Here is what I did, hope it works:
1), create your own secure socket factory to read your own key store with
the root ca cert of the target host cert been imported (sample code below);
2), set system property before you make the https webservices call:
System.setProperty("org.apache.axis.components.net.SecureSocketFactory",
"com.MyAxisSecureSocketFactory");
// sample custom ss factory ...
public class MyAxisSecureSocketFactory extends JSSESocketFactory {
public InthubAxisSecureSocketFactory(Hashtable table) throws Exception {
super(table);
String jks = KeyStore.getDefaultType();
KeyStore ks = KeyStore.getInstance(jks, "SUN");
char[] password = "changeit".toCharArray();
// keystore file, with cert (root ca or self signed cert)
imported
String keystore = "/opt/server/etc/cacerts.jks";
InputStream is = new FileInputStream(keystore);
ks.load(is, password);
KeyManagerFactory kmf =
KeyManagerFactory.getInstance("SunX509");
kmf.init(ks, password);
TrustManagerFactory tmf =
TrustManagerFactory.getInstance("SunX509");
tmf.init(ks);
SSLContext context = SSLContext.getInstance("SSL");
context.init(kmf.getKeyManagers(), tmf.getTrustManagers(),
new SecureRandom());
sslFactory = context.getSocketFactory();
}
}
Raghuram Sreenath wrote:
>
> I am writing this email as the last hope to get some help with my effort
> to
> get a custom trust manager with axis.
> I have gone through the documention (whatever is available) and have found
> no answers. Specificall, i have tried the following:
> 1. followed the steps in axis/docs/integration-guide.html#Pluggable%20APIs
> 2. Tried the steps mentioned by John in his post
> http://marc.info/?l=axis-user&m=110211163701959&w=2
>
> I have had no luck.
>
> Basically, I have an axis client trying to contact an axis server over
> HTTPS. I have an implementation of X509TrustManager that I want to be used
> while doing a SSL handshake. From what I understand, this should be
> typically achieved by the following lines of code:
> TrustManager[] myTMs = new TrustManager [] {
> new MyTrustManager() };
> SSLContext ctx = SSLContext.getInstance("SSL");
> ctx.init(null, myTMs, null);
> SSLSocketFactory factory =ctx.getSocketFactory();
> HttpsURLConnectionImpl.setDefaultSSLSocketFactory(factory);
>
> after moving to axis. I created an implementation of axis's
> SecureSocketFactory that delegates to my 'factory' above and added the
> following:
> System.setProperty("
> org.apache.axis.components.net.SecureSocketFactory", "
> my.package.MySecureSocketFactory");
> AxisProperties.setClassOverrideProperty(
> org.apache.axis.components.net.SecureSocketFactory.class, "
> amazon.subway.mapps.notif.adapters.webservice.MySecureSocketFactory");
> AxisProperties.setProperty("
> org.apache.axis.components.net.SecureSocketFactory", "
> my.package.MySecureSocketFactory");
>
> I even tried passing the jvm parameters: -
> Dorg.apache.axis.components.net.SecureSocketFactory=my.package.MySecureSocketFactory-
> Daxis.socketSecureFactory=my.package.MySecureSocketFactory
>
> Nothing has worked :(
>
> Please help!
>
> Regards,
> Raghuram.
>
>
Quoted from:
http://www.nabble.com/Custom-TrustManagers-with-Axis-%2B-SSL-tp15591313p15591313.html
Raghuram Sreenath wrote:
>
> I am writing this email as the last hope to get some help with my effort
> to
> get a custom trust manager with axis.
> I have gone through the documention (whatever is available) and have found
> no answers. Specificall, i have tried the following:
> 1. followed the steps in axis/docs/integration-guide.html#Pluggable%20APIs
> 2. Tried the steps mentioned by John in his post
> http://marc.info/?l=axis-user&m=110211163701959&w=2
>
> I have had no luck.
>
> Basically, I have an axis client trying to contact an axis server over
> HTTPS. I have an implementation of X509TrustManager that I want to be used
> while doing a SSL handshake. From what I understand, this should be
> typically achieved by the following lines of code:
> TrustManager[] myTMs = new TrustManager [] {
> new MyTrustManager() };
> SSLContext ctx = SSLContext.getInstance("SSL");
> ctx.init(null, myTMs, null);
> SSLSocketFactory factory =ctx.getSocketFactory();
> HttpsURLConnectionImpl.setDefaultSSLSocketFactory(factory);
>
> after moving to axis. I created an implementation of axis's
> SecureSocketFactory that delegates to my 'factory' above and added the
> following:
> System.setProperty("
> org.apache.axis.components.net.SecureSocketFactory", "
> my.package.MySecureSocketFactory");
> AxisProperties.setClassOverrideProperty(
> org.apache.axis.components.net.SecureSocketFactory.class, "
> amazon.subway.mapps.notif.adapters.webservice.MySecureSocketFactory");
> AxisProperties.setProperty("
> org.apache.axis.components.net.SecureSocketFactory", "
> my.package.MySecureSocketFactory");
>
> I even tried passing the jvm parameters: -
> Dorg.apache.axis.components.net.SecureSocketFactory=my.package.MySecureSocketFactory-
> Daxis.socketSecureFactory=my.package.MySecureSocketFactory
>
> Nothing has worked :(
>
> Please help!
>
> Regards,
> Raghuram.
>
>
--
View this message in context:
http://www.nabble.com/Custom-TrustManagers-with-Axis-%2B-SSL-tp15591313p15634239.html
Sent from the Axis - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
