axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Asbell, Jonathan" <Jonathan_Asb...@McGraw-Hill.com>
Subject RE: Axis, JSSE and HTTPS
Date Fri, 22 Nov 2002 14:01:43 GMT
Here is what I had to do for Tomcat.  Hope this helps

==========================================
place three jsse jar files in \jre\lib\ext 
===============================================
run java keytool to generate the key in the keystore located in the home
directory of the user/owner of tomcat. (when generating the key make sure
you anser the "first name last name" question with the dns domain for the
calling server...aviationnow.com).  Also, make sure that when generating
keys with the commandline keytool you either include the full path to the
keystore, or leave it out completely (uses default keystore location for the
generating user)
===============================================
configure server.xml with an entry like this:
    <Connector 
     className="org.apache.catalina.connector.http.HttpConnector"
        port="8443" 
        minProcessors="5" 
        maxProcessors="75"
        enableLookups="true"
        acceptCount="10" 
        debug="9" 
        scheme="https" 
        secure="true">
 <Factory 
  className="org.apache.catalina.net.SSLServerSocketFactory" 
  clientAuth="false" 
  keystoreFile="C:\Documents and Settings\Administrator\.keystore"
  protocol="TLS"/>
    </Connector>
===============================================
add 
_xalan.jar (use the same xalan all around)
_xmlsec.jar (use the jar in xml-security-bin-1_0_5D2.zip)
to
jakarta-tomcat-4.1.12\common\lib
==========================================






-----Original Message-----
From: Darren Marvin [mailto:djm@it-innovation.soton.ac.uk]
Sent: Thursday, November 21, 2002 4:38 PM
To: axis-user@xml.apache.org
Cc: dims@yahoo.com
Subject: Axis, JSSE and HTTPS


Hi all,

I am attempting to make HTTPS invocations from an Axis client to an Apache
HTTP Server. I am using the latest nightly build as suggested by members of
the developer list. The latest version seems to be vast improvement in terms
of providing for changing keystore locations and passwords. My problem now
is that I am getting the following during handshake:

failed extension check:

...

 ext exception was: java.security.cert.CertificateException: Intermediate
X.509v3 certificate without basic constraints extension

Any suggestions would be welcomed.

Thanks in advance,

Darren.


Mime
View raw message