Thanks for your reply.
Yes, the server is using a test certificate. Server has a truststore & a
keystore. keystore has server's privatekey and truststore has client's
publickey (stored as trustedcert).
on the client side, i have setup a client.keystore (type JKS) that contains
2 keys. One key is client's privatekey. Second key is server's publickey
(stored as trustedcert)
on the client side, yes.. i tried setting up the VMARGS that you are talking
of. i am using myeclipse to run the client. so, under Run--> Run
Configurations --> Java Application --> Client: I setup these 4 variables
under "Arguments" tab.
-Djavax.net.ssl.trustStore=${truststore.location}
-Djavax.net.ssl.trustStorePassword=${ssl.password}
-Djavax.net.ssl.keyStore =${truststore.location}
-Djavax.net.ssl.keyStorePassword=${ssl.password}
I defined ${truststore.location} under variables as:
name: truststore.location
value: C:\Clientcerts\client.keystore
With this setup, it kept complaining about a very basic error. Here is the
exception:
java.lang.NoClassDefFoundError: =C:\Clientcerts\client.keystore
If I tried the variable value as ----- value: C:/Clientcerts/client.keystore
it threw a similar exception like this: Caused by:
java.lang.ClassNotFoundException: =C:.Clientcerts.client.keystore
I verified that i have these in there..
If you are talking of some other Java system variable setup, please let me
know..
Jorge Medina-5 wrote:
>
> Is your server using a test certificate? If so, Have you tried setting
> the Java system property "javax.net.ssl.trustStore"?
>
> If your server is using a certificate signed by a certificate
> authority, then your certificate may have been signed using a
> intermediate certificate. Your server is responsible to provide the
> whole chain of certificates to get to a trusted root. (This file can
> be provided by the company who signed your server certificate)
>
>
>
> On Wed, Sep 22, 2010 at 5:51 PM, Christopher Schultz
> <ch...@christopherschultz.net> wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> To whom it may concern,
>>
>> On 9/22/2010 3:04 PM, aravidu wrote:
>>> but how? this is not a webclient
>>
>> The class is called WebService and the identified in your code is
>> "client". How is this not a client?
>>
>>> nor is the client running on a webserver.
>>
>> That's not relevant.
>>
>>> how can i do this?
>>
>> If you are using a web services API, read the API, or ask the people who
>> wrote the API (not us). If you're written the code yourself, then you
>> have to work with the Java API to properly configure a trust store for
>> an outgoing HTTPS connection.
>>
>>> i tried giving the client.keystore and client.truststore in VMARGS (of
>>> eclipse) but it wont work.
>>
>> I'm not familiar with those system properties. Are you sure they are
>> meaningful? References to online documentation would be appropriate,
>> here.
>>
>> - -chris
>> -----BEGIN PGP SIGNATURE-----
>> Version: GnuPG v1.4.10 (MingW32)
>> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>>
>> iEYEARECAAYFAkyaenkACgkQ9CaO5/Lv0PCHEACeLXwTtBhZ0lsT22GOOV00FK9V
>> mmUAn0X+1qb+Mla51Q+9EMra6uPLTUtc
>> =a2cE
>> -----END PGP SIGNATURE-----
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
>> For additional commands, e-mail: users-h...@tomcat.apache.org
>>
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>
>
--
View this message in context:
http://old.nabble.com/Client-to-communicate-to-SSL-WebServices-on-tomcat-tp29780497p29785504.html
Sent from the Tomcat - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
