Instead of modifying the meta-inf stuff you can also call System.setProperty( "org.apache.axis.components.net.SecureSocketFactory", "com.xxx.client.util.UnsecureSocketFactory");
at the very start of your application. Either in main or init (if run as an applet). Of course you have to replace com.xxx.client.util.UnsecureSocketFactory with whatever your actual socket factory class is. In the simple case you just create a factory which creates sockets that accept any certificate, but ideally you include the self-signed server certificate in your client and check against it. Carsten -- Carsten Friedrich Capital Markets CRC Limited Level 2, 9 Castlereagh Street, Sydney NSW 2000 Tel: +61 2 9233 7999 Fax: +61 2 9236 9177 http://www.cmcrc.com Capital Markets CRC Ltd (CMCRC) - Confidential Communication The information contained in this e-mail is confidential. It is intended solely for the addressee. If you receive this e-mail by mistake please promptly inform us by reply e-mail and then delete the e-mail and destroy any printed copy. You must not disclose or use in any way the information in the e-mail. There is no warranty that this e-mail is error or virus free. It may be a private communication, and if so, does not represent the views of the CMCRC and its associates. -----Original Message----- From: Rich Bramante [mailto:[EMAIL PROTECTED] Sent: Wednesday, 12 January 2005 8:30 To: [EMAIL PROTECTED] Subject: RE: Disabling Certification validation in HTTPS Hi Christian, Take a look at this thread. http://marc.theaimsgroup.com/?l=axis-user&m=110211375809714&w=2 What we had to do was to create a custom socket factory that trusted all certs, and then point Axis at our factory class via the meta-inf stuff. -----Original Message----- From: Faucher, Christian [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 11, 2005 3:10 PM To: [EMAIL PROTECTED] Subject: Disabling Certification validation in HTTPS Hi, I have a SOAP Server that does not have (yet) its trusted certificate, but nonetheless runs in HTTPS. For instance, we can use portals on it, providing we accept the fact the server cannot authenticate itself. I run a Axis client that connects to this server, using a HTTPS:// URL. However, the client fails, saying that the server has no trusted certificate (see exception below). Is there a way in Axis to configure an Axis client to accept the SSL connection, no matter if the certificate is valid/trusted/found? Thank you in advance! Christian Faucher javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: No trusted certificate found at org.apache.axis.AxisFault.makeFault(AxisFault.java:101) at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:97) at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java: 32) at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118) at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83) at org.apache.axis.client.AxisClient.invoke(AxisClient.java:147) at org.apache.axis.client.Call.invokeEngine(Call.java:2719) at org.apache.axis.client.Call.invoke(Call.java:2702) at org.apache.axis.client.Call.invoke(Call.java:1738) at axa.Main.main(Main.java:90) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39 ) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl .java:25) at java.lang.reflect.Method.invoke(Method.java:324) at com.intellij.rt.execution.application.AppMain.main(AppMain.java:78) Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: No trusted certificate found at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.a(DashoA12275) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275) at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA12275) at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA12275) at com.sun.net.ssl.internal.ssl.SunJSSE_ax.a(DashoA12275) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(DashoA12275) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(DashoA12275) at org.apache.axis.components.net.JSSESocketFactory.create(JSSESocketFactory.ja va:186) at org.apache.axis.transport.http.HTTPSender.getSocket(HTTPSender.java:131) at org.apache.axis.transport.http.HTTPSender.writeToSocket(HTTPSender.java:370) at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:88) ... 13 more Caused by: sun.security.validator.ValidatorException: No trusted certificate found at sun.security.validator.SimpleValidator.buildTrustedChain(SimpleValidator.jav a:304) at sun.security.validator.SimpleValidator.engineValidate(SimpleValidator.java:1 07) at sun.security.validator.Validator.validate(Validator.java:202) at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(DashoA1 2275) at com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(DashoA1 2275) ... 23 more Exception in thread "main" "Ce message est confidentiel, a l'usage exclusif du destinataire ci-dessus et son contenu ne represente en aucun cas un engagement de la part de AXA, sauf en cas de stipulation expresse et par ecrit de la part de AXA. Toute publication, utilisation ou diffusion, meme partielle, doit etre autorisee prealablement. Si vous n'etes pas destinataire de ce message, merci d'en avertir immediatement l'expediteur." "This e-mail message is confidential, for the exclusive use of the addressee and its contents shall not constitute a commitment by AXA, except as otherwise specifically provided in writing by AXA. Any unauthorized disclosure, use or dissemination, either whole or partial, is prohibited. If you are not the intended recipient of the message, please notify the sender immediately."