axis-c-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kelvin Lin <kelvin_q_...@yahoo.com>
Subject Re: How to create a SSL client to support https
Date Thu, 05 Jul 2007 10:18:08 GMT
Hi Dumindu,
   
  Thank you very much. You pull me out from the mess and give me the confidence to finish
the work.
   
  But because I will be not available in the following three days, I have to try your method
in next Monday(China Time). And if there are any problems, I will tell you.
   
  I skim your reply and I have a question about this paragraph:
   
  "That is because our simple_axis_server is not capable of handling ssl. 
Please refer to the axis2 manual [1] for more information on deploying 
axis2 in apache2 server. Make sure to have mod_ssl installed."
   
  I used IBM Websphere as http server. Does it matter to the solution.
   
  Thanks a lot again.
   
  Kelvin.Lin


Dumindu Pallewela <dumindu@wso2.com> wrote:
  Hi Kelvin,

Find my comments inline.

Kelvin Lin wrote:
> Hi all,
> 
> But it failed in my environment, because I can't find some apis and 
> variable name at all, like axis2_property_t and AXIS2_OPTIONS_SET_PROPERTY.

Those instructions were intended for v0.96. Since v1.0 the util 
declarations were renamed with a axutil_ prefix and the macros were 
dropped. Hence these should be axutil_property_t and 
axis2_options_set_property respectively.

> I used official version axis2c-src-1.0.0 and changed axis2.xml like:
> 
> 
> 
HTTP/1.1

> 
> 
/path/to/ca/certificate

> > name="KEY_FILE">/path/to/client/certificate/chain/file

>     
passphrase

>     -->

This is all you need in order to get ssl working, usually. :)

> At the same time, I called following apis in my program:
> 
> axis2_options_set_soap_version(options, env, AXIOM_SOAP12);
> axis2_options_set_transport_in_protocol(options, env, 
> AXIS2_TRANSPORT_ENUM_HTTPS);

Axis2 engine should set the appropriate protocols according to the epr 
that you use. For example for a https endpoint, axis2 engine would look 
at the https://.... uri and understand that the protocol that should be 
used is https. In particular, setting transport_in protocol is not 
useful if you are not using different ports to send and receive messages 
(dual client).

> But the server I built by myself didn't have any response and get error 
> code 82, Input stream is NULL in msg_ctx.

That is because our simple_axis_server is not capable of handling ssl. 
Please refer to the axis2 manual [1] for more information on deploying 
axis2 in apache2 server. Make sure to have mod_ssl installed.

> What apis should I call to support https and how to config axis2.xml to 
> specify pem file both under needing authentication and no needing 
> authentication?

There are three properties that are related to ssl transport, 
SERVER_CERT, KEY_FILE and SSL_PASSPHRASE. Please refer to [2] for more 
information on each.

This is how you set the SERVER_CERT for expample:

axutil_property_t ssl_ca_file = axutil_property_create(env);
axutil_property_set_value(ssl_ca_file, env,
axutil_strdup(env, "/home/dumindu/dummyCA/demoCA/cacert.pem"));
axis2_options_set_property(options, env, "SERVER_CERT", ssl_ca_file);

You can set the other three properties accordingly, too. These 
properties however, are *not needed* to be set in the code, if you can 
set them in axis2.xml.

Tutorial [2] was written a while back, so there can be a few errors. 
Please let me know if you find any :)

Regards,
Dumindu.

[1] http://ws.apache.org/axis2/c/docs/axis2c_manual.html#mod_axis2
[2] http://people.apache.org/~dumindu/HowToConfigureSSL.html

---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org



       
---------------------------------
Sick sense of humor? Visit Yahoo! TV's Comedy with an Edge to see what's on, when. 
Mime
View raw message