[ http://issues.apache.org/jira/browse/AXIS-1982?page=all ]
Ralf Hauser updated AXIS-1982:
------------------------------
Attachment: axisCipherStrength_patch.txt
with the above patch the programmer can simply add
call.setProperty(JSSESocketFactory.SUPPORTED_CIPHER_SUITES, new String[]
{"TLS_DHE_RSA_WITH_AES_256_CBC_SHA"});
> enhance client Call interface to use non-global truststore for SSL
> ------------------------------------------------------------------
>
> Key: AXIS-1982
> URL: http://issues.apache.org/jira/browse/AXIS-1982
> Project: Apache Axis
> Type: New Feature
> Components: Basic Architecture
> Environment: any
> Reporter: Ralf Hauser
> Attachments: axisCipherStrength_patch.txt
>
> The descriptions how to enable SSL for axis (or its client), all appear to
> base on setting the truststore for the entire JVM and not just the corrent
> thread as per
>
> System.setProperty("javax.net.ssl.trustStore","C:\\jdk1.3\\bin\\client.keystore");
> or even worse adding the relevant certificates to JVMs default
> <java-home>/lib/security/cacerts for all JVMs running on a particular machine.
> It would be great to have
> http://ws.apache.org/axis/java/apiDocs/org/apache/axis/client/Call.html
> enhanced with a method to use a non-global truststore/keystore.
> This could be very much along the lines of
> http://issues.apache.org/bugzilla/show_bug.cgi?id=34391 or rather the
> approach taken with
> org.apache.commons.httpclient.contrib.ssl.AuthSSLProtocolSocketFactory
> see also: - http://issues.apache.org/bugzilla/show_bug.cgi?id=34391
> - http://marc.theaimsgroup.com/?l=axis-user&m=110445139319630&w=2
> - http://ws.apache.org/soap/docs/install/FAQ_Tomcat_SOAP_SSL.html
> - http://www.pankaj-k.net/WSOverSSL/WSOverSSL-HOWTO.html
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
