You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-user@axis.apache.org by Frank Zhou <fc...@yahoo.com> on 2006/12/21 01:10:30 UTC
Secure socket layer (SSL) connection problem
Hi All,
I am encounting a problem with setting up secure
socket layer connecttion between my TOMCAT web server
and my web service client (using AXIS 1.2 bit not a
browser client). My situation is this, in my web
service client, I need to tell the full client
keystore path to the application. And basically, I
have NO problem configuring the TOMCAT server to
accept https connection (through generating
keystore/cert et cetera), and in the client side, I
also have NO problem configuring it to have an HTTPS
connection with the server (through port 8443).
Now if I give an INCORRECT client keystore path to the
application, I got an error saying something like "no
trusted certificate found", which is expected.
However, the problem occurs that if I subsequently
give the CORRECT keystore path, I still get the same
error. I had to stop my job server services (a
component of my application) and then the HTTPS
connection will work.
Similarly, if the first time I give the correct client
keystore path, the https connection works, and if
subsequently I give an INCORRECT keystore path, it
still works. Seems like the web server always
remembers the keystore the first it is given.
I debugged my client code and seems like every time
when the client makes a call, it is CORRECTly giving
the current keystore path.
Any ideas what could be the cause for this? Thanks
much in advance.
Frank
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org
Re: Secure socket layer (SSL) connection problem
Posted by Martin Gainty <mg...@hotmail.com>.
Hi Frank
In Axis 2 the only way I could figure is to stop and start the Servlet (axisServlet) with updates to the servlet in between as in so the servlet picking up
new configuration
try {
MessageContext mc = new MessageContext();
mc.getConfigurationContext().getListenerManager().stop();
//make the changes to AxisServlet SSL Listener
mc.getConfigurationContext().getListenerManager().start();
} catch (AxisFault axisFault) {
log.info(axisFault.getMessage());
}
in Axis 1.3 there is ClientSigningHandler.java which demonstrates how to construct a SignedEnvelope based on 4 parameters
try {
MessageContext msgContext = new MessageContext();
SignedSOAPEnvelope signedEnvelope = new SignedSOAPEnvelope(msgContext, msgContext.getRequestMessage().getSOAPEnvelop(), "http://xml-security", getOption("keystore") );
requestMessage = new Message(signedEnvelope);
msgContext.setCurrentMessage(msgContext.getRequestMessage());
} catch (AxisFault axisFault)
{
log.info(axisFault.getMessage());
}
Anyone else?
M-
---------------------------------------------------------------------------
This e-mail message (including attachments, if any) is intended for the use of the individual or entity to which it is addressed and may contain information that is privileged, proprietary , confidential and exempt from disclosure. If you are not the intended recipient, you are notified that any dissemination, distribution or copying of this communication is strictly prohibited.
---------------------------------------------------------------------------
Le présent message électronique (y compris les pièces qui y sont annexées, le cas échéant) s'adresse au destinataire indiqué et peut contenir des renseignements de caractère privé ou confidentiel. Si vous n'êtes pas le destinataire de ce document, nous vous signalons qu'il est strictement interdit de le diffuser, de le distribuer ou de le reproduire.
----- Original Message -----
From: "Frank Zhou" <fc...@yahoo.com>
To: <ax...@ws.apache.org>
Sent: Wednesday, December 20, 2006 7:10 PM
Subject: Secure socket layer (SSL) connection problem
> Hi All,
>
> I am encounting a problem with setting up secure
> socket layer connecttion between my TOMCAT web server
> and my web service client (using AXIS 1.2 bit not a
> browser client). My situation is this, in my web
> service client, I need to tell the full client
> keystore path to the application. And basically, I
> have NO problem configuring the TOMCAT server to
> accept https connection (through generating
> keystore/cert et cetera), and in the client side, I
> also have NO problem configuring it to have an HTTPS
> connection with the server (through port 8443).
>
> Now if I give an INCORRECT client keystore path to the
> application, I got an error saying something like "no
> trusted certificate found", which is expected.
> However, the problem occurs that if I subsequently
> give the CORRECT keystore path, I still get the same
> error. I had to stop my job server services (a
> component of my application) and then the HTTPS
> connection will work.
>
> Similarly, if the first time I give the correct client
> keystore path, the https connection works, and if
> subsequently I give an INCORRECT keystore path, it
> still works. Seems like the web server always
> remembers the keystore the first it is given.
>
> I debugged my client code and seems like every time
> when the client makes a call, it is CORRECTly giving
> the current keystore path.
>
> Any ideas what could be the cause for this? Thanks
> much in advance.
>
> Frank
>
> __________________________________________________
> Do You Yahoo!?
> Tired of spam? Yahoo! Mail has the best spam protection around
> http://mail.yahoo.com
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-user-help@ws.apache.org
>
>