Check this post http://blogs.oracle.com/andreas/entry/no_more_unable_to_find
HTH
On 11/05/11 21:26, Roberto Juárez Maldonado wrote:
Hi everybody,
I need to create a client of a web service which runs under a Tomcat
requiring https protocol; i.e. the url of the service is something
like https://host:port/someService. The Tomcat uses self-signed
certificates. I have found examples on the Internet which say that
with Axis 1 that was easy to do using the
org.apache.axis.components.net.SunFakeTrustSocketFactory class.
However, with Axis 2 it seems not that easy.
Looks like there are three options.
1.- Manually download the certificate file and programmatically
instruct the client (the protocol used by the client to be correct) to
access the certificate with code like this
Protocol protocol = new Protocol ("https", new
AuthSSLProtocolSocketFactory (new URL("keystore URL"), "password", new
URL("truststore URL"), "password"), 443);
2.- Programatically attempt at http://host:port/someService and, after
receiving a response like "302 Temporarily moved...", programatically
download the certificate and continue like option 1. I have seen the
SoapUI tool to behave like this. I still haven't figured out how to do
that but there must be a way to implement this.
3.- Register an implementation of the
org.apache.commons.httpclient.protocol.SecureProtocolSocketFactorywhich does
not require a certificate. I know about the
org.apache.commons.httpclient.contrib.ssl.EasySSLProtocolSocketFactoryclass,
but this is not part of the standard distribution of the httpclient
(Apache Commons) which comes with Axis2. The code would be sth like this
Protocol./unregisterProtocol/("https");
Protocol./registerProtocol/("https", *new*Protocol("https",
*new*EasySSLProtocolSocketFactory(), 443));
Unfortunatelly option 1 is unworkable for me due to the fact that
certificates are changed at the server frequently. Option 3 is the
last resort. Option 2 is for me the ideal one. Has anybody implemented
sth like option 2?
Thanks a lot in advance.
/Roberto.
