I've got a TOMCAT application that pulls data from a Web Service and just
recently the Web Service was hardened to require client certificates.
I debugged all my certificate issues and got my Java class that talks to the
Web Service working just fine as a stand-alone app. However, I'm having
trouble getting it to work within Tomcat. My certificate is not being sent
to the Web Service.
This is how I initialize my keystore and truststore:
System.setProperty("javax.net.ssl.trustStore",
"c:\\certs\\datahub.keystore");
System.setProperty("javax.net.ssl.trustStorePassword","turstpass");
System.setProperty("javax.net.ssl.keyStore",
"c:\\certs\\SDXWebservice.pfx");
System.setProperty("javax.net.ssl.keyStorePassword","keypass");
System.setProperty("javax.net.ssl.keyStoreType", "PKCS12");
I'm using Tomcat 6 and JRE 1.6.
My web app is not secure and I had been using the out-of-the-box server.xml
file, but I've been playing with an SSL connector on 8443, but I still can't
get it to work and am not sure if I need to add this connector or not.
I'm not a security expert at all and have really been struggling with this
for far too long!
Any and all help is appreciated.
Thanks in advance.
- Frank.
