You are viewing a plain text version of this content. The canonical link for it is here.

Posted to soap-user@ws.apache.org by Pr...@cs.com on 2001/03/22 15:34:33 UTC

JSSE, SSL and Verisign Certificates

I have managed to get the stock_quotes sample to work over SSL using Apache 
v2.1; unfortunately, I don't entirely understand how.

Does anyone know how JSSE automatically works if you have a certificate from 
a trusted authority like Versign? JSSE must have a default keystore that is 
uses. Where is it? 

I have my client running on the server that has the certificate. Could it be 
that my client is picking up the keystore from the server? The JSSE doc does 
mention that JSSE will search for a keystore jsdkxx/jre/lib/security/cacerts. 
This file does exist since the client and server are on the same machine. 
What is the cacerts file and who put it there? The stock example also works 
when I manually specify the jsdkxxx/jre/lib/security/cacerts keystore on the 
command line.

The final question I have is regarding HttpClient. I read an article on 
www.theserverside.com about HttpClient and how this should be used as the 
transport for SOAP v2.0 for performance reasons...one of them being 
keep-alive support. Is this something I should do for version 2.1? If I want 
SSL to work, should I get HttpClient to work with SSL and use this as the 
SOAP Transport?

Thanks in advance,
       Prakash