Hi,
you can take a look on:
http://cxf.apache.org/docs/client-http-transport-including-ssl-support.html
Especially, you will find the <http:tlsClientParameters/> where you define the
SSL configuration for the http-conduit (the client part of CXF).
Regards
JB
On 07/13/2017 11:27 AM, erwan wrote:
Hi all,
We are facing some issues for configuring SSL for CXF as a HTTPS *client*.
Our environment is karaf 4.0.8, cxf 3.1.9.
The page
https://cxf.apache.org/docs/client-http-transport-including-ssl-support.html#ClientHTTPTransport(includingSSLsupport)-ConfiguringSSLSupport
(Section "Configuring SSL Support") explains how to do that when using
Spring.
However we don’t use Spring; just karaf & CXF.
So we tried with the "-Djavax.net.ssl.trustStore" and
"-Djavax.net.ssl.trustStorePassword" stuff, with no success :
Caused by: javax.ws.rs.ProcessingException:
javax.net.ssl.SSLHandshakeException: SSLHandshakeException invoking
https://[...]: sun.security.validator.ValidatorException: PKIX path building
failed: sun.security.provider.certpath.SunCertPathBuilderException: unable
to find valid certification path to requested target
[...]
at
org.apache.cxf.jaxrs.client.WebClient.doChainedInvocation(WebClient.java:1035)[93:org.apache.cxf.cxf-rt-rs-client:3.1.9]
at
org.apache.cxf.jaxrs.client.WebClient.doInvoke(WebClient.java:892)[93:org.apache.cxf.cxf-rt-rs-client:3.1.9]
at
org.apache.cxf.jaxrs.client.WebClient.doInvoke(WebClient.java:863)[93:org.apache.cxf.cxf-rt-rs-client:3.1.9]
at
org.apache.cxf.jaxrs.client.WebClient.invoke(WebClient.java:426)[93:org.apache.cxf.cxf-rt-rs-client:3.1.9]
at
org.apache.cxf.jaxrs.client.WebClient$SyncInvokerImpl.method(WebClient.java:1562)[93:org.apache.cxf.cxf-rt-rs-client:3.1.9]
at
org.apache.cxf.jaxrs.client.WebClient$SyncInvokerImpl.method(WebClient.java:1557)[93:org.apache.cxf.cxf-rt-rs-client:3.1.9]
at
org.apache.cxf.jaxrs.client.spec.InvocationBuilderImpl.method(InvocationBuilderImpl.java:115)[93:org.apache.cxf.cxf-rt-rs-client:3.1.9]
at
org.apache.cxf.jaxrs.client.spec.InvocationBuilderImpl$InvocationImpl.invoke(InvocationBuilderImpl.java:334)[93:org.apache.cxf.cxf-rt-rs-client:3.1.9]
[...]
So how do we configure SSL (truststore) for the CXF HTTPS client ?
Thanks,
--
View this message in context:
http://karaf.922171.n3.nabble.com/Karaf-SSL-CXF-Client-https-tp4050999.html
Sent from the Karaf - User mailing list archive at Nabble.com.
--
Jean-Baptiste Onofré
jbono...@apache.org
http://blog.nanthrax.net
Talend - http://www.talend.com