The trust manager is an anonymous inner class that can be overridden in the
following manner:
SSLContext sslcontext = SSLContext.getInstance("TLS");
sslcontext.init(null, new TrustManager[] {
new DummyTrustManager()
}, new SecureRandom());
factory = sslcontext.getSocketFactory();
The dummy trust manager looks like this:
import com.sun.net.ssl.X509TrustManager;
import java.io.PrintStream;
import java.security.cert.X509Certificate;
public class DummyTrustManager
implements X509TrustManager
{
public DummyTrustManager()
{
}
public boolean isClientTrusted(X509Certificate cert[])
{
return true;
}
public boolean isServerTrusted(X509Certificate cert[])
{
return true;
}
public X509Certificate[] getAcceptedIssuers()
{
return new X509Certificate[0];
}
}
>>> [EMAIL PROTECTED] 01/11/05 01:10PM >>>
Hi,
I have a SOAP Server that does not have (yet) its trusted certificate,
but nonetheless runs in HTTPS. For instance, we can use portals on it,
providing we accept the fact the server cannot authenticate itself.
I run a Axis client that connects to this server, using a HTTPS:// URL.
However, the client fails, saying that the server has no trusted
certificate (see exception below).
Is there a way in Axis to configure an Axis client to accept the SSL
connection, no matter if the certificate is valid/trusted/found?
Thank you in advance!
Christian Faucher
javax.net.ssl.SSLHandshakeException:
sun.security.validator.ValidatorException: No trusted certificate found
at org.apache.axis.AxisFault.makeFault(AxisFault.java:101)
at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:97)
at
org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.j
ava:32)
at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
at org.apache.axis.client.AxisClient.invoke(AxisClient.java:147)
at org.apache.axis.client.Call.invokeEngine(Call.java:2719)
at org.apache.axis.client.Call.invoke(Call.java:2702)
at org.apache.axis.client.Call.invoke(Call.java:1738)
at axa.Main.main(Main.java:90)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.jav
a:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessor
Impl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at com.intellij.rt.execution.application.AppMain.main(AppMain.java:78)
Caused by: javax.net.ssl.SSLHandshakeException:
sun.security.validator.ValidatorException: No trusted certificate found
at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.SunJSSE_ax.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(DashoA12275)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(DashoA12275)
at
org.apache.axis.components.net.JSSESocketFactory.create(JSSESocketFactor
y.java:186)
at
org.apache.axis.transport.http.HTTPSender.getSocket(HTTPSender.java:131)
at
org.apache.axis.transport.http.HTTPSender.writeToSocket(HTTPSender.java:
370)
at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:88)
... 13 more
Caused by: sun.security.validator.ValidatorException: No trusted
certificate found
at
sun.security.validator.SimpleValidator.buildTrustedChain(SimpleValidator
.java:304)
at
sun.security.validator.SimpleValidator.engineValidate(SimpleValidator.ja
va:107)
at sun.security.validator.Validator.validate(Validator.java:202)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Das
hoA12275)
at
com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(Das
hoA12275)
... 23 more
Exception in thread "main"
_____
"Ce message est confidentiel, a l'usage exclusif du destinataire
ci-dessus et son contenu ne represente en aucun cas un engagement de la
part de AXA, sauf en cas de stipulation expresse et par ecrit de la part
de AXA. Toute publication, utilisation ou diffusion, meme partielle,
doit etre autorisee prealablement. Si vous n'etes pas destinataire de ce
message, merci d'en avertir immediatement l'expediteur."
"This e-mail message is confidential, for the exclusive use of the
addressee and its contents shall not constitute a commitment by AXA,
except as otherwise specifically provided in writing by AXA. Any
unauthorized disclosure, use or dissemination, either whole or partial,
is prohibited. If you are not the intended recipient of the message,
please notify the sender immediately."
