You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomee.apache.org by jmb <jm...@khiplus.fr> on 2015/10/30 15:12:13 UTC
How to bypass Check of SSL certificate ?
I am trying to invoke a Web Service over SSL, from a tomee 1.6 server, but I
get a SSLHandshakeError. The problem is that the certificate is self signed,
and is not recognized by my JVM. As it is only for test purpose, and not
production, I have been asked to bypass the certificate control. I read a
lot of stuff about how to proceed, and I have written two classes
(NaiveSSLContext and NaiveSSLSocketFactory) which purpose is to replace the
default check process.
My problem is that I don't know how to tell tomme to use these classes. I
have tried this one :
/javax.net.ssl.HttpsURLConnection.setDefaultSSLSocketFactory( new
NaiveSSLSocketFactory());/
but it doesn't work. My NaiveSSLSocketFactory is never called.
I have read that CXF client had a little more configuration to do :
/<http-conf:conduit name="*.http-conduit" >
<http-conf:tlsClientParameters
useHttpsURLConnectionDefaultSslSocketFactory="true"
/>
</http-conf:conduit>/
I don't know how to proceed, because CXF is embedded inside Tomee, and I
can't find any configuration file where to add this code.
--
View this message in context: http://tomee-openejb.979440.n4.nabble.com/How-to-bypass-Check-of-SSL-certificate-tp4676657.html
Sent from the TomEE Users mailing list archive at Nabble.com.
Re: How to bypass Check of SSL certificate ?
Posted by Adam Cornett <ad...@gmail.com>.
What I do for our test environments (which are using self signed certs) is
set the javax.net.ssl.trustStore (and javax.net.ssl.trustStorePassword)
Java system properties to point to a keystore that has imported (and fully
trusted) the cert we're using in addition to the certs stored in the JRE's
root store. That way I don't have to make any code modifications between
dev and prod.
On Fri, Oct 30, 2015 at 10:12 AM, jmb <jm...@khiplus.fr> wrote:
> I am trying to invoke a Web Service over SSL, from a tomee 1.6 server, but
> I
> get a SSLHandshakeError. The problem is that the certificate is self
> signed,
> and is not recognized by my JVM. As it is only for test purpose, and not
> production, I have been asked to bypass the certificate control. I read a
> lot of stuff about how to proceed, and I have written two classes
> (NaiveSSLContext and NaiveSSLSocketFactory) which purpose is to replace the
> default check process.
> My problem is that I don't know how to tell tomme to use these classes. I
> have tried this one :
>
> /javax.net.ssl.HttpsURLConnection.setDefaultSSLSocketFactory( new
> NaiveSSLSocketFactory());/
>
> but it doesn't work. My NaiveSSLSocketFactory is never called.
>
> I have read that CXF client had a little more configuration to do :
>
> /<http-conf:conduit name="*.http-conduit" >
> <http-conf:tlsClientParameters
> useHttpsURLConnectionDefaultSslSocketFactory="true"
> />
> </http-conf:conduit>/
>
> I don't know how to proceed, because CXF is embedded inside Tomee, and I
> can't find any configuration file where to add this code.
>
>
>
>
>
> --
> View this message in context:
> http://tomee-openejb.979440.n4.nabble.com/How-to-bypass-Check-of-SSL-certificate-tp4676657.html
> Sent from the TomEE Users mailing list archive at Nabble.com.
>
--
Adam Cornett
adam.cornett@gmail.com
(678) 296-1150