Hi all,
I am working on my first cxf based project and i have some questions about
my https configuration with
a pkcs12 certificat. On the cxf sites (including fuse) there are some
configurations sample but none of them meet my requierement. I have to use a
certificat provided by a service provider (it implements the server side of
the service and I have to impement the client). found bellow an extract of
my spring been definition.
<http:conduit
name="{http://my/project/namespace}msServicePort.http-conduit">
<http:tlsClientParameters>
<sec:keyManagers keyPassword="mypkcs12-file-pass">
<sec:keyStore type="pkcs12"
password="mypkcs12-file-pass"
file="myCert.p12"/>
</sec:keyManagers>
</http:tlsClientParameters>
<http:client AutoRedirect="true"
Connection="close"
ProxyServer="myProxyserv"
ProxyServerPort="XXXX"
ProxyServerType="HTTP"/>
</http:conduit>
As you should have notice I haven't define the "trustManagers" tag which
should look like the following
<sec:trustManagers>
<sec:keyStore type="JKS" password="msjkspass"
file="TrustMgrStore.jks"/>
</sec:trustManagers>
However I don't understand very well why I have to do this. Since the pkcs12
certiticat is not supported by the JVM, i can't import mine in a jks. So is
this trustManagers has to be configurated anyway. In this case Should i
create it empty (with keytool) or with extkeytool which support pkcs12, Is
there a default suitable value for the trustManagers ?
Also I don't want to convert my pkcs12 file to another format.
I use cxf 2.2.6
thank for help!
--
View this message in context:
http://old.nabble.com/cxf-https-http-conduit-configuration-with-pkcs12-certifcation-tp28373741p28373741.html
Sent from the cxf-user mailing list archive at Nabble.com.