axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Manuel Mall <man...@apache.org>
Subject Re: Help on Axis and SSL
Date Wed, 05 Jul 2006 10:28:00 GMT
On Wednesday 05 July 2006 16:19, iceal thaddeus lim wrote:
> Hi All,
>
> been googling, trying things out and stuff for a week now on SSL but
> still no success... I need help an fast.
> Our server operator emailed me a couple of weeks ago with the
> following files for SSL
>
> .crt, csr, .key, .p12
> an password  = XXXMMXXX
> a p12 export key = SomeExportKey
>

I wonder if Axis + SSL should be a FAQ. However, nothing said here has 
anything to do with Axis directly and all to do with with Java SSE.

I assume you have been provided the above files because the site you 
connect to wants you to use HTTPS with client authentication. To do 
this you need a Key Store not a Trust Store. Read the JSSE documents 
http://java.sun.com/j2se/1.5.0/docs/guide/security/jsse/JSSERefGuide.html 
for more details.

If you use Java 1.5 you should be able to use the .p12 file, which is a 
Key Store in PKCS#12 format, directly. That is use the 
directives -Djavax.net.ssl.keyStore=....p12 -Djavax.net.ssl.keyStorePassword=XXXMMXXX  -Djavax.net.ssl.keyStoreType=pkcs12

on your command line and don't use the trust store command line 
arguments at all. If you use Java 1.4 you will have to convert 
your .p12 file into a keystore in the "native" Java format (jks). For 
that you probably have to use the openssl suite of tools as the Java 
keytool does not support this conversion. I have instruction for that 
somewhere which I found on the Net.

I hope the above will get you going.

Manuel

> Since all I know is to use .CRT to generate a keystore, I did this..
>
> keytool -import -keystore /home/ice/ion.keystore -alias iondev -file
> /home/ice/ion.mtna.crt
>
> thus i got a keystore, ion.keystore.
>
> but when I did this...
>
> java -Djavax.net.ssl.trustStore=/home/ice/ion.keystore
> -Djavax.net.ssl.trustStorePassword=XXXMMXXX -classpath
> axis.jar:commons-logging-1.0.4.jar:commons-discovery-0.2.jar:jaxrpc.j
>ar: saaj.jar:activation.jar:mail.jar:wsdl4j-1.5.1.jar
> org.apache.axis.wsdl.WSDL2Java --testCase --output ebb/src --verbose
> https://<some ip address>:7002/MTB_
> TPGW/WS/Billing/ServiceGateway.jws?WSDL
>
> and
>
> java -Djavax.net.ssl.trustStore=/home/ice/ion.keystore -classpath
> axis.jar:commons-logging-1.0.4.jar:commons-discovery-0.2.jar:jaxrpc.j
>ar: saaj.jar:activation.jar:mail.jar:wsdl4j-1.5.1.jar
> org.apache.axis.wsdl.WSDL2Java --testCase --output ebb/src --verbose
> https://<some ip address>:7002/MTB_
> TPGW/WS/Billing/ServiceGateway.jws?WSDL
>
> that tries to connect to the server over SSL, I get a
>
> javax.net.ssl.SSLHandshakeException: Remote host closed connection
> during handshake
>          at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
>          at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j
> (DashoA12275)
>
>  help me please!...
>
>  i'm thinking that those other files given to me are to be used...
> but how?
>
> I don't even know what the p12 export key is for?
>
> Thank you all in advance.
>
> Ice

---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org


Mime
View raw message