axis-c-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dumindu Pallewela" <pallew...@gmail.com>
Subject Re: HTTPS support -- different implementation from AXIS-J
Date Wed, 13 Feb 2008 08:51:50 GMT
Hi Senaka,

Yes, that's why I said that he can directly use the server certificate :)

However, in axis2 manual, what is referred to as the certificate chain
file has nothing to do with CA verification, but client
authentication. This is the file which has both the client certificate
and client private key.

Regards,
Dumindu.

On Feb 13, 2008 2:08 PM, Senaka Fernando <senaka@wso2.com> wrote:
> Hi Dumindu,
>
> We've done some modifications to CA cert verification. There Vivi would
> not want to store the entire cert chain locally.
>
> Regards,
> Senaka
>
>
> > Hi Vivian,
> >
> >>
> >> (1) I looked at the manuals you refered to, it seems to me that I will
> >> need
> >> to re-compile the AXIS2/c to enable ssl. My question is this, is the
> >> downloaded binary from AXIS2/c side SSL enabled?
> >
> > No, you have to compile source with --enable-openssl option set.
> >
> >>
> >> (2) Now suppose I have an AXIS2/c based client, and an AXIS-j (v1.4) +
> >> TOMCAT based server component, will the HTTPS continue to work if I set
> >> up
> >> key chain file for the client and set up keystore file for the
> >> AXIS-J/TOMCAT
> >> based server? Did anyone ever test this senario? and how to test?
> >
> > Well, I haven't tested this particular scenario myself and I'm not
> > sure if someone else has tested it already either. But we have tested
> > our https transport againts other servers and there is no reason that
> > I can think of, why it would fail for TOMCAT.
> >
> > Of course you are welcome to test this scenario, I can help you with
> > setting up the axis2/c client, but I am not sure how TOMCAT should be
> > dealt with. However, if you can set up https for TOMCAT somehow, you
> > can check if it is working properly, by pointing your browser to the
> > end point url.
> >
> > Then  the easiest way to configure AXIS2/C client is to provide the
> > same server certificate that you have used in TOMCAT server for the
> > SERVER_CERT parameter in axis2.xml. Note that there is no need for a
> > key-chain file or a pass-phrase if you do not want client
> > authentication.
> >
> >
> > HTH,
> > Dumindu.
> >
> > --
> > Dumindu Pallewela
> > http://blog.dumindu.com
> > GPG ID: 0x9E131672
> >
> > WSO2 | "Oxygenating the Web Service Platform" | http://wso2.com
> >
>
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: axis-c-dev-unsubscribe@ws.apache.org
> > For additional commands, e-mail: axis-c-dev-help@ws.apache.org
> >
> >
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-c-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-c-dev-help@ws.apache.org
>
>



-- 
Dumindu Pallewela
http://blog.dumindu.com
GPG ID: 0x9E131672

WSO2 | "Oxygenating the Web Service Platform" | http://wso2.com

---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-dev-help@ws.apache.org


Mime
View raw message