You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cxf.apache.org by "Andrei Shakirin (JIRA)" <ji...@apache.org> on 2014/07/19 20:45:38 UTC
[jira] [Updated] (CXF-5652) WebClient with SSL:
javax.net.ssl.SSLHandshakeException handshake_failure
[ https://issues.apache.org/jira/browse/CXF-5652?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Andrei Shakirin updated CXF-5652:
---------------------------------
Attachment: URLConnectionTest.java
Demonstrates the client authentication problem, if SSLContext is initialized with null keyManager and trustManager.
> WebClient with SSL: javax.net.ssl.SSLHandshakeException handshake_failure
> -------------------------------------------------------------------------
>
> Key: CXF-5652
> URL: https://issues.apache.org/jira/browse/CXF-5652
> Project: CXF
> Issue Type: Improvement
> Components: JAX-RS
> Affects Versions: 3.0.0-milestone2
> Reporter: Vjacheslav Borisov
> Assignee: Andrei Shakirin
> Priority: Minor
> Attachments: URLConnectionTest.java
>
>
> I got error when using WebClient with SSL using client certificate:
> javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
> I found a way to fix this error
> KeyStore keyStore = KeyStore.getInstance("JKS");
> String trustpass = "chageit";
> File truststore = new File("/home/slavb/.java/deployment/security/trusted.clientcerts");
> keyStore.load(new FileInputStream(truststore), trustpass.toCharArray());
> KeyStore ts = KeyStore.getInstance("JKS");
> truststore = new File("/etc/ssl/certs/trusted.cacerts");
> ts.load(new FileInputStream(truststore), "".toCharArray());
> Client client = ClientBuilder.newBuilder().keyStore(keyStore, trustpass).
> trustStore(ts).build();
> And I have question, why WebClient is not working like embedded in java URLConnection or
> apache http client when I specify system properties
> -Djavax.net.ssl.trustStore=/etc/ssl/certs/trusted.cacerts
> -Djavax.net.ssl.keyStore=/home/slavb/.java/deployment/security/trusted.clientcerts
> -Djavax.net.ssl.keyStorePassword=changeit
> (i got error javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure when using SSL web client)
> Why it is need to configure ssl in code?
--
This message was sent by Atlassian JIRA
(v6.2#6252)