Any reason why you are explicitly setting up the SSLContext in this way? CXF will take care of this for you. See the following test for an example:
https://git-wip-us.apache.org/repos/asf?p=cxf.git;a=blob;f=systests/transports/src/test/java/org/apache/cxf/systest/https/conduit/HTTPSConduitTest.java;h=2f6844971dfc78854dc76870b267391e2be087ac;hb=HEAD You can create a TLSClientParameters Object to hold your keystore/truststore files, and just set that on the HTTPConduit: Client client = ClientProxy.getClient(proxy); HTTPConduit http = (HTTPConduit) client.getConduit(); http.setTlsClientParameters(tlsClientParameters); Colm. On Wed, Feb 17, 2016 at 2:39 PM, Rubin <[email protected]> wrote: > hi, > I'm creating a client with ssl certificate. > using this code: > ((BindingProvider) > port).getRequestContext().put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, > interfaceParameters.getUrl()); > Client client = > ClientProxy.getClient(port); > > HTTPConduit httpConduit = (HTTPConduit) > ((org.apache.cxf.endpoint.Client) client).getConduit(); > > SSLClientParameters sParams = new SSLClientParameters(); > > sParams.setTrustpass("test");//set keystore password > sParams.setfileName("test.jks"); > > httpConduit.setTlsClientParameters(sParams.getTLSClientParameters()); > > /*sParams is :*/ > > public TLSClientParameters getTLSClientParameters() { > TLSClientParameters tlsParams = new TLSClientParameters(); > SSLContext context = getSSlContext(); > tlsParams.setSSLSocketFactory(context.getSocketFactory()); > return tlsParams; > } > > private SSLContext getSSlContext() { > SSLContext sslContext = null; > try { > String filePath = "c:/temp/"; > filePath = filePath + fileName; > File pKeyFile = new File(filePath); > String pKeyPassword = trustpass; > KeyManagerFactory keyManagerFactory = > KeyManagerFactory.getInstance("SunX509"); > // Depends on the format that the keystore was > created (currently > // JKS format) > KeyStore keyStore = KeyStore.getInstance("JKS"); > // Loading the keystore from disk to object > InputStream keyInput = new > FileInputStream(pKeyFile); > keyStore.load(keyInput, > pKeyPassword.toCharArray()); > keyInput.close(); > keyManagerFactory.init(keyStore, > pKeyPassword.toCharArray()); > > TrustManager[] trustManagers = null; > > trustManagers = getTrustedManagers(); > > sslContext = SSLContext.getInstance("TLS"); > > sslContext.init(keyManagerFactory.getKeyManagers(), trustManagers, new > SecureRandom()); > } > catch (Exception e) { > e.printStackTrace(); > } > System.out.println("> sslContext: " + sslContext); > > return sslContext; > } > > > when I'm running this client it works fine for the first call, but the > other > calls failed with read time out. > when I'm waiting -stopping the code (by breakpoint), if I'm waiting till I > see this : > Keep-Alive-Timer, called close() > Keep-Alive-Timer, called closeInternal(true) > Keep-Alive-Timer, SEND TLSv1 ALERT: warning, description = close_notify > Keep-Alive-Timer, WRITE: TLSv1 Alert, length = 32 > Keep-Alive-Timer, called closeSocket(selfInitiated) > > and then go on, the next call again works fine:). > > it's look like that I have to increase the time out for this. > > any idea about it? > > thanks in advance! > > > > > > > -- > View this message in context: > http://cxf.547215.n5.nabble.com/how-to-set-Keep-Alive-client-using-ssl-tp5765983.html > Sent from the cxf-user mailing list archive at Nabble.com. > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
