IIUC Frank is explaining how to set up server 1 to use https whereas
Peter is asking how to get a web service client in the web app on
server 1 to be able to access the web service on server 2 through
https. Is this correct? If it is... I'm also not clear on what kind
of client credentials the web service client is supposed to supply to
the web service. User/password? Client certificate? Are the client
credentials always the same or are they derived from the user identity
of the web app user?
thanks
david jencks
On Dec 22, 2009, at 1:33 AM, frapien wrote:
Hi Peter
to use your new keytore, you have to
just edit connectorTomcatWebSSLConnector configuration in web console
and change the *keystoreFile from
../security/keystores/geronimo-default to your keystore
save it ans thats it
You can do the same directly in the config.xml also
Frank
Peter Schulze wrote:
Hi,
I got a rather simple problem, I think, but I don't know HOW to
solve it
in
geronimo 2.1.4.
We develop a platform solution with two Servermachines. Server 1
hosts a
Webapplication. Server 2 provides some Webservices which are used
from
different
applications. I am the rather unlucky developer who has to write the
web-application for Server 1. My Problem is as follows:
Server 2 has been reconfiguered to use SSL. When I now call the
Webservice
I get
the folowing Exception:
javax
.net
.ssl.SSLHandshakeException:sun.security.validator.ValidatorException:
PKIX path building
failed:sun.security.provider.certpath.SunCertPathBuilderException:
unable
to
find valid certification path to requested target
ok, no Problem, I have to tell the application, where to get the
certificate
from. So I go to the geronimo console and generate a new Keystore,
„myKeystore“.
I add the certificates I need for my application and then... I
don't know
how
exactly I can tell my application to access the keystore and use the
configured
certificates.
As far as I can figure it out, I'd like to put this into the
geronimo-web.xml of
my web-application, but I haven't understood the geronimo good
enough to
be sure
about this call.
Thank you for your efforts.
Peter Schulze
--
View this message in context:
http://old.nabble.com/Problem-with-SSL-connection-tp26884809s134p26885790.html
Sent from the Apache Geronimo - Dev mailing list archive at
Nabble.com.
