Hi,
I have a strange problem with using SSL server. I have a war application
which has a jar that connects to a SSL web service.
System.setProperty("javax.net.ssl.keyStore", url.getPath());
System.setProperty("jjavax.net.ssl.keyStoreType", "jks");
System.setProperty("javax.net.ssl.keyStorePassword", "changeit");
System.setProperty("javax.net.ssl.trustStore", url.getPath());
System.setProperty("javax.net.ssl.trustStoreType", "jks");
System.setProperty("javax.net.ssl.trustStorePassword", "changeit");
First time, when I deploy the application on weblogic server everything
works, but after restarting the application server then I get "no trust
certificate found"
any idea please
thanks
On Wed, Jun 24, 2009 at 7:19 AM, Dennis Sosnoski <d...@sosnoski.com> wrote:
> Hi Shasta,
>
> I've never had any problems setting the client truststore using the
> javax.net.ssl.truststore property, so I suspect something is wrong with your
> actual truststore/keystore files. You might want to check what's actually in
> the stores using a tool such as http://portecle.sourceforge.net/
>
> For convenience, you can also set the value of these properties using JVM
> parameters rather than in your client code, using this type of format:
> -Djavax.net.ssl.trustStore=path
>
> If you do a search on javax.net.ssl.truststore you'll find many articles
> and discussions of the topic. The Tomcat documentation also has a good
> discussion of configuring SSL for the server, though I don't think that
> includes anything on a Java client configuration.
>
> - Dennis
>
> --
> Dennis M. Sosnoski
> Java XML and Web Services
> Axis2 Training and Consulting
> http://www.sosnoski.com - http://www.sosnoski.co.nz
> Seattle, WA +1-425-939-0576 - Wellington, NZ +64-4-298-6117
>
>
>
>
> Shasta Willson wrote:
>
>> Thought I'd reply to my own message with some information that might be
>> useful:
>>
>> despite using keytool
>> (http://java.sun.com/j2se/1.5.0/docs/tooldocs/solaris/keytool.html) to
>> install the certificate, and various combinations of these properties
>> to theoretically point to it (where keyStore and trustStorePass are
>> paths to generated files):
>>
>> System.setProperty("javax.net.ssl.keyStore",keyStore);
>> System.setProperty("javax.net.ssl.keyStorePassword", keyPass);
>> System.setProperty("javax.net.ssl.trustStore", trustStore);
>> System.setProperty("javax.net.ssl.trustStorePassword",
>> trustStorePass);
>>
>>
>> I never did get it to work that way. (I eventually built an
>> SSLTest.java that JUST connected so I could eliminate other
>> configuration issues, but even in that simplified context I couldn't
>> get it working.)
>>
>> What finally worked for me (for the SSLTest program) was to put the
>> certificate into the normal java location and over-write cacerts. I
>> could do that since noone else is using Java on this server and this
>> is the first time I've needed to place a certificate. i.e. I wasn't
>> going to break something else in the process.
>>
>> I found this very useful tool during my research :
>>
>> http://dreamingthings.blogspot.com/2006/12/no-more-unable-to-find-valid.html
>>
>> I could have avoided three days waiting for the service-owner to send
>> a certificate, had I known about it.
>>
>> Hope that helps someone else save time.
>>
>> - Shasta
>>
>> On Tue, Jun 23, 2009 at 8:34 AM, Shasta Willson<shas...@gmail.com> wrote:
>>
>>
>>> I have an SSL secured web service to consume. It also uses a
>>> usertoken/password in the SOAP header, which I'm doing with Rampart,
>>> but I don't think that's relevant to my question.
>>>
>>> I'd like to understand how to go from "have a certificate" to
>>> trustStore (and/or KeyStore?) properly configured. Currently I get
>>> this error, which a google search suggests is related to not having it
>>> set up right:
>>>
>>> org.apache.axis2.AxisFault: Unconnected sockets not implemented
>>> at org.apache.axis2.AxisFault.makeFault(AxisFault.java:430)
>>>
>>> Thank you,
>>>
>>> - Shasta
>>>
>>>
>>>
>>
>>
>>
>
