I kinda seem to have solved problem 2.) by removing the part <transport>http</transport> from the services.xml.
Is this the right way to do? StrongSteve wrote: > > Hi Everyone! > > First of all, thanks for the quick answers. > > I think now I am a step further, but I haven't quite reached the goal. > > Thanks for the introduction on the client side, this is exactly what I am > doing! ;) > > On the server side I have two file: > > - The .keystore contains my server certificate (key) > - The .truststore contains the certificate (key) [This key comes from > the client's .keystore] > > I was missing the entry "clientAuth=true" in the Tomcat's server.xml. > Thanks for the tip! > > After changing this and restarting the Tomcat I have come accross two > problems: > > 1.) When browsing to the WSDL-File with Firefox, I can not see anything, > as I do not have a valid client certificate. I tried to import a > certificate, that I exported with the keytool from the client's .keystore, > but it is rejected as it is not a valid PK-12. Any hints? > > 2.) My client can connect to the server, and I think that everything is > working - at least from the view of SSL. But the problem is that I get the > following error message: "Exception in thread "main" > org.apache.axis2.AxisFault: The service cannot be found for the endpoint > reference (EPR) https://XXXX:8443/axis2/services/RepositoryService"; > > How can I configure this EPR in the services.xml? > > Thanks in Advance! > Stefan > > > SGruverman wrote: >> >> First, I haven't used any of the Axis2 HTTPS support you mentioned. I >> don't >> know if this is typical of Axis2 web services, but most references I've >> seen to SSL use the facilities of the app server and javax.net. >> >> Couple of questions to get started: >> Is the "standard" SSL working (other than the client authentication)? >> Does your Tomcat config include clientAuth="true"? >> Does your Tomcat config include settings for keystorefile and >> keystorepass as well as truststorefile and truststorepass? >> On the server, the keystore contains the SSL certificate and the >> truststore contains the certificate *of the Certificate Authority that >> signed the certificate that the client is using for client >> authentication.* >> (I find this confusing - to keep it simple, I use the same keystore >> for >> both. Not a "best practice", I think). >> >> Does your client System.setProperty() for javax.net.ssl.trustStore, >> trustStorePassword, keyStore and keyStorePassword? >> Here. the keystore contains the SSL client authentication certificate >> and the truststore contains the certificate *of the Certificate >> Authority that signed the server SSL certificate*. >> >> Another useful property to set is javax.net.debug - set it to "ssl" to >> get >> a bunch of SSL diagnostics. >> >> I'm still pretty new to this stuff, so I'm not certain of this >> information >> (but it seems to work for us). Please jump in and correct me if I'm >> wrong! >> >> Anyway, I hope this helps. >> >> - Steve >> >> ______________________________________________ >> Steve Gruverman, Programmer >> IntelliCare, Inc. | A Medco Health Solutions Company >> >> 500 Southborough Drive | South Portland ME 04106 >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [EMAIL PROTECTED] >> For additional commands, e-mail: [EMAIL PROTECTED] >> >> >> > > -- View this message in context: http://www.nabble.com/Axis-2---SSL-with-Client-Authentication-tp19180080p19182082.html Sent from the Axis - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
