Thanks Manjula. I need a couple more clarifications, 1) If I store multiple certificates in a PFX file, how would axis2c/rampart know which certificate to use?
1.1) Does it go by the domain name in the URI? If so, what is the criteria? That is, if URI is www.webservices.com/axis2/services/myservice, then, does it use the domain www.webservices.com for retrieving the certificate. 1.2) Do I need to specify a password for each certificate? 2) You mention providing .pfx file and password to Rampart/C. My thinking was to specify PFX file in axis2.xml under SERVER_CERT. There is no tag in axis2.xml for specifying password. Where do I specify the password? Can I do it programmatically or through module.xml? 3) This is just a reconfirmation. In the client guide, it is mentioned that I can specify a PEM file. As long as PEM file is one certificate per PEM file, can I still use a PEM file. Thanks, Raghu -----Original Message----- From: Manjula Peiris [mailto:[EMAIL PROTECTED] Sent: Friday, September 19, 2008 5:35 AM To: Apache AXIS C User List Subject: Re: certificate file for communicating via https On Thu, 2008-09-18 at 17:01 -0400, Raghu Udupa wrote: > If a web services client wants to communicate with different servers, > can certificates for different servers be specified in one PEM file. > For curl, you can specify a single certificate file which can contain > multiple certificates. I would like to know whether axis2c provides > this feature. No you can't specify it in one PEM file. Rampart/C the Axis2/C security project does not support that. But you can store all the certificates in a pfx key store and provide Rampart/C with the .pfx file with the password to retrieve the certificate from the key store. > > > > Thanks, > > Raghu > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
