axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Pravir Ramtekkar <pra...@nms.fnc.fujitsu.com>
Subject X509Trust Manager and SOAP
Date Wed, 11 Aug 2004 21:39:51 GMT
Hi,
I saw the following post on the internet and thought anybody in the AXIS 
community would have the answer I am looking for.
I also have the same question. Using my TrustManager I connect to any 
https server ( HTTPSConnection) it works great and I can download 
content but when I do the same using soap it throws the same exception ( 
No Valid Ceritificate found)
I am using WSDL2Java from apache to generate stubs and using the 
generated locator to connect to the service.

If you've got an answer to this, would appreciate sending that to  me.

same as your case, I dont want to import the certificate into a store 
and specify keystore/password etc.
-thanx,

********************************
Subject: custom x509trustmanager with SOAP

View this article only
Newsgroups: comp.lang.java.security
Date: 2003-07-30 11:13:48 PST

Like others I've seen lots of people asking similar question, and
nobody answers, so this must be one of the great unknowns, but just to
try every avenue, I thought I'd post a message.

I am trying to make a soap call over ssl. Apache's soap library, ibm
websphere 5.

Soap works great over http.
When I do https, I do the
System.setProperty("java.protocol.handler.pkgs","com.ibm.net.ssl.internal.www.protocol");
to get "https"  to be recognised.
I do Security.addProvider(new com.ibm.jsse.IBMJSSEProvider()); to add
the ssl provider.
But then of course, I get the dreaded unknown certificate error. No, I
can not add the certificate to my trust store.
So I implement my own trust store...
public class TrustEverybody implements X509TrustManager
All functions return true.

Now everybody else has the problem of registering their trustmanager
with the context that they make their ssl socket connection from.

That's not my problem, mine's even better. I'm making a soap call,
remember? I'm not the one making the socket. The apache soap library
is.
So I need some way to shove my ssl context into the soap library, or
if I could make the connection myself, (having already registered my
trustmanager) hand it off to the SOAP library.
I tried this:
HttpsURLConnection.setDefaultSSLSocketFactory(ctx.getSocketFactory());
I was hoping this was a global static that all https calls went
through, (ctx being the context I set up using my custom trust
manager) but it doesn't work. my trustmanager never gets called.

I can only assume that lots of people are going to get to this page
beacuse of the subject, because lots of people have this problem, and
there are very few answers and they don't apply to my problem.

I can only hope there is a god out there somewhere who can miracle me
an answer before this is due, last friday.



Mime
View raw message