Re: How to create a SSL client to support https

Mon, 09 Jul 2007 04:42:33 -0700 

Hi Kelvin,

Please find my comments inline.

Kelvin Lin wrote:
Then I commented the explicitly setting property in the program and set them in the axis2.xml like: <transportSender name="https" class="axis2_http_sender"> 
        <parameter name="PROTOCOL" locked="false">HTTP/1.1</parameter>
    </transportSender>
<parameter name="SERVER_CERT">E:\Project\VS8\Axis2_prototype\debug\TrustList.pem</parameter> <parameter name="KEY_FILE">E:\Project\VS8\Axis2_prototype\debug\TrustList.pem</parameter> 
    <parameter name="SSL_PASSPHRASE">passphrase</parameter>
But it still no any effects. How should I do?
I have not used the ssl client in windows lately. But it is *possible* that you need to use unix like path separators. eg:
<parameter name="SERVER_CERT">E:/Project/VS8/Axis2_prototype/debug/TrustList.pem</parameter>
I doubt what you have done here... setting the same pem file for both the CA Certificate/Server Certificate and the Client certificate-key pair is not correct. If you don't need client authentication, only set the "SERVER_CERT" parameter. 

Could you please explain me the content of the TrustList.pem?
Please let me know the specifics of the ssl authentication that you need (with client auth / without client auth?) so that I can give the exact config options necessary.
By the way, in this web page: http://people.apache.org/~dumindu/HowToConfigureSSL.html, I have two suggests, 1st, you still use axis2/c v0.96 api, like: 
ssl_ca_file = axis2_property_create(env);  AXIS2_PROPERTY_SET_VALUE(ssl_ca_file, env,    
axis2_strdup("/home/dumindu/dummyCA/demoCA/cacert.pem", env));  
AXIS2_OPTIONS_SET_PROPERTY(options, env, "SERVER_CERT", ssl_ca_file);



Thanks, these should be changed as I've explained in my previous email.   :)
2nd, You can find the complete sample code here <http://ww2.wso2.org/%7Edumindu/clientauth.c>. There is no link when clicking "here". 

oops my bad, will add it there soon.

Thanks,
Dumindu.

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to