Hi,

http:conduit is used for client side configuration, your http:conduit configuration here is enable a client to connect a https service, but not enable a https service. If I understand your requirement correctly, you want to run cxf service in tomcat container over https transport, you need check with tomcat docs to see how to configure tomcat to support https.

Freeman
On 2011-2-3, at 下午4:36, HHendriks wrote:


Hello,

I want to be able to run my service over SSL. I've created a simple service
and added the following http-conduit to my applicationContext-cxf.xml:

        <!-- Webservice endpoints -->
<jaxws:endpoint id="calendarWebService" implementor="#calendarService"
                address="/CalendarService">
        </jaxws:endpoint>

        <http:conduit name="*.http-conduit">
                <http:tlsClientParameters>
                        <sec:keyManagers keyPassword="server">
                                <sec:keyStore type="JKS" password="server"
file="src/main/java/resources/certificates/ server_keystore.jks" />
                        </sec:keyManagers>
                        <sec:trustManagers>
                                <sec:keyStore type="JKS" password="server"
file="src/main/java/resources/certificates/ server_truststore.jks" />
                        </sec:trustManagers>
                        <sec:cipherSuitesFilter>
<!-- these filters ensure that a ciphersuite with export- suitable or
                                        null encryption is used, but exclude 
anonymous Diffie-Hellman key
change
                                        as this is vulnerable to man-in-the-middle 
attacks -->
                                <sec:include>.*_EXPORT_.*</sec:include>
                                <sec:include>.*_EXPORT1024_.*</sec:include>
                                <sec:include>.*_WITH_DES_.*</sec:include>
                                <sec:include>.*_WITH_NULL_.*</sec:include>
                                <sec:exclude>.*_DH_anon_.*</sec:exclude>
                        </sec:cipherSuitesFilter>
                </http:tlsClientParameters>
                <http:authorization>
                        <sec:UserName>Betty</sec:UserName>
                        <sec:Password>Ugly</sec:Password>
                </http:authorization>
                <http:client AutoRedirect="true" Connection="Keep-Alive" />
        </http:conduit>

When i deploy the service, i can get the wsdl with any certificate request or anything. I also see no logging of somekind that an SSL connection is
setup for the service.

Can anyone tell me what I'm doing wrong?

I'm running on Spring 3.0.5.RELEASE with CXF 2.2.3 and deploying on Tomcat
6.0.29

Best regards!
--
View this message in context: 
http://cxf.547215.n5.nabble.com/Http-conduit-isn-t-picked-up-tp3368957p3368957.html
Sent from the cxf-user mailing list archive at Nabble.com.


--
Freeman Fang

------------------------

FuseSource: http://fusesource.com
blog: http://freemanfang.blogspot.com
twitter: http://twitter.com/freemanfang
Apache Servicemix:http://servicemix.apache.org
Apache Cxf: http://cxf.apache.org
Apache Karaf: http://karaf.apache.org
Apache Felix: http://felix.apache.org

Reply via email to