You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-user@axis.apache.org by Vijay R <vi...@sakinfotech.co.in> on 2003/01/13 13:32:17 UTC

SSL Client

Hello,

	I'm using Apache Axis on Tomcat 4.1. I've made SSL setup for the Tomcat
server in the following way

	1) Created a server.keystore
	2) Exported to server.crt
	3) Created a client.keystore
	4) Exported to client.crt
	5) Imported client.crt to server.keystore
	6) Imported server.crt to client.keystore

	and this is my server.xml for SSL setup

   <Connector className="org.apache.catalina.connector.http.HttpConnector"
              port="8443" minProcessors="5" maxProcessors="75"
              enableLookups="true"
              acceptCount="10" debug="0" scheme="https" secure="true">
     <Factory className="org.apache.catalina.net.SSLServerSocketFactory"
              keystoreFile="C:\Program Files\Apache Group\Tomcat
4.1\conf\server.keystore"
              keystorePass="password"
              clientAuth="false" protocol="TLS"/>
   </Connector>

This works fine - I'm able to see the page https://localhost:8443. But if I
declare clientAuth="true" in server.xml.
I couldn't hit the https://localhost:8443 page.


My Client SOAP client code looks like this

        System.setProperty("javax.net.ssl.trustStore","C:\\Program
Files\\Apache Group\\Tomcat 4.1\\conf\\client.keystore");

System.setProperty("java.protocol.handler.pkgs","com.sun.net.ssl.internal.ww
w.protocol");
        Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());

         Options options = new Options(arg);

         String endPointURL = options.getURL();
         arg = options.getRemainingArgs();


         Service service = new Service();
         Call call = (Call) service.createCall();

         call.setTargetEndpointAddress(new java.net.URL(endPointURL));
         call.setOperationName("testMethod");
         call.addParameter("name",XMLType.XSD_STRING,ParameterMode.IN);
         call.setReturnType(XMLType.XSD_STRING);

         String response = (String) call.invoke(new Object[] {arg[0]});

         System.out.println("Webservice Message: " + response);
      } catch(Exception e) {
         System.err.println("Exception: " + e);
      }

This says:
 javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate

Can anyone help me?

Thanks,
Vijay R