You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@cxf.apache.org by Christopher Cheng <ch...@gmail.com> on 2013/09/04 16:35:39 UTC

Using clustering with SSL?

I am using CXF version 2.4.2 and I am trying to connect a cluster with 3 IP
addresses and I want to disable the SSL certificate check, but I found out
that SSL cert check disabled only works for the original endpoint, but not
for others in alternate addresses. How could I also configure for other
addresses as well?


Client client = ClientProxy.getClient(port);
HTTPConduit httpConduit = (HTTPConduit) client.getConduit();
TLSClientParameters tlsParams = new TLSClientParameters();
TrustManager[] trustAllCerts = new TrustManager[]{new FakeTrustManager()};
tlsParams.setTrustManagers(trustAllCerts);
tlsParams.setDisableCNCheck(true);
httpConduit.setTlsClientParameters(tlsParams);
 FailoverFeature failoverFeature = new FailoverFeature();
RetryStrategy failoverStrategy = new RetryStrategy();
List<String> alternateAddress=new ArrayList<String>();
alternateAddress.add("https://2.2.2.2:4433/MyService.asmx");
alternateAddress.add("https://3.3.3.3:4433/MyService.asmx");
failoverStrategy.setAlternateAddresses(alternateAddress);
failoverStrategy.setMaxNumberOfRetries(5);
failoverStrategy.setDelayBetweenRetries(2000);
failoverFeature.setStrategy(failoverStrategy);
failoverFeature.initialize(client , client .getBus());

Re: Using clustering with SSL?

Posted by Colm O hEigeartaigh <co...@apache.org>.

Could you try with a more recent version of CXF? It's possible that this
has been fixed in the meantime. If not then it looks like a bug, so please
raise a JIRA if the problem persists.

Colm.


On Wed, Sep 4, 2013 at 3:35 PM, Christopher Cheng <
christopher.sw.cheng@gmail.com> wrote:

> I am using CXF version 2.4.2 and I am trying to connect a cluster with 3 IP
> addresses and I want to disable the SSL certificate check, but I found out
> that SSL cert check disabled only works for the original endpoint, but not
> for others in alternate addresses. How could I also configure for other
> addresses as well?
>
>
> Client client = ClientProxy.getClient(port);
> HTTPConduit httpConduit = (HTTPConduit) client.getConduit();
> TLSClientParameters tlsParams = new TLSClientParameters();
> TrustManager[] trustAllCerts = new TrustManager[]{new FakeTrustManager()};
> tlsParams.setTrustManagers(trustAllCerts);
> tlsParams.setDisableCNCheck(true);
> httpConduit.setTlsClientParameters(tlsParams);
>  FailoverFeature failoverFeature = new FailoverFeature();
> RetryStrategy failoverStrategy = new RetryStrategy();
> List<String> alternateAddress=new ArrayList<String>();
> alternateAddress.add("https://2.2.2.2:4433/MyService.asmx");
> alternateAddress.add("https://3.3.3.3:4433/MyService.asmx");
> failoverStrategy.setAlternateAddresses(alternateAddress);
> failoverStrategy.setMaxNumberOfRetries(5);
> failoverStrategy.setDelayBetweenRetries(2000);
> failoverFeature.setStrategy(failoverStrategy);
> failoverFeature.initialize(client , client .getBus());
>



-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com