axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Chris Mannion" <chris.mann...@itjunction.com>
Subject Mutual SSL
Date Mon, 19 Dec 2005 16:54:49 GMT
Hi all

I'm writing a client to hook up with a remote web-service (ie not one that I've developed)
which requires a mutually authenticated SSL connection.  I have both a client certificate
and a root certificate installed in my Java keystore to make the connection but on making
an Axis call to the webservice I recieve an error from the server which the owners, having
checked their logs, tell me is because my client doesn't "present" it's client certificate.

Looking back through the mailing list all the solutions to getting SSL working seem to depend
on setting system properties to point at the correct keystore containing the certificates.
 However, before I got this far I was receiving exceptions on trying to open the soap connection
to the server when the root certificate couldn't be found to authenticate the server.  In
solving that error I made sure the certificates are installed in Java's default keystore.
 As such I didn't think editing system properties to point at the keystore would make any
difference, and it didn't.

Are there any properties to be set to force the connection opened to be a MUTUAL SSL connection
and to specify which certificate my client should present to the server?

I did also find one suggestion on the mailing list
http://marc.theaimsgroup.com/?l=axis-dev&m=112368752122921&w=2
which included writing a customer SocketFactory, though it doesn't explain how various things
such as specifying a mutual connection etc.

Any help would be very much appreciated as the many, many old suggestions have only helped
confuse me more about the topic.


Chris Mannion
IT Junction
020 8452 4274
Mime
View raw message