axis-c-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dumindu Pallewela <>
Subject Re: How to create a SSL client to support https
Date Thu, 05 Jul 2007 09:47:22 GMT
Hi Kelvin,

Find my comments inline.

Kelvin Lin wrote:
> Hi all,
> But it failed in my environment, because I can't find some apis and 
> variable name at all, like axis2_property_t and AXIS2_OPTIONS_SET_PROPERTY.

Those instructions were intended for v0.96. Since v1.0 the util 
declarations were renamed with a axutil_ prefix and the macros were 
dropped. Hence these should be axutil_property_t and 
axis2_options_set_property respectively.

> I used official version axis2c-src-1.0.0 and changed axis2.xml like:
>     <transportSender name="https" class="axis2_http_sender">
>         <parameter name="PROTOCOL" locked="false">HTTP/1.1</parameter>
>     </transportSender>
>     <parameter name="SERVER_CERT">/path/to/ca/certificate</parameter>
>     <!--<parameter 
> name="KEY_FILE">/path/to/client/certificate/chain/file</parameter>
>     <parameter name="SSL_PASSPHRASE">passphrase</parameter>
>     -->

This is all you need in order to get ssl working, usually. :)

> At the same time, I called following apis in my program:
>     axis2_options_set_soap_version(options, env, AXIOM_SOAP12);
>  axis2_options_set_transport_in_protocol(options, env, 

Axis2 engine should set the appropriate protocols according to the epr 
that you use. For example for a https endpoint, axis2 engine would look 
at the https://.... uri and understand that the protocol that should be 
used is https. In particular, setting transport_in protocol is not 
useful if you are not using different ports to send and receive messages 
(dual client).

> But the server I built by myself didn't have any response and get error 
> code 82, Input stream is NULL in msg_ctx.

That is because our simple_axis_server is not capable of handling ssl. 
Please refer to the axis2 manual [1] for more information on deploying 
axis2 in apache2 server. Make sure to have mod_ssl installed.

> What apis should I call to support https and how to config axis2.xml to 
> specify pem file both under needing authentication and no needing 
> authentication?

There are three properties that are related to ssl transport, 
SERVER_CERT, KEY_FILE and SSL_PASSPHRASE. Please refer to [2] for more 
information on each.

This is how you set the SERVER_CERT for expample:

axutil_property_t ssl_ca_file = axutil_property_create(env);
axutil_property_set_value(ssl_ca_file, env,
	axutil_strdup(env, "/home/dumindu/dummyCA/demoCA/cacert.pem"));
axis2_options_set_property(options, env, "SERVER_CERT", ssl_ca_file);

You can set the other three properties accordingly, too. These 
properties however, are *not needed* to be set in the code, if you can 
set them in axis2.xml.

Tutorial [2] was written a while back, so there can be a few errors. 
Please let me know if you find any :)



To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message