You are viewing a plain text version of this content. The canonical link for it is here.

Posted to java-user@axis.apache.org by Rodrigo Ruiz <rr...@gridsystems.com> on 2003/12/16 15:30:04 UTC

Proxying SSL certificates

Hi all,

I am developing a web service(I will call it frontend) that must act as 
a client for a second web service(backend). The backend service expects 
a user certificate for authentication purposes, and I would like to 
configure the frontend service to also require a user certificate, and 
use the incoming certificate as the credentials for the backend.  Is 
this possible?

Thanks in advance,
Rodrigo Ruiz

Re: Proxying SSL certificates

Posted by Rodrigo Ruiz <rr...@gridsystems.com>.

Thanks for all your responses. I will try another approach: having a 
"special" user only for my middleware, I will try to import the 
keys+certificates from the backend when I need them. The backend keeps a 
copy of all user certificates and keys, as they are all generated there, 
so stablishing a secure channel between both servers should maintain the 
server security, as long as the middle server is secure, of course ;-)

Best regards,
Rodrigo Ruiz

Rodrigo Ruiz wrote:

> Hi all,
>
> I am developing a web service(I will call it frontend) that must act 
> as a client for a second web service(backend). The backend service 
> expects a user certificate for authentication purposes, and I would 
> like to configure the frontend service to also require a user 
> certificate, and use the incoming certificate as the credentials for 
> the backend.  Is this possible?
>
> Thanks in advance,
> Rodrigo Ruiz
>
>

RE: Proxying SSL certificates

Posted by Rick Kellogg <rm...@comcast.net>.

Rodrigo,

It has been my experience you will not find the performance acceptable.
Using SSL once is expensive.  Multiple passes will really hurt.  Just my
opinion.

Rick


-----Original Message-----
From: Rodrigo Ruiz [mailto:rruiz@gridsystems.com] 
Sent: Tuesday, December 16, 2003 9:30 AM
To: axis-user@ws.apache.org
Subject: Proxying SSL certificates

Hi all,

I am developing a web service(I will call it frontend) that must act as 
a client for a second web service(backend). The backend service expects 
a user certificate for authentication purposes, and I would like to 
configure the frontend service to also require a user certificate, and 
use the incoming certificate as the credentials for the backend.  Is 
this possible?

Thanks in advance,
Rodrigo Ruiz