axis-c-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andy Karseras" <akarse...@gmail.com>
Subject SSL Client Authentication Failure
Date Thu, 03 Jul 2008 18:39:42 GMT
Hi,

I am having trouble using an SSL Client with AXIS2C - basically,
authentication appears to fail.

I executed the following to obtain the server certificate...

echo |\
openssl s_client -connect localhost:7547 2>&1 |\
sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > cert.pem

..and got the following:-

-----BEGIN CERTIFICATE-----
MIIDFjCCAtSgAwIBAgIER6H2iDALBgcqhkjOOAQDBQAwbjEPMA0GA1UEBhMGQ2Fu
YWRhMRAwDgYDVQQIEwdPbnRhcmlvMQ8wDQYDVQQHEwZPdHRhd2ExGDAWBgNVBAoT
D05vcnRlbCBOZXR3b3JrczEMMAoGA1UECxMDSU1TMRAwDgYDVQQDEwdXTUc2MDAw
MB4XDTA4MDEzMTE2MjU0NFoXDTA4MDQzMDE2MjU0NFowbjEPMA0GA1UEBhMGQ2Fu
YWRhMRAwDgYDVQQIEwdPbnRhcmlvMQ8wDQYDVQQHEwZPdHRhd2ExGDAWBgNVBAoT
D05vcnRlbCBOZXR3b3JrczEMMAoGA1UECxMDSU1TMRAwDgYDVQQDEwdXTUc2MDAw
MIIBuDCCASwGByqGSM44BAEwggEfAoGBAP1/U4EddRIpUt9KnC7s5Of2EbdSPO9E
AMMeP4C2USZpRV1AIlH7WT2NWPq/xfW6MPbLm1Vs14E7gB00b/JmYLdrmVClpJ+f
6AR7ECLCT7up1/63xhv4O1fnxqimFQ8E+4P208UewwI1VBNaFpEy9nXzrith1yrv
8iIDGZ3RSAHHAhUAl2BQjxUjC8yykrmCouuEC/BYHPUCgYEA9+GghdabPd7LvKtc
NrhXuXmUr7v6OuqC+VdMCz0HgmdRWVeOutRZT+ZxBxCBgLRJFnEj6EwoFhO3zwky
jMim4TwWeotUfI0o4KOuHiuzpnWRbqN/C/ohNWLx+2J6ASQ7zKTxvqhRkImog9/h
WuWfBpKLZl6Ae1UlZAFMO/7PSSoDgYUAAoGBAJKVdCfsnmARwlgSMBKRLh4WyyzQ
TubhCrNuu3qwZuCILkzmTk/kmH4uCkcFiZx5I7uYphlgkoVW2qHAZ5t17xhz30uD
OilLCagWDPygT6wO2uZV1TruKmfEI7zYBGijDazNb2wV8wy1SwON38NC3nKeJf9X
BgK6RCCGjcaa75FrMAsGByqGSM44BAMFAAMvADAsAhRWOjxC/Lpp/FGm+3QfLEUU
NzoyvQIUfrBKhVVjCHNzuE4NxFb0zhluOMY=
-----END CERTIFICATE-----


My axis2.xml contents are...

<parameter
name="SERVER_CERT">/etc/nortel/apps/oam/configurationServer/security/cert.pem</parameter>
<!--parameter
name="KEY_FILE">/path/to/client/certificate/chain/file</parameter-->
<!--parameter name="SSL_PASSPHRASE">passphrase</parameter-->


The relevant logs as follows:-

[Thu Jul  3 13:12:57 2008] [debug] http_transport_sender.c(246) ctx_epr:
https://localhost:7547/services/ConfigurationServer
[Thu Jul  3 13:12:57 2008] [debug] http_transport_sender.c(768) using axis2
native http sender.
[Thu Jul  3 13:12:57 2008] [debug] http_sender.c(415)
msg_ctx_id:484e90ce-4923-1dd1-20df-00145eecc23a
[Thu Jul  3 13:12:57 2008] [info]  [ssl client] Client certificate chain
filenot specified
[Thu Jul  3 13:12:57 2008] [debug] ssl/ssl_utils.c(190) [ssl client] SSL
certificate verified against peer
[Thu Jul  3 13:12:57 2008] [info]  [ssl client] Client certificate chain
filenot specified
[Thu Jul  3 13:12:57 2008] [debug] ssl/ssl_utils.c(190) [ssl client] SSL
certificate verified against peer
[Thu Jul  3 13:12:57 2008] [error] http_sender.c(1293) HTTP Authentication
failed
[Thu Jul  3 13:12:57 2008] [error] http_sender.c(1399) Error occurred in
transport
[Thu Jul  3 13:12:57 2008] [error] engine.c(179) Transport sender invoke
failed

Any ideas or suggestions ?

Many thanks.


Andy

Mime
View raw message