> Colm : I did add the certificates to for e.g. in the Firefox explicitly.
Yes, you added the certificates so that the browser trusted the service endpoint. However, as I explained in my previous mail, the service endpoint requires that the client presents its own certificate + private key for client authentication, hence the failure. Colm. On Mon, Jun 25, 2012 at 2:51 PM, Himanshu Gupta <[email protected]>wrote: > Hello Guys, > > Colm : I did add the certificates to for e.g. in the Firefox explicitly. > > Following http://aruld.info/programming-ssl-for-jetty-based-cxf-services/ for > my Dynamic Client, I try to do somthing like below : > > 1. JaxWsDynamicClientFactory dcf = JaxWsDynamicClientFactory.newInstance(); > 2. Client client = dcf.createClient(" > https://localhost:9001/ApexCollateral/ing/services/wss/agreementDemo/2.0?wsdl > "); > 3. configureSSLOnTheClient(client); > 4. Object[] res = client.invoke("getAgreementDemoIdentifier", new > Integer(1)); > > Theoretically it should have worked, but it fails with an exception like > "org.apache.cxf.service.factory.ServiceConstructionException: Could not > resolve URL "https://localhost:9001/someService/2.0?wsdl".";, while > excetuing *line number 2 (*logs attached*) *that is even before line 3 > where I could setup the truststore, manually. > > I really want to use the Dynamic Client approach in the test cases to test > my web services. I assume, along with the testing services, with this > approach I also validate auto code generation for clients, which would be > used eventually by the consumers (by exposed wsdls). > > Please help, > > Thanks, > Himanshu. > > > On Mon, Jun 25, 2012 at 2:51 PM, Glen Mazza <[email protected]> wrote: > >> Personally, for SSL, I would recommend using a standalone servlet >> container like Tomcat to host your web service (http://www.jroller.com/** >> gmazza/entry/ssl_for_web_**services<http://www.jroller.com/gmazza/entry/ssl_for_web_services>), >> I wouldn't rely on Endpoint.publish() for production, especially if you're >> using SSL. >> >> For your dynamic client, as the link above mentions, the certs will need >> to be in the "cacerts" file used by the JRE that is running the dynamic >> client--or another truststore file that you configure--the browser is >> irrelevant as it's not being used there. >> >> HTH, >> Glen >> >> >> On 06/25/2012 07:46 AM, Himanshu Gupta wrote: >> >>> Hello Experts, >>> >>> Quite new to CXF, having a usecase where I need to expose our existing >>> services as webservices. App is a standalone server, so am using embedded >>> jetty with https. Everything works fine, except that when I hit the >>> server >>> with the wsdl url through a browser (any browser), I get >>> "javax.net.ssl.**SSLHandshakeException: no cipher suites in common". >>> >>> This could be reproduced if you just run the wsdl_first_https server and >>> hit the url >>> https://localhost:9001/**SoapContext/SoapPort?wsdl<https://localhost:9001/SoapContext/SoapPort?wsdl>. >>> Please help >>> escape this problem. >>> >>> Also the client in the wsdl_first_https works. But if I try to use the >>> Dynamic Client (thats a requirement), it fails as well, as it could not >>> find the wsdl. The Dynamic client looks somthing like below : >>> >>> >>> JaxWsDynamicClientFactory dcf = JaxWsDynamicClientFactory.** >>> newInstance(); >>> Client client = dcf.createClient(" >>> https://localhost:443/**someservice/2.0?wsdl<https://localhost:443/someservice/2.0?wsdl> >>> <https://**localhost/someservice/2.0?wsdl<https://localhost/someservice/2.0?wsdl> >>> **> >>> >>> "); >>> Object[] res = client.invoke(jnew >>> QName("http://someNameSpace/<h**ttp://somenamespace/<http://somenamespace/> >>> >", >>> >>> "getSomeIdentifier"), new Integer(1)); >>> >>> PS : I have already tried adding the certs to the browser. >>> >>> Thanks in Advance, >>> >>> >> >> -- >> Glen Mazza >> Talend Community Coders >> coders.talend.com >> blog: www.jroller.com/gmazza >> >> > > > -- > Himanshu Gupta. > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
