axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Subash Devkota <SDevk...@D2Hawkeye.com>
Subject Re: [Axis2] How to deploy Axis2 in https
Date Sat, 16 Dec 2006 11:57:52 GMT
Ruchith,

My https configuration does not require client to authenticate itself.

I have already included security in Axis2 with rampart. It works fine 
when axis server is hosted in http.
But, when i hosted the same axis in https domain, the client can not  
connect to axis server.
It throws nullPointerException.

I used the same key that is used for https as client key in axis client 
(for testing purpose) and it worked properly without errors. But when I 
use self signed certificate in axis client, it does not work.

The only configuration I changed for https was in axis2.xml file of web 
service client.
       
    <transportSender name="" 
class="org.apache.axis2.transport.http.CommonsHTTPTransportSender">
                 <parameter name="PROTOCOL" 
locked="false">HTTP/1.1</parameter>
                 <parameter name="Transfer-Encoding">chunked</parameter>
        </transportSender>

Should I do any more configuration changes?

The next question is, if i intend to use axis in https, should i need to 
configure rampart?
 
Thanks
Subash

Ruchith Fernando wrote:
> How have you configured HTTPS at the service? (the servlet container
> axis2 is deployed). Does it require the client to authenticate itself
> with its certificate?
>
> if so you MUST add the client cert into the container's trust store
> and then configure the client's following JSSE properties properly.
> javax.net.ssl.keyStore
> javax.net.ssl.keyStoreType
> javax.net.ssl.keyStoreType
>
> However even if the HTTPS config of the container does not require
> client auth you MUST have the CA cert of the CA that signed the
> container's cert in your jre/lib/security/cacerts store or if it uses
> a self signed cert then you can override trust store config with the
> JSSE properties. Please see here for more information [1]
>
> Thanks,
> Ruchith
>
> [1] http://java.sun.com/products/jsse/install.html
>
> On 12/16/06, Subash Devkota <SDevkota@d2hawkeye.com> wrote:
>> Hi all,
>>
>> I have problem deploying axis2 1.0 in https.
>>
>> I need to deploy my axis2 1.0 server over https application.
>>
>> I used following configuration in axis2.xml in client side.
>>
>>         <transportSender name="" 
>> class="org.apache.axis2.transport.http.CommonsHTTPTransportSender">
>>                  <parameter name="PROTOCOL" 
>> locked="false">HTTP/1.1</parameter>
>>                  <parameter name="Transfer-Encoding">chunked</parameter>
>>         </transportSender>
>>
>>
>> The web service works well when i use it in http.  But when axis2 server
>> is deployed in https, the client can not connect to server (axis2 1.0
>> where web services is deployed).
>>
>> I am using self signed certificate in client side. I added the
>> certificate of the client in https server's trusted certificate key
>> store. But could not connect to server.
>>
>> It throws nullPointerException while trying to connect web service.
>>
>> I tried using CA certified key in the client side. In this case, it 
>> works.
>>
>> I need to connect to axis2 1.0 server deployed over https with client
>> that has self signed certificate.
>>
>> Does any one knows how to configure the client for this?
>>
>> Thanks in advance.
>> Subash
>>
>>
>> PRIVACY NOTICE
>>
>> This email and any attachments may be confidential and/or privileged. 
>> Use of the information contained in this email by anyone other than 
>> the intended recipient is strictly prohibited. If you have received 
>> this email in error, please notify the sender by replying to this 
>> message and delete this email.
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
>> For additional commands, e-mail: axis-user-help@ws.apache.org
>>
>>
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org


Mime
View raw message