I am trying to invoke a Web Service over SSL, from a tomee 1.6 server, but I
get a SSLHandshakeError. The problem is that the certificate is self signed,
and is not recognized by my JVM. As it is only for test purpose, and not
production, I have been asked to bypass the certificate control. I read a
lot of stuff about how to proceed, and I have written two classes
(NaiveSSLContext and NaiveSSLSocketFactory) which purpose is to replace the
default check process.
My problem is that I don't know how to tell tomme to use these classes. I
have tried this one :
/javax.net.ssl.HttpsURLConnection.setDefaultSSLSocketFactory( new
NaiveSSLSocketFactory());/
but it doesn't work. My NaiveSSLSocketFactory is never called.
I have read that CXF client had a little more configuration to do :
/<http-conf:conduit name="*.http-conduit" >
<http-conf:tlsClientParameters
useHttpsURLConnectionDefaultSslSocketFactory="true"
/>
</http-conf:conduit>/
I don't know how to proceed, because CXF is embedded inside Tomee, and I
can't find any configuration file where to add this code.
--
View this message in context:
http://tomee-openejb.979440.n4.nabble.com/How-to-bypass-Check-of-SSL-certificate-tp4676657.html
Sent from the TomEE Users mailing list archive at Nabble.com.
