You are viewing a plain text version of this content. The canonical link for it is here.
Posted to soap-user@ws.apache.org by Pr...@cs.com on 2001/03/22 15:34:33 UTC
JSSE, SSL and Verisign Certificates
I have managed to get the stock_quotes sample to work over SSL using Apache
v2.1; unfortunately, I don't entirely understand how.
Does anyone know how JSSE automatically works if you have a certificate from
a trusted authority like Versign? JSSE must have a default keystore that is
uses. Where is it?
I have my client running on the server that has the certificate. Could it be
that my client is picking up the keystore from the server? The JSSE doc does
mention that JSSE will search for a keystore jsdkxx/jre/lib/security/cacerts.
This file does exist since the client and server are on the same machine.
What is the cacerts file and who put it there? The stock example also works
when I manually specify the jsdkxxx/jre/lib/security/cacerts keystore on the
command line.
The final question I have is regarding HttpClient. I read an article on
www.theserverside.com about HttpClient and how this should be used as the
transport for SOAP v2.0 for performance reasons...one of them being
keep-alive support. Is this something I should do for version 2.1? If I want
SSL to work, should I get HttpClient to work with SSL and use this as the
SOAP Transport?
Thanks in advance,
Prakash