What I do for our test environments (which are using self signed certs) is set the javax.net.ssl.trustStore (and javax.net.ssl.trustStorePassword) Java system properties to point to a keystore that has imported (and fully trusted) the cert we're using in addition to the certs stored in the JRE's root store. That way I don't have to make any code modifications between dev and prod.
On Fri, Oct 30, 2015 at 10:12 AM, jmb <[email protected]> wrote: > I am trying to invoke a Web Service over SSL, from a tomee 1.6 server, but > I > get a SSLHandshakeError. The problem is that the certificate is self > signed, > and is not recognized by my JVM. As it is only for test purpose, and not > production, I have been asked to bypass the certificate control. I read a > lot of stuff about how to proceed, and I have written two classes > (NaiveSSLContext and NaiveSSLSocketFactory) which purpose is to replace the > default check process. > My problem is that I don't know how to tell tomme to use these classes. I > have tried this one : > > /javax.net.ssl.HttpsURLConnection.setDefaultSSLSocketFactory( new > NaiveSSLSocketFactory());/ > > but it doesn't work. My NaiveSSLSocketFactory is never called. > > I have read that CXF client had a little more configuration to do : > > /<http-conf:conduit name="*.http-conduit" > > <http-conf:tlsClientParameters > useHttpsURLConnectionDefaultSslSocketFactory="true" > /> > </http-conf:conduit>/ > > I don't know how to proceed, because CXF is embedded inside Tomee, and I > can't find any configuration file where to add this code. > > > > > > -- > View this message in context: > http://tomee-openejb.979440.n4.nabble.com/How-to-bypass-Check-of-SSL-certificate-tp4676657.html > Sent from the TomEE Users mailing list archive at Nabble.com. > -- Adam Cornett [email protected] (678) 296-1150
