You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cxf.apache.org by "Khare, Aparna" <ap...@sap.com> on 2015/02/17 13:22:52 UTC
Implement trust all using apache cxf
Dear Colleagues,
I'm trying to implement trust all using apach cxf
Created DefaultTrustManager class
@Override
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
@Override
public void checkClientTrusted(final java.security.cert.X509Certificate[] certs,
final String authType) {
}
@Override
public void checkServerTrusted(final java.security.cert.X509Certificate[] certs,
final String authType) {
}
I have created this class implementing the x509trust manager
And then I call the trust manager using below code
TLSClientParameters tlsParams = new TLSClientParameters();
TrustManager[] trustAllCerts = new TrustManager[] { new DefaultTrustManager() };
tlsParams.setTrustManagers(trustAllCerts);
tlsParams.setDisableCNCheck(true);
conduit.setTlsClientParameters(tlsParams);
still I get certificate validation failed.
Can someone is I have missed something
Thanks,
Aparna
Re: Implement trust all using apache cxf
Posted by Colm O hEigeartaigh <co...@apache.org>.
This scenario works for me in CXF (at least 3.0.x). I've added a test here:
https://git1-us-west.apache.org/repos/asf?p=cxf.git;a=commit;h=0b81bdec
Could the problem be that the service requires client authentication? In
this case you must have a keystore with a trusted certificate on the client
side.
Colm.
On Tue, Feb 17, 2015 at 12:22 PM, Khare, Aparna <ap...@sap.com>
wrote:
> Dear Colleagues,
>
> I'm trying to implement trust all using apach cxf
>
> Created DefaultTrustManager class
> @Override
> public java.security.cert.X509Certificate[] getAcceptedIssuers() {
> return null;
> }
>
> @Override
> public void checkClientTrusted(final
> java.security.cert.X509Certificate[] certs,
> final String authType) {
> }
>
> @Override
> public void checkServerTrusted(final
> java.security.cert.X509Certificate[] certs,
> final String authType) {
> }
>
> I have created this class implementing the x509trust manager
>
> And then I call the trust manager using below code
>
> TLSClientParameters tlsParams = new TLSClientParameters();
> TrustManager[] trustAllCerts = new TrustManager[] { new
> DefaultTrustManager() };
> tlsParams.setTrustManagers(trustAllCerts);
> tlsParams.setDisableCNCheck(true);
> conduit.setTlsClientParameters(tlsParams);
>
> still I get certificate validation failed.
>
> Can someone is I have missed something
>
> Thanks,
> Aparna
>
--
Colm O hEigeartaigh
Talend Community Coder
http://coders.talend.com