Colm : I did add the certificates to for e.g. in the Firefox explicitly.
Yes, you added the certificates so that the browser trusted the service
endpoint. However, as I explained in my previous mail, the service endpoint
requires that the client presents its own certificate + private key for
client authentication, hence the failure.
Colm.
On Mon, Jun 25, 2012 at 2:51 PM, Himanshu Gupta<[email protected]
wrote:
Hello Guys,
Colm : I did add the certificates to for e.g. in the Firefox explicitly.
Following
http://aruld.info/programming-ssl-for-jetty-based-cxf-services/ for
my Dynamic Client, I try to do somthing like below :
1. JaxWsDynamicClientFactory dcf =
JaxWsDynamicClientFactory.newInstance();
2. Client client = dcf.createClient("
https://localhost:9001/ApexCollateral/ing/services/wss/agreementDemo/2.0?wsdl
");
3. configureSSLOnTheClient(client);
4. Object[] res = client.invoke("getAgreementDemoIdentifier", new
Integer(1));
Theoretically it should have worked, but it fails with an exception like
"org.apache.cxf.service.factory.ServiceConstructionException: Could not
resolve URL "https://localhost:9001/someService/2.0?wsdl".";, while
excetuing *line number 2 (*logs attached*) *that is even before line 3
where I could setup the truststore, manually.
I really want to use the Dynamic Client approach in the test cases to
test
my web services. I assume, along with the testing services, with this
approach I also validate auto code generation for clients, which would be
used eventually by the consumers (by exposed wsdls).
Please help,
Thanks,
Himanshu.
On Mon, Jun 25, 2012 at 2:51 PM, Glen Mazza<[email protected]> wrote:
Personally, for SSL, I would recommend using a standalone servlet
container like Tomcat to host your web service (
http://www.jroller.com/**
gmazza/entry/ssl_for_web_**services<
http://www.jroller.com/gmazza/entry/ssl_for_web_services>),
I wouldn't rely on Endpoint.publish() for production, especially if
you're
using SSL.
For your dynamic client, as the link above mentions, the certs will need
to be in the "cacerts" file used by the JRE that is running the dynamic
client--or another truststore file that you configure--the browser is
irrelevant as it's not being used there.
HTH,
Glen
On 06/25/2012 07:46 AM, Himanshu Gupta wrote:
Hello Experts,
Quite new to CXF, having a usecase where I need to expose our existing
services as webservices. App is a standalone server, so am using
embedded
jetty with https. Everything works fine, except that when I hit the
server
with the wsdl url through a browser (any browser), I get
"javax.net.ssl.**SSLHandshakeException: no cipher suites in common".
This could be reproduced if you just run the wsdl_first_https server
and
hit the url https://localhost:9001/**SoapContext/SoapPort?wsdl<
https://localhost:9001/SoapContext/SoapPort?wsdl>.
Please help
escape this problem.
Also the client in the wsdl_first_https works. But if I try to use the
Dynamic Client (thats a requirement), it fails as well, as it could not
find the wsdl. The Dynamic client looks somthing like below :
JaxWsDynamicClientFactory dcf = JaxWsDynamicClientFactory.**
newInstance();
Client client = dcf.createClient("
https://localhost:443/**someservice/2.0?wsdl<
https://localhost:443/someservice/2.0?wsdl>
<https://**localhost/someservice/2.0?wsdl<
https://localhost/someservice/2.0?wsdl>
**>
");
Object[] res = client.invoke(jnew
QName("http://someNameSpace/<h**ttp://somenamespace/<
http://somenamespace/>
",
"getSomeIdentifier"), new Integer(1));
PS : I have already tried adding the certs to the browser.
Thanks in Advance,
--
Glen Mazza
Talend Community Coders
coders.talend.com
blog: www.jroller.com/gmazza
--
Himanshu Gupta.
--
Colm O hEigeartaigh
Talend Community Coder
http://coders.talend.com
