Return-Path: Delivered-To: apmail-ws-axis-dev-archive@www.apache.org Received: (qmail 25143 invoked from network); 12 Aug 2004 06:37:04 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur-2.apache.org with SMTP; 12 Aug 2004 06:37:04 -0000 Received: (qmail 21955 invoked by uid 500); 12 Aug 2004 06:36:57 -0000 Delivered-To: apmail-ws-axis-dev-archive@ws.apache.org Received: (qmail 21921 invoked by uid 500); 12 Aug 2004 06:36:56 -0000 Mailing-List: contact axis-dev-help@ws.apache.org; run by ezmlm Precedence: bulk Reply-To: axis-dev@ws.apache.org list-help: list-unsubscribe: list-post: Delivered-To: mailing list axis-dev@ws.apache.org Received: (qmail 21900 invoked by uid 99); 12 Aug 2004 06:36:55 -0000 X-ASF-Spam-Status: No, hits=0.1 required=10.0 tests=DNS_FROM_RFC_ABUSE X-Spam-Check-By: apache.org Received: from [192.240.0.2] (HELO fujitsu2.fujitsu.com) (192.240.0.2) by apache.org (qpsmtpd/0.27.1) with ESMTP; Wed, 11 Aug 2004 23:36:53 -0700 Received: from fujitsu2.fujitsu.com (localhost [127.0.0.1]) by fujitsu2.fujitsu.com (8.12.10/8.12.9) with ESMTP id i7C6aprH022085; Wed, 11 Aug 2004 23:36:52 -0700 (PDT) Received: from fnanic.fujitsu.com ([133.164.253.1]) by fujitsu2.fujitsu.com (8.12.10/8.12.9) with ESMTP id i7C6aplZ022027; Wed, 11 Aug 2004 23:36:51 -0700 (PDT) Received: from mercury (localhost [127.0.0.1]) by fnanic.fujitsu.com (8.12.11/8.12.11) with ESMTP id i7C6aj4t028993; Wed, 11 Aug 2004 23:36:45 -0700 (PDT) Received: from nms.fnc.fujitsu.com (localhost [127.0.0.1]) by mercury.nms.fnc.fujitsu.com (iPlanet Messaging Server 5.2 HotFix 1.20 (built Aug 27 2003)) with ESMTP id <0I2B00FSKMDLA8@mercury.nms.fnc.fujitsu.com>; Wed, 11 Aug 2004 23:36:58 -0700 (PDT) Date: Wed, 11 Aug 2004 23:36:44 -0700 From: Pravir Ramtekkar Subject: TeustManager and AXIS client. To: axis-dev@ws.apache.org Cc: davanum@gmail.com, Davanum Srinivas , axis-user@ws.apache.org Message-id: <411B0FFC.2070302@nms.fnc.fujitsu.com> MIME-version: 1.0 Content-type: text/plain; charset=us-ascii; format=flowed Content-transfer-encoding: 7BIT X-Accept-Language: en-us, en User-Agent: Mozilla/5.0 (X11; U; SunOS sun4u; en-US; rv:1.0.1) Gecko/20020920 Netscape/7.0 References: <411AAA48.5030708@yahoo.com> <19e0530f040811210555a389e2@mail.gmail.com> X-Virus-Checked: Checked X-Spam-Rating: minotaur-2.apache.org 1.6.2 0/1000/N hi, I had posted a message on this list about making AXIS client call to webservice running HTTPS. Everybody seems to be importing the certificates into a keystore and passing them as a system prop. Problem I have is that I dont want to import any certificates for the obvious reasons that they will expire someday. rather I overwrite X509TrustManager and set it on the HttpsURLConnection as follows : X509TrustManager xtm = new MyTrustManager(); TrustManager mytm[] = {xtm}; SSLContext ctx = SSLContext.getInstance("SSL"); ctx.init(null,mytm, null ); SSLSocketFactory sf = ctx.getSocketFactory(); HttpsURLConnection.setDefaultSSLSocketFactory(sf); This works great if I try to connect to Https URL and gives me the correct content. but when I use Locator/Stub my X509TrustMamager is not called. How do I tell underlying AXIS to use my trustmanager? I see that AXIS has org.apache.axis.components.net.SunFakeTrustSocketFactory.FakeX509TrustManager() SunFakeTrustSocketFactory nad but using this in the above doesn't work due to incompatibility of types. Now the question is do I have to write my TrustManagerFactory and SecurityProvider and plug it in or is there any simple way to let AXIS know of my Trustmanager I want to use. appreciate any help. thanx, Pravir