This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a commit to branch 3.6.x-fixes
in repository https://gitbox.apache.org/repos/asf/cxf.git
The following commit(s) were added to refs/heads/3.6.x-fixes by this push:
new ac05c764db Updating wsdl_first_https README
ac05c764db is described below
commit ac05c764dbf05552d97f34ee1ed07fe77379d7ff
Author: Colm O hEigeartaigh <[email protected]>
AuthorDate: Wed Nov 19 07:01:22 2025 +0000
Updating wsdl_first_https README
(cherry picked from commit 12104d6999c1771c9f94a327061e029b01deef46)
(cherry picked from commit 1b85c5ad21a164c91919c93b7e476ba06782b45a)
---
.../main/release/samples/wsdl_first_https/README.txt | 17 -----------------
1 file changed, 17 deletions(-)
diff --git a/distribution/src/main/release/samples/wsdl_first_https/README.txt
b/distribution/src/main/release/samples/wsdl_first_https/README.txt
index 7943607a1b..d0bc9e9a25 100644
--- a/distribution/src/main/release/samples/wsdl_first_https/README.txt
+++ b/distribution/src/main/release/samples/wsdl_first_https/README.txt
@@ -46,20 +46,6 @@ Scenario 2: (-Psecure.client)
Same as above, except this time "SecureClient.xml", which contains the
appropriate credential information. This SOAP call will succeed here.
-In this configuration file, the client provides its certificate "CN=Wibble"
-and chain stored in the Java KeyStore "certs/wibble.jks" to the server. The
-server authenticates the client's certificate using its truststore
-"certs/truststore.jks", which holds the Certificate Authorities'
-certificates.
-
-Likewise the client authenticates the server's certificate "CN=Cherry"
-and chain against the same trust store. Note the usage of the
-cipherSuitesFilter configuration in the configuration files,
-where each party imposes different ciphersuites constraints, so that the
-ciphersuite eventually negotiated during the TLS handshake is acceptable
-to both sides. This may be viewed by adding a -Djavax.net.debug=all
-argument to the JVM.
-
But please note that it is not advisable to store sensitive data such
as passwords in clear text configuration files, unless the
file is sufficiently protected by OS level permissions. The KeyStores
@@ -83,7 +69,4 @@ possibly be disassembled. Typically the password would be
obtained at
runtime by prompting for the password. The approach taken here is for
demonstration purposes only.
-Certificates:
-See the src/main/config folder for the sample keys used (don't use
-these keys in production!) as well as scripts used for their creation.
