Have you found more informations on that ? Thomas has a better knowledge on SSL than I do, so maybe he could help there.
On 4/17/07, Gianfranco Boccalon <[EMAIL PROTECTED]> wrote:
Hi, I have a question on the HTTP BC acting as provider using SSL. On the site there is the following sample configuration: <http:endpoint service="testSsl:MyProviderService" endpoint="myProvider" role="provider" locationURI="https://localhost:8193/Service/";> <http:ssl> <http:sslParameters keyStore="classpath:org/apache/servicemix/http/server.keystore" keyStorePassword="password" trustStore="classpath:org/apache/servicemix/http/client.keystore" trustStorePassword="password"/> </http:ssl> </http:endpoint> The parameters keyStore, keyStorePassword, trustStore, trustStorePassword are all mandatory ? The documentation says that only keyStore and keyStorePassword are mandatory, but I suppose that this is true only for the BC acting as a consumer. If the BC acts as a provider I suppose that only the trustStore, trustStorePassword are mandatory, because with SSL the external webservice invoked send always a certificate before initiating the comunication, and the HTTP BC has to trust this certificate. Moreover, if the client authentication is required (or optional) on the external web service, I suppose that we can configure also the properties keyStore and keyStorePassword, to allow the HTTP BC sending a certificate for authenticate itself. Is this right ? -- Gianfranco Boccalon Engineering Ingegneria Informatica S.p.A. Direzione Centrale Ricerca e Innovazione Direzione Architetture e Consulenza 35127 PADOVA Corso Stati Uniti 23/I Tel. +39.049.8692508 Cell. 335.7813507 Fax +39.049.8692566 E-mail: [EMAIL PROTECTED]
-- Cheers, Guillaume Nodet ------------------------ Principal Engineer, IONA Blog: http://gnodet.blogspot.com/
