-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Frank,
On 6/22/2009 3:53 PM, frank.bowar wrote:
> I've got a TOMCAT application that pulls data from a Web Service and just
> recently the Web Service was hardened to require client certificates.
>
> I debugged all my certificate issues and got my Java class that talks to the
> Web Service working just fine as a stand-alone app. However, I'm having
> trouble getting it to work within Tomcat. My certificate is not being sent
> to the Web Service.
Can you post the relevant parts of your code?
> This is how I initialize my keystore and truststore:
>
> System.setProperty("javax.net.ssl.trustStore",
> "c:\\certs\\datahub.keystore");
> System.setProperty("javax.net.ssl.trustStorePassword","turstpass");
> System.setProperty("javax.net.ssl.keyStore",
> "c:\\certs\\SDXWebservice.pfx");
> System.setProperty("javax.net.ssl.keyStorePassword","keypass");
> System.setProperty("javax.net.ssl.keyStoreType", "PKCS12");
Depending on what else your code does, you may have to set these values
on a KeyStore object and load it yourself. It's possible that Tomcat has
already loaded the system-wide keystore from somewhere else by the time
the above code runs, and thus does not affect anything.
Your code may have to become a lot more complicated in order to make a
connecting using a client certificate while running within Tomcat. Or,
you may have to override the keystore on Tomcat's command-line so that
these system properties are set /before/ Tomcat tried to load anything
itself.
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAko/44UACgkQ9CaO5/Lv0PANYQCeM9FdzgCvPBZyIOZWzK2+fn/h
w9oAn3NPslY7Bl9gnUHUSclR6s9B+MxX
=poak
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
