Hi all, We are using CXF 2.3.0 and have a WS-Security policy that has EncryptBody & SignHeader kind of policy.
I want client & server to use different certificates and both client & server certs are signed by the same root & that is enough for me to authenticate the client. But WS-Security seems to work only if client has server's public cert in its truststore & vice versa. Is there a way I can engage a handler that can override this default certificate validation behavior? I cannot upgrade to cxf 2.4 yet. Thanks & Regards, Blue
