Believe it, this is true, I did this procedure with axis1, I' wondering if axis2 use the same mechanism? I hope so.
However, the only problem I had was converting the PEM certificates I received from my customer into the keystore! Be careful if you receive a Chain of Certificates in PEM format! Alberto Patino On 8/24/07, Ali, Haneef <[EMAIL PROTECTED]> wrote: > Before accessing the webservice. > > // Set System properties > // Instantiate the stub > // Call the method > > > Haneef > > > ________________________________ > > From: Deep Chand [mailto:[EMAIL PROTECTED] > Sent: Friday, August 24, 2007 10:48 AM > To: Ali, Haneef > Cc: [email protected] > Subject: Re: Changes in axis client for Mutual Authentication > > > So do I need to set the system properties in the client code i.e. > constructor of stubs generated by wsdl2java or some where in the code > before accessing the web service. OR do i need to set it at the time of > using wsdl2java utility. please reply. > > > On 8/24/07, Ali, Haneef <[EMAIL PROTECTED]> wrote: > > Hi, > > You don't need to make any changes. You have done all the > required > settings. If you still think it is not working do the following. > > 1) Set the property System.setProperty("javax.net.debug", > "ssl,handshake"); > 2) Look at the debug messages. > a) First you will see set of messages relating to JSSE > reading > the contents of truststore and keystore > b) Then you will set of messages relating to SSL handshake > > starting with "ServerHello", "ClientHello" etc > c) If your server is configured to do client-cert auth( > 2 way > ssl) then you will see a request with a header > "CertificateRequest" followed by set of CA > names. ( i.e) > the server is capable of accepting any certificates issued by > those CAs' > d) Then you can see set of messages relating to your > client > finding appropriate certificate from the keystore and sending it > to > server > e) You can ignore rest of the messages. > > Thanks, > Haneef > > > > > > > ________________________________ > > From: Deep Chand [mailto:[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]> ] > Sent: Friday, August 24, 2007 8:27 AM > To: [email protected] > Subject: Changes in axis client for Mutual Authentication > > > all gurus, > > I have a web service client developed using axis i.e. Ran > WSDL2Java on > WSDL > to generate the client stubs and then filled in the logic to > access the > web > service exposed by soap server. Everything works fine. > > I want to add mutual authentication (2 way TLS authentication) > to this > existing web service communication. I've the access to client > and server > certificates. What changes do I need to make in the client? > > What I understand from googling is: > > 1) I read that I need to set some system properties like > > javax.net.ssl.keyStoreType, > javax.net.ssl.keyStore, > javax.net.ssl.keyStorePassword, > javax.net.ssl.trustStoreType , > javax.net.ssl.trustStore > javax.net.ssl.trustStorePasswo > rd > > 2) Use https instead of http while invoking the web service. > > Is that all I need to do or some thing else? Do I need to set > these > system > properties while running the wsdl2java utility or in the client > code at > the > time of invoking the web service. please reply > > any help is appreciated. > > thanks, > deep > > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > -- Don't be evil!!! --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
