Thanks Martin. My understanding is that the keyStore and keyStorePassword are required on the server side, not in the client side. That is why I haven't set these attributes in the client code. Is my understanding wrong ? The keytool -list properly lists my certificate by the way, but client cannot invoke any operations through https.. Is there anyone successfully used https to invoke any web service operation using Axis2 1.1 release or nightly ? If yes, can you share the details ? Thanks, Gul
________________________________ From: Martin Gainty [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 19, 2006 3:53 PM To: [email protected] Subject: Re: Accessing axis2 based web service with https I didnt see jeyStore and keyStorePassword attributes javax.net.ssl.keyStore /*full path to .ks (Keysore) file*/ javax.net.ssl.keyStorePassword /*Password that protects keyfile */ also.. if you had used this command to import the cert NameOfCert.crt into the keyfile NameOfKeyStoreFile keytool -import -keystore NameOfKeyStoreFile -alias cert_server -storepass changeit -file NameOfCert.crt then you should verify the certificate is properly imported into keystore with keytool -list -keystore NameOfKeyStoreFile -alias cert_server -storepass changeit -v Anyone else? M- --------------------------------------------------------------------------- This e-mail message (including attachments, if any) is intended for the use of the individual or entity to which it is addressed and may contain information that is privileged, proprietary , confidential and exempt from disclosure. If you are not the intended recipient, you are notified that any dissemination, distribution or copying of this communication is strictly prohibited. --------------------------------------------------------------------------- Le présent message électronique (y compris les pièces qui y sont annexées, le cas échéant) s'adresse au destinataire indiqué et peut contenir des renseignements de caractère privé ou confidentiel. Si vous n'êtes pas le destinataire de ce document, nous vous signalons qu'il est strictement interdit de le diffuser, de le distribuer ou de le reproduire. ----- Original Message ----- From: Gul Onural <mailto:[EMAIL PROTECTED]> To: [email protected] Sent: Tuesday, December 19, 2006 3:22 PM Subject: Accessing axis2 based web service with https Hi, I have followed tomcat https/ssl configuration document under http://tomcat.apache.org/tomcat-5.5-doc/ssl-howto.html <http://tomcat.apache.org/tomcat-5.5-doc/ssl-howto.html> to configure tomcat for https/ssl. Then I have created a certificate using keytool and imported it into client's truststore. I have added the following two properties to my client code : System.setProperty("javax.net.ssl.trustStore", "truststore path"); System.setProperty("javax.net.ssl.trustStorePassword", "password"); I am using Axis2 1.1 branch nightly and getting "PKIX path building failed" exception. What else needs to be done to get the a client working with https ? Gul INFO: I/O exception (org.apache.axis2.AxisFault) caught when processing request: sun.security.validator.ValidatorExce ption: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target; nested exception is: com.ctc.wstx.exc.WstxIOException: sun.security.validator.ValidatorException: PKIX path building failed: sun.s ecurity.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target Dec 19, 2006 3:12:45 PM org.apache.commons.httpclient.HttpMethodDirector executeWithRetry INFO: Retrying request
