[jira] [Commented] (CXF-5652) WebClient with SSL: javax.net.ssl.SSLHandshakeException handshake_failure

Wed, 26 Mar 2014 06:02:12 -0700 

    [ 
https://issues.apache.org/jira/browse/CXF-5652?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13947877#comment-13947877
 ] 

Vjacheslav Borisov commented on CXF-5652:
-----------------------------------------

Of course I can get values from System.getProperty:
but why is this step required?
https://github.com/bystrobank/testappjava/blob/master/src/main/java/ru/ilb/testappjava/DocumentResourceAuth.java

            KeyStore keyStore = KeyStore.getInstance("JKS");
            String trustpass = 
System.getProperty("javax.net.ssl.keyStorePassword");

            File truststore = new 
File(System.getProperty("javax.net.ssl.keyStore"));
            keyStore.load(new FileInputStream(truststore), 
trustpass.toCharArray());

            KeyStore ts = KeyStore.getInstance("JKS");

            truststore = new 
File(System.getProperty("javax.net.ssl.trustStore"));
            ts.load(new FileInputStream(truststore), "".toCharArray());

            Client client = ClientBuilder.newBuilder().keyStore(keyStore, 
trustpass).
                    trustStore(ts).build();


> WebClient with SSL: javax.net.ssl.SSLHandshakeException handshake_failure
> -------------------------------------------------------------------------
>
>                 Key: CXF-5652
>                 URL: https://issues.apache.org/jira/browse/CXF-5652
>             Project: CXF
>          Issue Type: Improvement
>          Components: JAX-RS
>    Affects Versions: 3.0.0-milestone2
>            Reporter: Vjacheslav Borisov
>            Priority: Minor
>
> I got error when using WebClient with SSL using client certificate:
> javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure 
> I found a way to fix this error
>             KeyStore keyStore = KeyStore.getInstance("JKS");
>             String trustpass = "chageit";
>             File truststore = new 
> File("/home/slavb/.java/deployment/security/trusted.clientcerts");
>             keyStore.load(new FileInputStream(truststore), 
> trustpass.toCharArray());
>             KeyStore ts = KeyStore.getInstance("JKS");
>             truststore = new File("/etc/ssl/certs/trusted.cacerts");
>             ts.load(new FileInputStream(truststore), "".toCharArray());
>             Client client = ClientBuilder.newBuilder().keyStore(keyStore, 
> trustpass).
>                     trustStore(ts).build();
> And I have question, why WebClient is not working like embedded in java 
> URLConnection or 
> apache http client when I specify system properties
> -Djavax.net.ssl.trustStore=/etc/ssl/certs/trusted.cacerts 
> -Djavax.net.ssl.keyStore=/home/slavb/.java/deployment/security/trusted.clientcerts
>  
> -Djavax.net.ssl.keyStorePassword=changeit
> (i got error javax.net.ssl.SSLHandshakeException: Received fatal alert: 
> handshake_failure when using SSL web client)
> Why it is need to configure ssl in code?



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Reply via email to