I don't suppose there would be any chance of you trying the 2.0.5 stuff we're voting on? http://people.apache.org/~dkulp/stage_cxf/2.0.5-incubator/
I made some changes to the TLS stuff in 2.0.5 to make it work better and with less configuration. Dan On Thursday 27 March 2008, brmaguir wrote: > Hey, > > I'm trying to communicate with a web service using Apache CXF using > TLS. When I specify TLS in the cxf.xml file using: > > <http-conf:tlsClientParameters > secureSocketProtocol="TLS"> <sec:trustManagers> > <sec:keyStore password="password" > url="file:\C:/path/to/keystore"/> </sec:trustManagers> > <sec:cipherSuitesFilter> > <sec:include>.*.*.</sec:include> > </sec:cipherSuitesFilter> > </http-conf:tlsClientParameters> > > it is failing with the following error: > > 27-Mar-2008 11:06:03 org.apache.cxf.phase.PhaseInterceptorChain > doIntercept INFO: Interceptor has thrown exception, unwinding now > org.apache.cxf.interceptor.Fault: Connection reset > at > org.apache.cxf.interceptor.AbstractOutDatabindingInterceptor.writePart >s(AbstractOutDat abindingInterceptor.java:75) > at > org.apache.cxf.interceptor.BareOutInterceptor.handleMessage(BareOutInt >erceptor.java:68 ) > at > org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseIntercepto >rChain.java:207) at > org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:254) at > org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:205) at > org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73) at > org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:135 >) at $Proxy35.login(Unknown Source) > at thirdPartyAPI.test.Test.loginAppuser(Test.java:135) > at thirdPartyAPI.test.Test.main(Test.java:61) > Caused by: com.ctc.wstx.exc.WstxIOException: Connection reset > at com.ctc.wstx.sw.BaseStreamWriter.flush(BaseStreamWriter.java:313) > at > org.apache.cxf.interceptor.AbstractOutDatabindingInterceptor.writePart >s(AbstractOutDat abindingInterceptor.java:73) > ... 9 more > Caused by: java.net.SocketException: Connection reset > at java.net.SocketInputStream.read(Unknown Source) > at com.sun.net.ssl.internal.ssl.InputRecord.readFully(Unknown Source) > at com.sun.net.ssl.internal.ssl.InputRecord.read(Unknown Source) > at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown > Source) at > com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unk >nown Source) > at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown > Source) > at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown > Source) > at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown > Source) at > sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect( >Unknown Source) > at > sun.net.www.protocol.http.HttpURLConnection.getOutputStream(Unknown > Source) > at > sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(Unkn >own Source) > at > org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleHe >adersTrustCachin g(HTTPConduit.java:1766) > at > org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.onFirstW >rite(HTTPConduit .java:1734) > at > org.apache.cxf.io.AbstractWrappedOutputStream.write(AbstractWrappedOut >putStream.java:4 2) > at com.ctc.wstx.io.UTF8Writer.flush(UTF8Writer.java:96) > at > com.ctc.wstx.sw.BufferingXmlWriter.flush(BufferingXmlWriter.java:214) > at com.ctc.wstx.sw.BaseStreamWriter.flush(BaseStreamWriter.java:311) > ... 10 more > Exception in thread "main" javax.xml.ws.soap.SOAPFaultException: > Connection reset > at > org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:175 >) at $Proxy35.login(Unknown Source) > at thirdPartyAPI.test.Test.loginAppuser(Test.java:135) > at thirdPartyAPI.test.Test.main(Test.java:61) > Caused by: org.apache.cxf.interceptor.Fault: Connection reset > at > org.apache.cxf.interceptor.AbstractOutDatabindingInterceptor.writePart >s(AbstractOutDat abindingInterceptor.java:75) > at > org.apache.cxf.interceptor.BareOutInterceptor.handleMessage(BareOutInt >erceptor.java:68 ) > at > org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseIntercepto >rChain.java:207) at > org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:254) at > org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:205) at > org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73) at > org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:135 >) ... 3 more > Caused by: com.ctc.wstx.exc.WstxIOException: Connection reset > at com.ctc.wstx.sw.BaseStreamWriter.flush(BaseStreamWriter.java:313) > at > org.apache.cxf.interceptor.AbstractOutDatabindingInterceptor.writePart >s(AbstractOutDat abindingInterceptor.java:73) > ... 9 more > Caused by: java.net.SocketException: Connection reset > at java.net.SocketInputStream.read(Unknown Source) > at com.sun.net.ssl.internal.ssl.InputRecord.readFully(Unknown Source) > at com.sun.net.ssl.internal.ssl.InputRecord.read(Unknown Source) > at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown > Source) at > com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unk >nown Source) > at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown > Source) > at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown > Source) > at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown > Source) at > sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect( >Unknown Source) > at > sun.net.www.protocol.http.HttpURLConnection.getOutputStream(Unknown > Source) > at > sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(Unkn >own Source) > at > org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleHe >adersTrustCachin g(HTTPConduit.java:1766) > at > org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.onFirstW >rite(HTTPConduit .java:1734) > at > org.apache.cxf.io.AbstractWrappedOutputStream.write(AbstractWrappedOut >putStream.java:4 2) > at com.ctc.wstx.io.UTF8Writer.flush(UTF8Writer.java:96) > at > com.ctc.wstx.sw.BufferingXmlWriter.flush(BufferingXmlWriter.java:214) > at com.ctc.wstx.sw.BaseStreamWriter.flush(BaseStreamWriter.java:311) > ... 10 more > > > When I look at the trace in wireshark it shows the outgoing message > from the CXF client as been SSLv2. The server then sends back a TCP > RST. I've also tried using "TLSv1" and "SSLv3" as the protocol but the > client uses SSLv2 regardless. > > I've also tried specifying the protocol via the code using: > > Client c = ClientProxy.getClient(port); > HTTPConduit conduit = (HTTPConduit) c.getConduit(); > TLSClientParameters params = conduit.getTlsClientParameters(); > params.setSecureSocketProtocol("TLS"); > conduit.setTlsClientParameters(params); > > This still makes no difference. > > Any ideas on what's going wrong / how to fix it? Any help would be > greatly appreciated. > > Regards, > Brendan -- J. Daniel Kulp Principal Engineer, IONA [EMAIL PROTECTED] http://www.dankulp.com/blog