I want to use https for encryption using only Server side authentication. I
created a self-signed certificated and installed it in the server.
In my client side I want to ignore the certificate validation.
I am using Jboss4.0.3sp1 application server and clientside is developed with
jboss-axis client (axis-ws4ee.jar).
I tried the following options.
1. Created trustmanager to accept anycertificates and initialized sslcontext
with my own trust manager
sample code
======
TrustManager[] trustAllCerts = new TrustManager[] {
new X509TrustManager() {
public java.security.cert.X509Certificate[]
getAcceptedIssuers() {return null; }
public void checkClientTrusted(
java.security.cert.X509Certificate[] certs, String authType) {}
public void checkServerTrusted(
java.security.cert.X509Certificate[] certs, String authType) {}
}
} ;
SSLContext context;
context = SSLContext.getInstance("SSL");
HttpsURLConnection.setDefaultSSLSocketFactory(context.getSocketFactory());
============
2. Tried to set the AxisProeprties to sunfaketrustFactory
AxisProperties.setProperty("axis.socketSecureFactory"
,"org.apache.axis.components.net.SunFakeTrustSocketFactory");
None of the above are working.
Looks like SunFakeTrustSocketFactory class was removed in JBoss4.0.3sp1-
axis-ws4ee.jar and it was availble in JBoss4.0.2- axis-ws4ee.jar
I need to fix this issue ASAP as our product needs to be released next week.
Any tip will be appreciate.
Thanks in advance,
RR
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4041456#4041456
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4041456
_______________________________________________
jboss-user mailing list
[email protected]
https://lists.jboss.org/mailman/listinfo/jboss-user
