cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Vjacheslav Borisov (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CXF-5652) WebClient with SSL: javax.net.ssl.SSLHandshakeException handshake_failure
Date Thu, 27 Mar 2014 17:15:15 GMT

    [ https://issues.apache.org/jira/browse/CXF-5652?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13949622#comment-13949622
] 

Vjacheslav Borisov commented on CXF-5652:
-----------------------------------------

Honestly, i was thinking perviously, that javax.net.ssl.XXX properties are working somewhere
at socket level in java, and not in paricular web client, but never checked that,
just becouse they are working (if set) transparently for both embedded in JDK web client and
apache http cllient.
I do not need to make any other confuguration beside this properies , and think  this is useful,
as this allow to configure any application from any vendor ,even if it is not allows configuration
of SSL in interface. 

I don't see from my point of view why they should not work in WebClient, this is why I write
this issue. 
I don't mind if you wont'fix.  it is only my opinion


> WebClient with SSL: javax.net.ssl.SSLHandshakeException handshake_failure
> -------------------------------------------------------------------------
>
>                 Key: CXF-5652
>                 URL: https://issues.apache.org/jira/browse/CXF-5652
>             Project: CXF
>          Issue Type: Improvement
>          Components: JAX-RS
>    Affects Versions: 3.0.0-milestone2
>            Reporter: Vjacheslav Borisov
>            Priority: Minor
>
> I got error when using WebClient with SSL using client certificate:
> javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure 
> I found a way to fix this error
>             KeyStore keyStore = KeyStore.getInstance("JKS");
>             String trustpass = "chageit";
>             File truststore = new File("/home/slavb/.java/deployment/security/trusted.clientcerts");
>             keyStore.load(new FileInputStream(truststore), trustpass.toCharArray());
>             KeyStore ts = KeyStore.getInstance("JKS");
>             truststore = new File("/etc/ssl/certs/trusted.cacerts");
>             ts.load(new FileInputStream(truststore), "".toCharArray());
>             Client client = ClientBuilder.newBuilder().keyStore(keyStore, trustpass).
>                     trustStore(ts).build();
> And I have question, why WebClient is not working like embedded in java URLConnection
or 
> apache http client when I specify system properties
> -Djavax.net.ssl.trustStore=/etc/ssl/certs/trusted.cacerts 
> -Djavax.net.ssl.keyStore=/home/slavb/.java/deployment/security/trusted.clientcerts 
> -Djavax.net.ssl.keyStorePassword=changeit
> (i got error javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
when using SSL web client)
> Why it is need to configure ssl in code?



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message