If you CAN make a JIRA with a test case, that would be great. Would definitely help debugging it.
For a workaround, you could try using the URL for the name: <http:conduit name="https://foo.com.*";> <http:tlsClientParameters secureSocketProtocol="SSL"> ..... </http:conduit> (the .* is a pattern match for everything at http://foo.com) Dan On Fri March 27 2009 5:53:59 am Vassilis Virvilis wrote: > Hi everybody, > > I have the following regression in https usage. My previous setup in 2.1.3 > was working correctly with a custom keystore in resources. My cxf.xml was > like this > > <beans xmlns="http://www.springframework.org/schema/beans"; > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; > xmlns:sec="http://cxf.apache.org/configuration/security"; > xmlns:http="http://cxf.apache.org/transports/http/configuration"; > xsi:schemaLocation="http://cxf.apache.org/configuration/security > http://cxf.apache.org/schemas/configuration/security.xsd > http://cxf.apache.org/transports/http/configuration > http://cxf.apache.org/schemas/configuration/http-conf.xsd > http://www.springframework.org/schema/beans > http://www.springframework.org/schema/beans/spring-beans.xsd";> > > <http:conduit > name="{http://lib.biovista.com/}UserSessionManagerPort.http-conduit";> > <http:tlsClientParameters secureSocketProtocol="SSL"> > <sec:trustManagers> > <sec:keyStore resource="resources/keystore.jks" /> > </sec:trustManagers> > <sec:cipherSuitesFilter> > <sec:include>.*</sec:include> > <sec:exclude>.*_DH_anon_.*</sec:exclude> > </sec:cipherSuitesFilter> > </http:tlsClientParameters> > <http:client Connection="Keep-Alive"/> > </http:conduit> > > </beans> > > With 2.2 cxf doesn't pickup the correct keystore. It uses JRE's original > keystore. Has something changed? Can I work around the problem? > > If you think this is a good idea I will make a JIRA out of this post. > > Regards > > .bill -- Daniel Kulp [email protected] http://www.dankulp.com/blog
