axis-c-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Subra A Narayanan" <aswat...@gmail.com>
Subject Re: [Axis2] SSL and certificate support
Date Mon, 19 Nov 2007 22:32:07 GMT
Hey Dumindu,

Just want to make sure I understand this correctly. So if I just want
to run my axis2 webserices in SSL mode, I dont need rampart. I can
just use apache for that, right? But when I was reading rampart
documentation, it talks about soap body encryption using SSL certs.
How is that different from using apache for SSL?

My second question is, lets assume I want to use client authentication
for my webservice. I have to set the following 2 variables in the
httpd.conf file

SSLVerifyClient require
SSLVerifyDepth 1

I understand that this will force the client to send a cert with every
request. But after receives the client cert, what does it do with it?
does it check against a list of certs thats allowed to access the
service? Is this feature built-in to axis2 or do we hv to implement it
ourselves?


Thanks,
Subra

Hi Greg,
>>  Sorry if this is in some documentation somewhere (I've tried and not
>> found if). A cursory glance at the rampart code shows a lot of
>> references to ssl and certificates. Some specific questions:
>>
>> Is SSL supported on server side? Client?

Yes, Axis2/C supports both ssl server authentication and client
authentication. Please refer to the axis2c manual [1].

I would suggest you use axis2 1.0.0 RC3 [2] or the latest svn head,
since ssl transport has been updated since 0.96 release. In this case
you will have to refer to the documentation from the trunk [3].

Note that ssl transport is not a feature of rampart, but of Axis2/C itself.

Regards,
Dumindu.

[1] http://ws.apache.org/axis2/c/docs/axis2c_manual.html#ssl_client
[2] http://people.apache.org/~samisa/release/1.0.0/RC3/
[3] http://svn.apache.org/viewvc/webservices/axis2/trunk/c/xdocs/docs/
     axis2c_manual.html?view=co#ssl_client

---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org


Mime
View raw message