axis-c-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Subra A Narayanan" <>
Subject Re: [Axis2] SSL and certificate support
Date Mon, 19 Nov 2007 22:32:07 GMT
Hey Dumindu,

Just want to make sure I understand this correctly. So if I just want
to run my axis2 webserices in SSL mode, I dont need rampart. I can
just use apache for that, right? But when I was reading rampart
documentation, it talks about soap body encryption using SSL certs.
How is that different from using apache for SSL?

My second question is, lets assume I want to use client authentication
for my webservice. I have to set the following 2 variables in the
httpd.conf file

SSLVerifyClient require
SSLVerifyDepth 1

I understand that this will force the client to send a cert with every
request. But after receives the client cert, what does it do with it?
does it check against a list of certs thats allowed to access the
service? Is this feature built-in to axis2 or do we hv to implement it


Hi Greg,
>>  Sorry if this is in some documentation somewhere (I've tried and not
>> found if). A cursory glance at the rampart code shows a lot of
>> references to ssl and certificates. Some specific questions:
>> Is SSL supported on server side? Client?

Yes, Axis2/C supports both ssl server authentication and client
authentication. Please refer to the axis2c manual [1].

I would suggest you use axis2 1.0.0 RC3 [2] or the latest svn head,
since ssl transport has been updated since 0.96 release. In this case
you will have to refer to the documentation from the trunk [3].

Note that ssl transport is not a feature of rampart, but of Axis2/C itself.



To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message