axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kancansan <>
Subject Axis2 with SSL Host Name Verification
Date Tue, 04 Nov 2008 08:32:02 GMT

Hi All,

I am using axis2 and tomcat. 
I would like to use ssl with two way authentication and host name
For this purpose, I did the followings;

1-Create ssl server keystore and certificate with keytool.
2-Create client keystore and certificate with keytool.
3-Create server trusted keystore and import client certificate in it.
4-Create client trusted keystore and import server certificate in it.

In tomcat's server.xml. I did the following things;

		<Connector SSLEnabled="true" clientAuth="true"
			keystoreFile="D:\SSL\server.keystore" keystorePass="pass"
			truststoreType="jks" maxThreads="150" port="8443"
			protocol="HTTP/1.1" scheme="https" secure="true" sslProtocol="TLS" />

And in java code, I set the some properties like;

        System.setProperty("", "pass");
        System.setProperty("", "jks");        

    	System.setProperty("", "D:/SSL/client.keystore");
        System.setProperty("", "pass");
        System.setProperty("", "jks");

Up to now; everything worked great. But i have no idea how could i manage
host name verification.
In axis2.xml, there is something like that;

    <!-- the non-blocking https transport sender based on HttpCore + NIO SSL
    <transportSender name="https"
        <parameter name="non-blocking" locked="false">true</parameter>
        <parameter name="keystore" locked="false">
        <parameter name="truststore" locked="false">
            supports Strict|AllowAll|DefaultAndLocalhost or the default if
none specified -->

How can i set above's parameter?
what is the difference between above and tomcat's server.xml settings?

In axis2, I get the stub like;

SampleStub stub = new SampleStub("https://.....");

is there any option should i set?

I am waiting your answers.



View this message in context:
Sent from the Axis - User mailing list archive at

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message