You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cxf.apache.org by fachhoch <fa...@gmail.com> on 2010/09/21 19:54:02 UTC
cxf security
Iam using ws-security using keystores.My security model :
Server has a Keystore and I imported client keystore into server keystore.
when client calls service it passes its public key and on server side I
find the same key so request is processed.
Now I heard about selfcert a certificate what is this? do I have to do
this ?
--
View this message in context: http://cxf.547215.n5.nabble.com/cxf-security-tp2848487p2848487.html
Sent from the cxf-user mailing list archive at Nabble.com.
Re: cxf security
Posted by Glen Mazza <gl...@gmail.com>.
Perhaps I should have been more clear, you *don't* need a self-signed
keystore, and they offer less protection, not more, than CA-signed
certificates.
Your question is not one that should be informally asked & answered on a
mailing list. You need to do some googling and study up on certificates if
you plan on working with them in production.
Glen
fachhoch wrote:
>
> please tell me why do we need a self signed keystore , it works without
> self signing , please tell me what is purpose of self signing
>
--
View this message in context: http://cxf.547215.n5.nabble.com/cxf-security-tp2848487p2850301.html
Sent from the cxf-user mailing list archive at Nabble.com.
Re: cxf security
Posted by fachhoch <fa...@gmail.com>.
please tell me why do we need a self signed keystore , it works without self
signing , please tell me what is purpose of self signing
--
View this message in context: http://cxf.547215.n5.nabble.com/cxf-security-tp2848487p2850172.html
Sent from the cxf-user mailing list archive at Nabble.com.
Re: cxf security
Posted by Glen Mazza <gl...@gmail.com>.
A self-signed certificate is a locally created certificate[1] that has not
been vouched for by a third party certificate authority like VeriSign. For
production use you should not be relying on them, but they are OK for
development purposes.
Glen
[1] http://www.jroller.com/gmazza/entry/using_openssl_to_create_certificates
fachhoch wrote:
>
> Iam using ws-security using keystores.My security model :
>
> Server has a Keystore and I imported client keystore into server keystore.
>
> when client calls service it passes its public key and on server side I
> find the same key so request is processed.
> Now I heard about selfcert a certificate what is this? do I have to do
> this ?
>
--
View this message in context: http://cxf.547215.n5.nabble.com/cxf-security-tp2848487p2849902.html
Sent from the cxf-user mailing list archive at Nabble.com.