Looks like I am getting closer here. Now I get this error.
Do I need to add something to the server code to instantiate a SSL context? M Goodell Warning: pdc4uwebservicestest\serverKey.rsa modified in the future. Warning: pdc4uwebservicestest\serverKey.rsa modified in the future. Copying 1 file to C:\Development\Java\PDC4U\pdc4uwebservicestest\build\classes compile: run: Oct 25, 2006 2:09:40 PM org.apache.commons.httpclient.HttpMethodDirector executeWithRetry INFO: I/O exception (java.net.SocketException) caught when processing request: Default SSL context init failed: null Oct 25, 2006 2:09:40 PM org.apache.commons.httpclient.HttpMethodDirector executeWithRetry INFO: Retrying request -----Original Message----- From: Tomek Sztelak [mailto:[EMAIL PROTECTED] Sent: Wednesday, October 25, 2006 12:46 PM To: [email protected] Subject: Re: [xfire-user] SSL Problem First you must export public key from server keystore : keytool -export -alias <SERVER_ALIAS> -file serverKey.rsa -keystore .keystore -storepass password serverKey.rsa will be created in current folder, so then you can import it in client keystore: keytool -import -alias <ALIAS> -file serverKey.rsa -keystore clientStore.jks -storepass password Then you can run client with params : -Djavax.net.ssl.keyStore=clientStore.ks -Djavax.net.ssl.keyStorePassword=password On 10/25/06, M Goodell <[EMAIL PROTECTED]> wrote: > Please bear with me here: > > 1. I created a private key and and imported it into a custom keystore: > > 2. Made changes to the server.xml file like: > > keystoreFile="/usr/local/tomcat5.5/keystore/.keystore" > keystorePass="password" /> > > 3. Tested Tomcat and the SSL connectivity works fine. > > 4. Question on item 4: How do I import the server key into the client? > Server is FreeBSD - Client system in Windows > > -----Original Message----- > From: Tomek Sztelak [mailto:[EMAIL PROTECTED] > Sent: Wednesday, October 25, 2006 12:22 PM > To: [email protected] > Subject: Re: [xfire-user] SSL Problem > > > Hi > Yes, my services works using https. You probably have some cert > configuration problems. > What i did for debug environment : > 1. generate private key for server and import it into keystore > 2. configure sever to use this private key ( small modification in > tomcat config ) > 3. import server public key into client keystore > 4. configure client to use public key with e.gl > -Djavax.net.ssl.keyStore=keystore.ks > -Djavax.net.ssl.keyStorePassword=Password > > > On 10/25/06, M Goodell <[EMAIL PROTECTED]> wrote: > > We are tying to run our XFire service under SSL and are experiencing > > trouble. We have done some research on the exception being throw and it > > indicated we need to add our cert into the trusted store which we have > done > > to no avail. > > > > Here is the error message: > > > > Oct 25, 2006 12:06:44 PM org.codehaus.xfire.transport.http.HttpChannel > > sendViaClient > > SEVERE: javax.net.ssl.SSLHandshakeException: > > sun.security.validator.ValidatorException: PKIX path building failed: > > sun.security.provider.certpath.SunCertPathBuilderException: unable to find > > valid certification path to requested target > > Exception in thread "main" org.codehaus.xfire.XFireRuntimeException: Could > > not invoke service.. Nested exception is > > org.codehaus.xfire.fault.XFireFault: Couldn't send message. > > org.codehaus.xfire.fault.XFireFault: Couldn't send message. > > > > Does anyone have any experience running a service under SSL successfully > > they are willing to share? > > > > M Goodell > > > > > > --------------------------------------------------------------------- > > To unsubscribe from this list please visit: > > > > http://xircles.codehaus.org/manage_email > > > > > > > -- > ----- > When one of our products stops working, we'll blame another vendor > within 24 hours. > > --------------------------------------------------------------------- > To unsubscribe from this list please visit: > > http://xircles.codehaus.org/manage_email > > > > -- > No virus found in this incoming message. > Checked by AVG Free Edition. > Version: 7.1.408 / Virus Database: 268.13.11/496 - Release Date: 10/24/2006 > > > > --------------------------------------------------------------------- > To unsubscribe from this list please visit: > > http://xircles.codehaus.org/manage_email > > -- ----- When one of our products stops working, we'll blame another vendor within 24 hours. --------------------------------------------------------------------- To unsubscribe from this list please visit: http://xircles.codehaus.org/manage_email -- No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.1.408 / Virus Database: 268.13.11/496 - Release Date: 10/24/2006 --------------------------------------------------------------------- To unsubscribe from this list please visit: http://xircles.codehaus.org/manage_email
