Please note clarification of the error stack I'm reporting:
This stack correspond to axis2-kernel1.2-snapshot.jar (downloaded friday
morning EST Apr-13-2007 )
org.apache.axis2.AxisFault: unknown protocol: myhttps
at
org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:221)
at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:452)
at
org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:330)
at
org.apache.axis2.description.OutInAxisOperationClient.execute(OutInAxisOperation.java:294)
Caused by: org.apache.axis2.AxisFault: unknown protocol: myhttps
at
org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:308)
at
org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:201)
... 12 more
Caused by: java.net.MalformedURLException: unknown protocol: myhttps
at java.net.URL.<init>(URL.java:574)
at java.net.URL.<init>(URL.java:464)
at java.net.URL.<init>(URL.java:413)
at
org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:283)
... 13 more
The previous stack corresponds to axis2-kernel-1.1.1.jar
cmanjarr wrote:
>
> Hi all:
>
> I tested a custom SSL Socket Factory registered as "https" as per
> document: http://jakarta.apache.org/commons/httpclient/sslguide.html and
> worked pretty good.
> However when I register my custom SSL Socket Factory with another name
> like "myhttps", it does not work.
>
> 1) First the stable release has a bug (NullPointerException) which is
> documented here:
>
> http://www.mail-archive.com/[EMAIL PROTECTED]/msg25009.html
>
> So after downloading the lastest code from the nightly build repository
> with the fix for the NullPointerException bug, Axis2 thows another error:
>
> org.apache.axis2.AxisFault: Transport out has not been set
> at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:439)
> at
> org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:330)
> at
> org.apache.axis2.description.OutInAxisOperationClient.execute(OutInAxisOperation.java:294)
> ..... more lines pertaining to my client sub.......
>
> So I added a new transportSender to the axis2_default.xml file (in
> axis2-kernel-1.2-SNAPSHOT.jar)
> like this: (notice that I resused the existing CommonsHTTPTransportSender
> )
>
> <transportSender name="myhttps"
>
> class="org.apache.axis2.transport.http.CommonsHTTPTransportSender">
> <parameter name="PROTOCOL" locked="false">HTTP/1.1</parameter>
> <parameter name="Transfer-Encoding"
> locked="false">chunked</parameter>
> </transportSender>
>
>
> Then Axis reports another problem:
>
> org.apache.axis2.AxisFault: unknown protocol: myhttps
>
> at
> org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:221)
>
> at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:452)
> at
> org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:330)
> at
> org.apache.axis2.description.OutInAxisOperationClient.execute(OutInAxisOperation.java:294)
> ...... more lines....
>
> Caused by: org.apache.axis2.AxisFault: unknown protocol: myhttps
> at
> org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:308)
> at
> org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:201)
> ... 12 more
>
> Caused by: java.net.MalformedURLException: unknown protocol: myhttps
> at java.net.URL.<init>(URL.java:574)
> at java.net.URL.<init>(URL.java:464)
> at java.net.URL.<init>(URL.java:413)
> at
> org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:283)
> ... 13 more
>
> #==============================
>
>
> Am I missing anything here? or Axis2/HttpClient can not really work well
> with a custom protocol name other than valid URLs?
>
> I'd appreciate any comments on this one.
> thx,
>
> Carlos M.
>
>
> Note this is my client code:
>
> Protocol httpsProtocol =
> new Protocol("https",
> (ProtocolSocketFactory) new MYSSLProtocolSocketFactory(
>
> new URL("file:/tmp/keyStore.ks" ) ,
> "keyStorePassword", new
> URL("file:/tmp/trustStore.ks" ), "trustStorePassword" ), 443 );
>
> //Protocol.registerProtocol("https", httpsProtocol); // works fine
> Protocol.registerProtocol("myhttps", httpsProtocol); // does not work
> !!
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> --------------
>
>
> Xinjun Chen wrote:
>>
>> Axis2 uses HTTPClient, so you can overwrite the https protocol by
>> registering your own SSLSocketFactory.
>> Refer http://jakarta.apache.org/commons/httpclient/sslguide.html for
>> details.
>>
>> In your SSLSocketFactory, override the "private static TrustManager[]
>> createTrustManagers(final KeyStore keystore)" method.
>> And create your own X509TrustManager to trust all certs.
>>
>> Insert the following line in the Axis2 web services client code to
>> register
>> your own https protocol.
>> "Protocol.registerProtocol("https", new
>> Protocol("https",(ProtocolSocketFactory) yourOwnSSLSocketFactory,
>> port));"
>> And HTTPClient will use your own SSLSocketFactory.
>>
>>
>> Regards,
>> Xinjun
>>
>>
>> On 11/23/06, xu cai <[EMAIL PROTECTED]> wrote:
>>>
>>> Actually, you can use
>>> System.setProperty("javax.net.ss.trustStore", "your key store file
>>> location") .
>>> it can set truststore file path.
>>>
>>>
>>> On 11/23/06, Luis Rivera <[EMAIL PROTECTED]> wrote:
>>> >
>>> >
>>> >
>>> > Thanks a lot Vicio and Magnus,
>>> >
>>> > I will try Vicio's suggestion first since I am using applets and
>>> writing
>>> > to
>>> > the client's hard disk might not be a viable option. However, I wonder
>>> > if
>>> > including a keystore in the jar file will do the trick. I am not sure
>>> if
>>> > a
>>> > keystore is also looked for in the classpath, but I guess I can try.
>>> >
>>> > Thanks again,
>>> > --Luis R.
>>> >
>>> > >From: <[EMAIL PROTECTED]>
>>> > >Reply-To: [email protected]
>>> > >To: <[email protected]>
>>> > >Subject: RE: Axis https/SSL Server Certificate Validation question
>>> > >Date: Wed, 22 Nov 2006 12:53:12 +0100
>>> > >
>>> > >For avoiding certification validation, try to use the code:
>>> > >
>>> > >AxisProperties.setProperty("axis.socketSecureFactory","
>>> > org.apache.axis.c
>>> > >omponents.net.SunFakeTrustSocketFactory");
>>> > >
>>> > >it should solve your problem.
>>> > >
>>> > >
>>> > >Regards,
>>> > >Vicio.
>>> > >
>>> > >
>>> > >-----Original Message-----
>>> > >From: Magnus Bergman [mailto: [EMAIL PROTECTED]
>>> > >Sent: 22 novembre 2006 12.21
>>> > >To: [email protected]
>>> > >Subject: Re: Axis https/SSL Server Certificate Validation question
>>> > >
>>> > >This is no axis problem, but anyway,
>>> > >i don't know how to bypass the certification verification.
>>> > >But a solution to your problem is:
>>> > >
>>> > >add the self signed server cert into a truststore file that you put
>>> in
>>> > >your client-jar file and configure your client-app to use your
>>> shipped
>>> > >trustore file? Something like this URL url =
>>> > >
>>> this.getClass().getClassLoader().getResource("truststore_in_jar");
>>> > >JarURLConnection conn = (JarURLConnection) url.openConnection();
>>> > JarFile
>>> > >jar = conn.getJarFile(); JarEntry entry =
>>> > >jar.getJarEntry("truststore_in_jar");
>>> > >InputStream is = jar.getInputStream (entry); File tmp =
>>> > >File.createTempFile("certs", ".cer"); tmp.deleteOnExit();
>>> > >FileOutputStream fos = new FileOutputStream(tmp); byte[] buffer = new
>>> > >byte[1024]; int bytes; while( (bytes = is.read(buffer)) > 0 )
>>> > > fos.write(buffer, 0, bytes);
>>> > >fos.close();
>>> > >is.close();
>>> > >url = tmp.toURL();
>>> > >System.out.println("setting truststore to: " + url.getPath());
>>> > >System.setProperty ("javax.net.ssl.trustStore",url.getPath());
>>> > >
>>> > >this will of course write a temporary truststore to your clients
>>> local
>>> > >hard disk, but it works...
>>> > >
>>> > >regards
>>> > >Magnus
>>> > >
>>> > >
>>> > >Luis Rivera wrote:
>>> > > >
>>> > > > Dear axis users,
>>> > > >
>>> > > > I googled my way up to this point, but now I have to ask about
>>> this.
>>> > I
>>> > >
>>> > > > am sure it is being asked, but have not being able to find a way
>>> to
>>> > do
>>> > >
>>> > > > this, unless I am misunderstanding something.
>>> > > >
>>> > > > OK, I want to use https for encryption using only Server side
>>> > > > authentication. I managed to create a self signed certificate for
>>> > > > tomcat, installed in a keystore and set up the server.xml file
>>> with
>>> > > > the right info. This works great, now I can use https to browse
>>> the
>>> > > > tomcat pages, axis Validation and make sure that my own Services
>>> > > > (based on axis
>>> > > > 1.4) are deployed.
>>> > > >
>>> > > > My WSDL is rpc/literal. so I basically locate the Service using
>>> the
>>> > > > right URL ( https://host:port/axis/services/MyService) and got a
>>> > > > SSLHandshakeException!!!
>>> > > >
>>> > > > So, I figured the problem might be that since the browser usually
>>> > > > prompts the user to confirm if the certificate should be trusted,
>>> > now
>>> > > > my program was not able to trust the certificate. Therefore, I
>>> > > > basically added the certificate to the client jre cacerts file and
>>> > > > that solved the problem.
>>> > > >
>>> > > > HOWEVER, I don't want my client to modify a file in its local hard
>>> > > > disk if possible. I want it to just ignore the fact that the
>>> > > > Certificate is not in the keystore and go on, just like I always
>>> say
>>> > > > "yes" when the browser pop up the dialog, since I am only caring
>>> for
>>> >
>>> > > > encryption at this point.
>>> > > >
>>> > > > So, the question is:
>>> > > >
>>> > > > HOW DO i MAKE THE CLIENT BYPASS THE CERTIFICATE VERIFICATION step
>>> in
>>> > > > my client?
>>> > > >
>>> > > > I believe I have to use a TrustManager and a SSL context, but I am
>>> > not
>>> > >
>>> > > > sure how to connect it to the axis Engine running under my client,
>>> > > > which is the one opening the context that matters for this and
>>> > > > subsequent connections.
>>> > > >
>>> > > > Thanks in advance, any tip will be appreciate,
>>> > > > --Luis R.
>>> > > >
>>> > > > _________________________________________________________________
>>> > > > Talk now to your Hotmail contacts with Windows Live Messenger.
>>> > > >
>>> http://clk.atdmt.com/MSN/go/msnnkwme0020000001msn/direct/01/?href=http
>>> >
>>> > > > ://get.live.com/messenger/overview
>>> > > >
>>> > > >
>>> > > >
>>> > > >
>>> > ---------------------------------------------------------------------
>>> > > > To unsubscribe, e-mail: [EMAIL PROTECTED]
>>> > > > For additional commands, e-mail: [EMAIL PROTECTED]
>>> > > >
>>> > >
>>> > >--
>>> > >------------------------------------
>>> > >Magnus Bergman
>>> > >www.voiceprovider.se
>>> > >Mobile +46(0)733 63 42 08
>>> > >Office +46(0)8 525 080 08
>>> > >Fax +46(0)8 456 96 61
>>> > >Slottsbacken 6
>>> > >111 30 Stockholm
>>> > >------------------------------------
>>> > >
>>> > >---------------------------------------------------------------------
>>> > >To unsubscribe, e-mail: [EMAIL PROTECTED]
>>> > >For additional commands, e-mail: [EMAIL PROTECTED]
>>> > >
>>> > >
>>> > >
>>> > >This message is for the designated recipient only and may contain
>>> > >privileged, proprietary, or otherwise private information. If you
>>> have
>>> > >received it in error, please notify the sender immediately and delete
>>> > the
>>> > >original. Any other use of the email by you is prohibited.
>>> > >
>>> > >---------------------------------------------------------------------
>>> > >To unsubscribe, e-mail: [EMAIL PROTECTED]
>>> > >For additional commands, e-mail: [EMAIL PROTECTED]
>>> > >
>>> >
>>> > _________________________________________________________________
>>> > MSN Shopping has everything on your holiday list. Get expert picks by
>>> > style,
>>> > age, and price. Try it!
>>> >
>>> http://shopping.msn.com/content/shp/?ctId=8000,ptnrid=176,ptnrdata=200601&tcode=wlmtagline
>>> >
>>> >
>>> >
>>> > ---------------------------------------------------------------------
>>> > To unsubscribe, e-mail: [EMAIL PROTECTED]
>>> > For additional commands, e-mail: [EMAIL PROTECTED]
>>> >
>>> >
>>>
>>>
>>> --
>>> - xucai
>>
>>
>
>
--
View this message in context:
http://www.nabble.com/Axis-https-SSL-Server-Certificate-Validation-question-tf2683112.html#a10024596
Sent from the Axis - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
