Hi all,
I have solved this problem basically by using weblogic's SSLSocketFactory instead of
the default one used by Axis. I created a custom HttpSender (MyHttpSender) which uses
this Factory. I then created a custom Config class which I pass to the constructor of
Service. The Config class looks like this:
public class MyConfig extends SimpleProvider {
/**
* Constructor - deploy client-side basic transports.
*/
public MyConfig() {
deployTransport("java", new SimpleTargetedChain(new JavaSender()));
deployTransport("local", new SimpleTargetedChain(new LocalSender()));
deployTransport("http", new SimpleTargetedChain(new MyHttpSender()));
}
}
The relevant code within MyHttpSender looks something like this:
SSLClientInfo sslinfo = new SSLClientInfo();
File ClientKeyFile = new File("C:/certificates/testkey.pem");
File ClientCertsFile = new File("C:/certificates/testcert.pem");
InputStream[] ins = new InputStream[2];
ins[0] = new FileInputStream(ClientCertsFile);
ins[1] = new FileInputStream(ClientKeyFile);
String pwd = "mykeypass";
sslinfo.loadLocalIdentity(ins[0], ins[1], pwd.toCharArray());
javax.net.SocketFactory sockf =
weblogic.security.SSL.SSLSocketFactory.getJSSE(sslinfo);
sock = sockf.createSocket(host, port) ;
By the way, this change also solved the other problem I posted about (not being able
to tunnel through the https proxy).
Cheeers,
Zoltan Schreter
Nokia
> -----Original Message-----
> From: ext [mailto:[EMAIL PROTECTED]
> Sent: 13 April, 2004 19:54
> To: [EMAIL PROTECTED]
> Subject: How to load an SSL client certificate into an Axis client
> running in a WebLogic servlet?
>
>
>
> Hi,
>
> I am trying to run an Axis client from a servlet under
> WebLogic 8.1. The servlet is NOT the Axis servlet, it's
> really only a client, not a Web Service, but it uses the Axis
> web service client API.
>
> I am trying to create an SSL connection to a Web Service from
> that client, and I am getting all sorts of problems.
>
> One of these problems (with proxies) I have already described
> in another posting.
>
> Another problem is that I want to achieve mutual, SSL-based
> authentication between the client and the web service host.
> To achieve this, I have to load the client certificate into
> the client, and incorporate it into the request. This doesn't
> seem to work. Of course, my first idea was to use the system
> properties 'javax.net.ssl.keyStore', etc. But this doesn't
> seem to work.
>
> Thus, my question is: is there any other way of getting the
> client certificate into the client and then into the request?
> Using SSLContext, perhaps?
>
> Any hint would be greately appreciated,
>
> Zoltan Schreter
> Nokia
>
>
>
