Hi Freeman, After some reading up I came to the same conclusion ☺ but thanks anyway. I configured tomcat to run SSL on HTTP to secure my services.
Thanks! Best regards, Hugo From: Freeman-2 [via CXF] [mailto:[email protected]] Sent: maandag 14 februari 2011 9:17 To: Hugo Hendriks Subject: Re: Http:conduit isn't picked up Hi, http:conduit is used for client side configuration, your http:conduit configuration here is enable a client to connect a https service, but not enable a https service. If I understand your requirement correctly, you want to run cxf service in tomcat container over https transport, you need check with tomcat docs to see how to configure tomcat to support https. Freeman On 2011-2-3, at 下午4:36, HHendriks wrote: > > Hello, > > I want to be able to run my service over SSL. I've created a simple > service > and added the following http-conduit to my applicationContext-cxf.xml: > > <!-- Webservice endpoints --> > <jaxws:endpoint id="calendarWebService" > implementor="#calendarService" > address="/CalendarService"> > </jaxws:endpoint> > > <http:conduit name="*.http-conduit"> > <http:tlsClientParameters> > <sec:keyManagers keyPassword="server"> > <sec:keyStore type="JKS" password="server" > file="src/main/java/resources/certificates/ > server_keystore.jks" /> > </sec:keyManagers> > <sec:trustManagers> > <sec:keyStore type="JKS" password="server" > file="src/main/java/resources/certificates/ > server_truststore.jks" /> > </sec:trustManagers> > <sec:cipherSuitesFilter> > <!-- these filters ensure that a ciphersuite with export- > suitable or > null encryption is used, but exclude anonymous Diffie-Hellman key > change > as this is vulnerable to man-in-the-middle attacks --> > <sec:include>.*_EXPORT_.*</sec:include> > <sec:include>.*_EXPORT1024_.*</sec:include> > <sec:include>.*_WITH_DES_.*</sec:include> > <sec:include>.*_WITH_NULL_.*</sec:include> > <sec:exclude>.*_DH_anon_.*</sec:exclude> > </sec:cipherSuitesFilter> > </http:tlsClientParameters> > <http:authorization> > <sec:UserName>Betty</sec:UserName> > <sec:Password>Ugly</sec:Password> > </http:authorization> > <http:client AutoRedirect="true" Connection="Keep-Alive" /> > </http:conduit> > > When i deploy the service, i can get the wsdl with any certificate > request > or anything. I also see no logging of somekind that an SSL > connection is > setup for the service. > > Can anyone tell me what I'm doing wrong? > > I'm running on Spring 3.0.5.RELEASE with CXF 2.2.3 and deploying on > Tomcat > 6.0.29 > > Best regards! > -- > View this message in context: > http://cxf.547215.n5.nabble.com/Http-conduit-isn-t-picked-up-tp3368957p3368957.html<http://cxf.547215.n5.nabble.com/Http-conduit-isn-t-picked-up-tp3368957p3368957.html?by-user=t> > Sent from the cxf-user mailing list archive at Nabble.com. -- Freeman Fang ------------------------ FuseSource: http://fusesource.com blog: http://freemanfang.blogspot.com twitter: http://twitter.com/freemanfang Apache Servicemix:http://servicemix.apache.org Apache Cxf: http://cxf.apache.org Apache Karaf: http://karaf.apache.org Apache Felix: http://felix.apache.org ________________________________ If you reply to this email, your message will be added to the discussion below: http://cxf.547215.n5.nabble.com/Http-conduit-isn-t-picked-up-tp3368957p3384107.html To unsubscribe from Http:conduit isn't picked up, click here<http://cxf.547215.n5.nabble.com/template/NamlServlet.jtp?macro=unsubscribe_by_code&node=3368957&code=aHVnby5oZW5kcmlrc0BydWJpeC5ubHwzMzY4OTU3fC0xMjgzODY3NDc5>. -- View this message in context: http://cxf.547215.n5.nabble.com/Http-conduit-isn-t-picked-up-tp3368957p3384109.html Sent from the cxf-user mailing list archive at Nabble.com.
