I will make some test to verify the configuration as provider.
Guillaume Nodet ha scritto:
Have you found more informations on that ?
Thomas has a better knowledge on SSL than I do, so maybe
he could help there.
On 4/17/07, Gianfranco Boccalon <[EMAIL PROTECTED]> wrote:
Hi,
I have a question on the HTTP BC acting as provider using SSL.
On the site there is the following sample configuration:
<http:endpoint service="testSsl:MyProviderService"
endpoint="myProvider"
role="provider"
locationURI="https://localhost:8193/Service/";>
<http:ssl>
<http:sslParameters
keyStore="classpath:org/apache/servicemix/http/server.keystore"
keyStorePassword="password"
trustStore="classpath:org/apache/servicemix/http/client.keystore"
trustStorePassword="password"/>
</http:ssl>
</http:endpoint>
The parameters keyStore, keyStorePassword, trustStore,
trustStorePassword are all mandatory ?
The documentation says that only keyStore and keyStorePassword are
mandatory, but I suppose that this is true only for the BC acting as a
consumer.
If the BC acts as a provider I suppose that only the trustStore,
trustStorePassword are mandatory, because with SSL the external
webservice invoked send always a certificate before initiating the
comunication, and the HTTP BC has to trust this certificate.
Moreover, if the client authentication is required (or optional) on the
external web service, I suppose that we can configure also the
properties keyStore and keyStorePassword, to allow the HTTP BC sending a
certificate for authenticate itself.
Is this right ?
--
Gianfranco Boccalon
Engineering Ingegneria Informatica S.p.A.
Direzione Centrale Ricerca e Innovazione
Direzione Architetture e Consulenza
35127 PADOVA
Corso Stati Uniti 23/I
Tel. +39.049.8692508
Cell. 335.7813507
Fax +39.049.8692566
E-mail: [EMAIL PROTECTED]
