Hi Nuria,
yes, you need to set a system property in the client side to
add that key store containing that cert as a trusted key store. This
can be simply done using
System.setProperty("javax.net.ssl.trustStore", "path/to/keystore.jks");
System.setProperty("javax.net.ssl.trustStorePassword", "password");
in the client side.
thanks,
nandana
On Mon, Mar 3, 2008 at 8:14 PM, Nuria Rodríguez García
<[EMAIL PROTECTED]> wrote:
>
>
> Hello:
>
>
>
> I'm using Axis2 and I need to use SSL to connect to a WS.
>
> In server side I do the following:
>
>
>
> I configure the server.xml file in tomcat. I have:
>
> <Connector port="8443"
>
> maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
>
> enableLookups="false" disableUploadTimeout="true"
>
> acceptCount="100" debug="0" scheme="https" secure="true"
>
> clientAuth="false" sslProtocol="TLS" />
>
>
>
> Then I generate a server certificate doing the following:
>
> keytool -genkey -alias tomcat -keyalg RSA
>
> keytool -export -alias tomcat -storepass changeit
> -file server.cer
>
> keytool -import -v -trustcacerts -alias tomcat -file
> server.cer -keystore %JAVA_HOME%/jre/lib/security/cacerts -keypass changeit
> -storepass changeit
>
>
>
> I start-up tomcat and when I call the service using the EPR
> "https://mymachine:8443/ ...." I receive the following exception:
>
>
>
> I/O exception (org.apache.axis2.AxisFault) caught
> when processing request: sun.security.validator.ValidatorException: PKIX
> path building failed:
> sun.security.provider.certpath.SunCertPathBuilderException: unable to find
> valid certification path to requested target
>
>
>
> I don't know if I need to indicate something from the client side.
>
>
>
> Thanks,
>
> Nuria
http://nandana83.blogspot.com/
http://nandanasm.wordpress.com/
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
