|
Hi all
I'm writing a client to hook up with a remote
web-service (ie not one that I've developed) which requires a mutually
authenticated SSL connection. I have both a client certificate and a root
certificate installed in my Java keystore to make the connection but on making
an Axis call to the webservice I recieve an error from the server which the
owners, having checked their logs, tell me is because my client doesn't
"present" it's client certificate.
Looking back through the mailing list all the
solutions to getting SSL working seem to depend on setting system properties to
point at the correct keystore containing the certificates. However, before
I got this far I was receiving exceptions on trying to open the soap connection
to the server when the root certificate couldn't be found to authenticate the
server. In solving that error I made sure the certificates are installed
in Java's default keystore. As such I didn't think editing system
properties to point at the keystore would make any difference, and it
didn't.
Are there any properties to be set to force the
connection opened to be a MUTUAL SSL connection and to specify which certificate
my client should present to the server?
I did also find one suggestion on the mailing
list
which included writing a customer SocketFactory,
though it doesn't explain how various things such as specifying a mutual
connection etc.
Any help would be very much appreciated as the
many, many old suggestions have only helped confuse me more about the
topic.
Chris Mannion IT Junction 020 8452 4274 |
