axis-c-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Raghu Udupa" <rud...@easylink.com>
Subject RE: certificate file for communicating via https
Date Fri, 03 Oct 2008 16:14:46 GMT
Thanks Manjula. I need a couple more clarifications,

1) If I store multiple certificates in a PFX file, how would
axis2c/rampart know which certificate to use?

1.1) Does it go by the domain name in the URI? If so, what is the
criteria?  That is, if URI is
www.webservices.com/axis2/services/myservice, then, does it use the
domain www.webservices.com for retrieving the certificate.

1.2) Do I need to specify a password for each certificate?

2) You mention providing .pfx file and password to Rampart/C. My
thinking was to specify PFX file in axis2.xml under SERVER_CERT. There
is no tag in axis2.xml for specifying password. Where do I specify the
password? Can I do it programmatically or through module.xml? 

3) This is just a reconfirmation. In the client guide, it is mentioned
that I can specify a PEM file. As long as PEM file is one certificate
per PEM file, can I still use a PEM file.

Thanks,
Raghu

-----Original Message-----
From: Manjula Peiris [mailto:manjula@wso2.com] 
Sent: Friday, September 19, 2008 5:35 AM
To: Apache AXIS C User List
Subject: Re: certificate file for communicating via https


On Thu, 2008-09-18 at 17:01 -0400, Raghu Udupa wrote:
> If a web services client wants to communicate with different servers,
> can certificates for different servers be specified in one PEM file.
> For curl, you can specify a single certificate file which can contain
> multiple certificates. I would like to know whether axis2c provides
> this feature.

No you can't specify it in one PEM file. Rampart/C the Axis2/C security
project does not support that. But you can store all the certificates in
a pfx key store and provide Rampart/C with the .pfx file with the
password to retrieve the certificate from the key store. 


> 
>  
> 
> Thanks,
> 
> Raghu
> 
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org


Mime
View raw message