axis-c-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Steve Leland" <st...@pouchapond.com>
Subject Re: [jira] [Updated] (AXIS2C-1550) HTTPS using axis2c.xml or embedded axis2 lib does not work with SSL authentication?
Date Wed, 29 Jun 2011 20:01:48 GMT
This works in our axis2c.xml:
<transportSender name="https" class="axis2_http_sender">
<parameter name="PROTOCOL" locked="false">HTTP/1.1</parameter>
<parameter name="xml-declaration" insert="false"/>
</transportSender>
<parameter name="SERVER_CERT">/path/ca-file.pem</parameter>
<parameter name="KEY_FILE">/path/client.pem</parameter>

If you deploy to windows, be sure to use a fully qualified paths.

Cheers!
Steve
----- Original Message ----- 
From: "Kevin H (JIRA)" <jira@apache.org>
To: <c-dev@axis.apache.org>
Sent: Tuesday, June 28, 2011 5:31 PM
Subject: [jira] [Updated] (AXIS2C-1550) HTTPS using axis2c.xml or embedded 
axis2 lib does not work with SSL authentication?


>
>     [ 
> https://issues.apache.org/jira/browse/AXIS2C-1550?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
>
> Kevin H updated AXIS2C-1550:
> ----------------------------
>
>    Description:
> Hi all,
>
> I have followed this instruction here to set up an https request (client) 
> to a server but encountered error. I am not sure why. Basically i found 
> that the changes to axis2.xml is needed while the changes to the C codes 
> doesnt make any effect. However, the changes to axis2.xml still does not 
> get me thru the SSL authentication.
>
> The instruction is here:
>
> http://people.apache.org/~dumindu/docs/HowToConfigureSSL.html
>
> I basically have the CA cert, the key, and the client cert in 3 different 
> files. The instruction said i needed to "cat" the client cert and the key 
> to 1 same file, which i did.
>
> On another attempt, I did manage to write my own client codes (using 
> libcurl) with these credentials which connects OK to the server. But 
> somehow the axis2c client service does not work.
>
> In details, the changes i made are these:
>
> In axis2c.xml:
>
> Enable https both in receiver and sender:
>
> <transportReceiver name="https" class="axis2_http_receiver">
>        <parameter name="port" locked="false">6060</parameter>
>        <parameter name="exposeHeaders" locked="true">false</parameter>
> </transportReceiver>
>
> <transportSender name="https" class="axis2_http_sender">
>        <parameter name="PROTOCOL" locked="false">HTTP/1.1</parameter>
>        <parameter name="xml-declaration" insert="false"/>
>        <parameter name="SERVER_CERT">/path/ca-file.pem</parameter>
>        <parameter name="KEY_FILE">/path/client.pem</parameter>
> </transportSender>
>
> My understanding is this is all i need to make the transport layer carry 
> the credentials, which are needed for the server to handshake/authenticate 
> this client code.
>
> But the error i get from the logs is like this:
>
> [Fri Jun 24 17:56:56 2011] [error] libcurl/axis2_libcurl.c(538) NSS: 
> client certificate not found (nickname not specified)
> [Fri Jun 24 17:56:56 2011] [error] libcurl/axis2_libcurl.c(540) Error 
> occurred in transport
> [Fri Jun 24 17:56:56 2011] [error] engine.c(179) Transport sender invoke 
> failed
>
> I wonder what i did wrong? Any help is greatly appreciated.
>
>  was:
> Hi all,
>
> I have followed this instruction here to set up an https request (client) 
> to a server but encountered error. I am not sure why. Basically i found 
> that the changes to axis2.xml is needed while the changes to the C codes 
> doesnt make any effect. However, the changes to axis2.xml still does not 
> get me thru the SSL authentication.
>
> The instruction is here:
>
> http://damithakumarage.wordpress.com/
>
> I basically have the CA cert, the key, and the client cert in 3 different 
> files. The instruction said i needed to "cat" the client cert and the key 
> to 1 same file, which i did.
>
> On another attempt, I did manage to write my own client codes (using 
> libcurl) with these credentials which connects OK to the server. But 
> somehow the axis2c client service does not work.
>
> In details, the changes i made are these:
>
> In axis2c.xml:
>
> Enable https both in receiver and sender:
>
> <transportReceiver name="https" class="axis2_http_receiver">
>        <parameter name="port" locked="false">6060</parameter>
>        <parameter name="exposeHeaders" locked="true">false</parameter>
> </transportReceiver>
>
> <transportSender name="https" class="axis2_http_sender">
>        <parameter name="PROTOCOL" locked="false">HTTP/1.1</parameter>
>        <parameter name="xml-declaration" insert="false"/>
>        <parameter name="SERVER_CERT">/path/ca-file.pem</parameter>
>        <parameter name="KEY_FILE">/path/client.pem</parameter>
> </transportSender>
>
> My understanding is this is all i need to make the transport layer carry 
> the credentials, which are needed for the server to handshake/authenticate 
> this client code.
>
> But the error i get from the logs is like this:
>
> [Fri Jun 24 17:56:56 2011] [error] libcurl/axis2_libcurl.c(538) NSS: 
> client certificate not found (nickname not specified)
> [Fri Jun 24 17:56:56 2011] [error] libcurl/axis2_libcurl.c(540) Error 
> occurred in transport
> [Fri Jun 24 17:56:56 2011] [error] engine.c(179) Transport sender invoke 
> failed
>
> I wonder what i did wrong? Any help is greatly appreciated.
>
>
>> HTTPS using axis2c.xml or embedded axis2 lib does not work with SSL 
>> authentication?
>> -----------------------------------------------------------------------------------
>>
>>                 Key: AXIS2C-1550
>>                 URL: https://issues.apache.org/jira/browse/AXIS2C-1550
>>             Project: Axis2-C
>>          Issue Type: Bug
>>            Reporter: Kevin H
>>
>> Hi all,
>> I have followed this instruction here to set up an https request (client) 
>> to a server but encountered error. I am not sure why. Basically i found 
>> that the changes to axis2.xml is needed while the changes to the C codes 
>> doesnt make any effect. However, the changes to axis2.xml still does not 
>> get me thru the SSL authentication.
>> The instruction is here:
>> http://people.apache.org/~dumindu/docs/HowToConfigureSSL.html
>> I basically have the CA cert, the key, and the client cert in 3 different 
>> files. The instruction said i needed to "cat" the client cert and the key 
>> to 1 same file, which i did.
>> On another attempt, I did manage to write my own client codes (using 
>> libcurl) with these credentials which connects OK to the server. But 
>> somehow the axis2c client service does not work.
>> In details, the changes i made are these:
>> In axis2c.xml:
>> Enable https both in receiver and sender:
>> <transportReceiver name="https" class="axis2_http_receiver">
>>         <parameter name="port" locked="false">6060</parameter>
>>         <parameter name="exposeHeaders" locked="true">false</parameter>
>> </transportReceiver>
>> <transportSender name="https" class="axis2_http_sender">
>>         <parameter name="PROTOCOL" locked="false">HTTP/1.1</parameter>
>>         <parameter name="xml-declaration" insert="false"/>
>>         <parameter name="SERVER_CERT">/path/ca-file.pem</parameter>
>>         <parameter name="KEY_FILE">/path/client.pem</parameter>
>> </transportSender>
>> My understanding is this is all i need to make the transport layer carry 
>> the credentials, which are needed for the server to 
>> handshake/authenticate this client code.
>> But the error i get from the logs is like this:
>> [Fri Jun 24 17:56:56 2011] [error] libcurl/axis2_libcurl.c(538) NSS: 
>> client certificate not found (nickname not specified)
>> [Fri Jun 24 17:56:56 2011] [error] libcurl/axis2_libcurl.c(540) Error 
>> occurred in transport
>> [Fri Jun 24 17:56:56 2011] [error] engine.c(179) Transport sender invoke 
>> failed
>> I wonder what i did wrong? Any help is greatly appreciated.
>
> --
> This message is automatically generated by JIRA.
> For more information on JIRA, see: http://www.atlassian.com/software/jira
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: c-dev-unsubscribe@axis.apache.org
> For additional commands, e-mail: c-dev-help@axis.apache.org
>
>
> 



---------------------------------------------------------------------
To unsubscribe, e-mail: c-dev-unsubscribe@axis.apache.org
For additional commands, e-mail: c-dev-help@axis.apache.org


Mime
View raw message