude>.*_DH_anon_.*</sec:exclude>
</sec:cipherSuitesFilter>
<sec:clientAuthentication want="true" required="true"/>
</httpj:tlsServerParameters>
</httpj:engine>
</httpj:engine-factory>
<!-- We need a bean named "cxf" -->
<bean id="cxf" class="org.apache.cxf.bus.CXFBusImpl"/>
</beans>
And the server is really simple: it basically does Service.publish
(https://localhost:9001/helloWorld, an implementor)
but then i have this exception:
Caused by: java.io.IOException: Protocol mismatch: engine's protocol
is http, the url protocol is https
Please help!
Bye
______________________________________________
Voce Senza Limiti: chiama in tutta Italia a 0 cent. SOLO 9,90 EURO AL MESE fino al 27/03/08!
http://abbonati.tiscali.it/promo/vocesenzalimiti_2603/
Re: HTTPS and CXF Protocol mismatch: engine's protocol is http, the
url protocol is https
Posted by Willem Jiang <wi...@gmail.com>.
Hi ,
How did you feed the CXF configuration to the server?
Here is a document [1]to show how to supply a configuration file to CXF.
[1]http://cwiki.apache.org/CXF20DOC/configuration.html
Willem
whitewolff@tiscali.it wrote:
> Hi guys,
> I have some problems with CXF and HTTPS.
> My configuration file (server side) is:
>
> <?xml version="1.0" encoding="UTF-8"?>
>
> <!--
> ** This file configures the HTTPS Server.
> -->
>
> <beans xmlns="http://www.springframework.org/schema/beans"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> xmlns:sec="http://cxf.apache.org/configuration/security"
> xmlns:http="http://cxf.apache.org/transports/http/configuration"
> xmlns:httpj="http://cxf.apache.org/transports/http-
> jetty/configuration"
> xmlns:jaxws="http://java.sun.com/xml/ns/jaxws"
> xsi:schemaLocation="
> http://cxf.apache.org/configuration/security http:
> //cxf.apache.org/schemas/configuration/security.xsd
> http://cxf.apache.org/transports/http/configuration
> http://cxf.apache.org/schemas/configuration/http-conf.xsd
> http://cxf.apache.org/transports/http-jetty/configuration
> http://cxf.apache.org/schemas/configuration/http-jetty.xsd
> http://www.springframework.org/schema/beans
> http://www.springframework.org/schema/beans/spring-beans-
> 2.0.xsd">
>
>
> <http:destination name="{http://package}AnInterfacePort.http-
> destination">
> </http:destination>
>
> <httpj:engine-factory bus="cxf">
> <httpj:engine port="9001">
> <httpj:tlsServerParameters>
> <sec:keyManagers keyPassword="password">
> <sec:keyStore type="JKS" password="password"
> file="C:/certs/cherry.jks"/>
> </sec:keyManagers>
> <sec:trustManagers>
> <sec:keyStore type="JKS" password="password"
> file="C:/certs/truststore.jks"/>
> </sec:trustManagers>
> <sec:cipherSuitesFilter>
> <!-- these filters ensure that a ciphersuite with
> export-suitable or null encryption is used,
> but exclude anonymous Diffie-Hellman key change as
> this is vulnerable to man-in-the-middle attacks -->
> <sec:include>.*_EXPORT_.*</sec:include>
> <sec:include>.*_EXPORT1024_.*</sec:include>
> <sec:include>.*_WITH_DES_.*</sec:include>
> <sec:include>.*_WITH_NULL_.*</sec:include>
> <sec:exclude>.*_DH_anon_.*</sec:exclude>
> </sec:cipherSuitesFilter>
> <sec:clientAuthentication want="true" required="true"/>
> </httpj:tlsServerParameters>
> </httpj:engine>
> </httpj:engine-factory>
>
>
> <!-- We need a bean named "cxf" -->
> <bean id="cxf" class="org.apache.cxf.bus.CXFBusImpl"/>
> </beans>
>
> And the server is really simple: it basically does Service.publish
> (https://localhost:9001/helloWorld, an implementor)
> but then i have this exception:
>
> Caused by: java.io.IOException: Protocol mismatch: engine's protocol
> is http, the url protocol is https
>
> Please help!
>
> Bye
>
>
>
> ______________________________________________
>
> Voce Senza Limiti: chiama in tutta Italia a 0 cent. SOLO 9,90 EURO AL MESE fino al 27/03/08!
> http://abbonati.tiscali.it/promo/vocesenzalimiti_2603/
>
>
>