Thanks for your reply. Yes, the server is using a test certificate. Server has a truststore & a keystore. keystore has server's privatekey and truststore has client's publickey (stored as trustedcert).
on the client side, i have setup a client.keystore (type JKS) that contains 2 keys. One key is client's privatekey. Second key is server's publickey (stored as trustedcert) on the client side, yes.. i tried setting up the VMARGS that you are talking of. i am using myeclipse to run the client. so, under Run--> Run Configurations --> Java Application --> Client: I setup these 4 variables under "Arguments" tab. -Djavax.net.ssl.trustStore=${truststore.location} -Djavax.net.ssl.trustStorePassword=${ssl.password} -Djavax.net.ssl.keyStore =${truststore.location} -Djavax.net.ssl.keyStorePassword=${ssl.password} I defined ${truststore.location} under variables as: name: truststore.location value: C:\Clientcerts\client.keystore With this setup, it kept complaining about a very basic error. Here is the exception: java.lang.NoClassDefFoundError: =C:\Clientcerts\client.keystore If I tried the variable value as ----- value: C:/Clientcerts/client.keystore it threw a similar exception like this: Caused by: java.lang.ClassNotFoundException: =C:.Clientcerts.client.keystore I verified that i have these in there.. If you are talking of some other Java system variable setup, please let me know.. Jorge Medina-5 wrote: > > Is your server using a test certificate? If so, Have you tried setting > the Java system property "javax.net.ssl.trustStore"? > > If your server is using a certificate signed by a certificate > authority, then your certificate may have been signed using a > intermediate certificate. Your server is responsible to provide the > whole chain of certificates to get to a trusted root. (This file can > be provided by the company who signed your server certificate) > > > > On Wed, Sep 22, 2010 at 5:51 PM, Christopher Schultz > <ch...@christopherschultz.net> wrote: >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> To whom it may concern, >> >> On 9/22/2010 3:04 PM, aravidu wrote: >>> but how? this is not a webclient >> >> The class is called WebService and the identified in your code is >> "client". How is this not a client? >> >>> nor is the client running on a webserver. >> >> That's not relevant. >> >>> how can i do this? >> >> If you are using a web services API, read the API, or ask the people who >> wrote the API (not us). If you're written the code yourself, then you >> have to work with the Java API to properly configure a trust store for >> an outgoing HTTPS connection. >> >>> i tried giving the client.keystore and client.truststore in VMARGS (of >>> eclipse) but it wont work. >> >> I'm not familiar with those system properties. Are you sure they are >> meaningful? References to online documentation would be appropriate, >> here. >> >> - -chris >> -----BEGIN PGP SIGNATURE----- >> Version: GnuPG v1.4.10 (MingW32) >> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ >> >> iEYEARECAAYFAkyaenkACgkQ9CaO5/Lv0PCHEACeLXwTtBhZ0lsT22GOOV00FK9V >> mmUAn0X+1qb+Mla51Q+9EMra6uPLTUtc >> =a2cE >> -----END PGP SIGNATURE----- >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >> For additional commands, e-mail: users-h...@tomcat.apache.org >> >> > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > > -- View this message in context: http://old.nabble.com/Client-to-communicate-to-SSL-WebServices-on-tomcat-tp29780497p29785504.html Sent from the Tomcat - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org