Hi, Thanks for your reply, Yves Marie!
Unfortunately, restarting the application is something we don't want since this application will run 24/7 in a production environment. I'm looking for a way to let Axis2 know to reload the keystore file, at runtime without restarting my application. I know *when* it has to reload the keystore file, I just don't know *how* to do this in code. If anyone knows how to let Axis2 reload the keystore file, let me know! Kind regards, Sebastian On Thu, Jan 29, 2009 at 9:11 AM, DANIEL, Yves Marie < [email protected]> wrote: > Hi ! > > With a Jonas application server and a mutual authentication with SSL, we > find that we had to restart Jonas so it could see change the changes of path > or content for keystores. It seems to be the same with tomcat, don't know if > it Axis2 or the application server. > > Yves-Marie > > ------------------------------ > *De :* Sebastian Van Sande [mailto:[email protected]] > *Envoyé :* jeudi 29 janvier 2009 08:07 > *À :* [email protected] > *Objet :* Re: Reload keystore file > > Does anyone have a clue how I can refresh the keystore in axis2? > Thank you. > > On Wed, Jan 28, 2009 at 10:56 AM, Sebastian Van Sande < > [email protected]> wrote: > >> Hi, >> >> I have a problem with Axis2. >> >> At my project, we have an Microsoft Exchange 2007, and some other project >> has created an API to interact with this Exchange server with the help of >> Axis2. >> This other project uses a Websphere server to manage a keystore to do >> basic authentication over SSL. >> My application on the otherhand runs as a standalone application, and I >> have to manage the keystore myself. >> >> Now, I managed to use this keystore to calling the Exchange 2007 Web >> services over SSL, and it works great. >> But, as you probably know, certificates expire ... and they have to get >> renewed. >> >> So, I managed to create something a 'KeyStoreManager' that will fetch the >> new certificates from the Exchange server and put it in the keystore file. >> And this works great as well .. *IF* I restart my application. >> >> When my application modifies the keystore file, it looks like Axis2 is >> using some caching mechanism. Because when I make the web service call again >> (after inserting the new certificate in my keystore), it can't authenticate >> because it cached the keystore file in memory. >> >> To specify the keystore to Axis2, I use this code: >> >> System.setProperty("javax.net.ssl.trustStore", >> "/path/to/keystore.jks"); >> System.setProperty("javax.net.ssl.trustStorePassword", >> "thisisnottherealpassword"); >> >> To extract the new certificate and add it to my keystore, I use code based >> on the one you can find at >> http://helpdesk.objects.com.au/java/how-do-i-programatically-extract-a-certificate-from-a-site-and-add-it-to-my-keystore >> >> The problem is: when the keystore file is updated with the new >> certificate, axis2 doesn't seem to know about it because it uses a cached >> version of the keystore file. >> >> So my question is: how can I clear this axis2 keystore cache in some way >> so axis2 will be forced to read the keystore file again? >> >> Thank you for your help, >> >> Kind regards, >> Sebastian > > > > > > This message contains information that may be privileged or confidential and > is the property of the Capgemini Group. It is > intended only for the person to whom it is addressed. If you are not the > intended recipient, you are not authorized to > read, print, retain, copy, disseminate, distribute, or use this message or > any part thereof. If you receive this message > in error, please notify the sender immediately and delete all copies of this > message. > >
