Return-Path: X-Original-To: apmail-cxf-issues-archive@www.apache.org Delivered-To: apmail-cxf-issues-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 6336B11929 for ; Wed, 23 Jul 2014 06:42:39 +0000 (UTC) Received: (qmail 76438 invoked by uid 500); 23 Jul 2014 06:42:39 -0000 Delivered-To: apmail-cxf-issues-archive@cxf.apache.org Received: (qmail 76408 invoked by uid 500); 23 Jul 2014 06:42:39 -0000 Mailing-List: contact issues-help@cxf.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cxf.apache.org Delivered-To: mailing list issues@cxf.apache.org Received: (qmail 76204 invoked by uid 99); 23 Jul 2014 06:42:39 -0000 Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 23 Jul 2014 06:42:39 +0000 Date: Wed, 23 Jul 2014 06:42:39 +0000 (UTC) From: "Andrei Shakirin (JIRA)" To: issues@cxf.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Commented] (CXF-5652) WebClient with SSL: javax.net.ssl.SSLHandshakeException handshake_failure MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/CXF-5652?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14071424#comment-14071424 ] Andrei Shakirin commented on CXF-5652: -------------------------------------- Thanks for retesting Vjacheslav, I will close this defect and you can open new ticket about instability later, in case if it is not fixed. Regards, Andrei. > WebClient with SSL: javax.net.ssl.SSLHandshakeException handshake_failure > ------------------------------------------------------------------------- > > Key: CXF-5652 > URL: https://issues.apache.org/jira/browse/CXF-5652 > Project: CXF > Issue Type: Improvement > Components: JAX-RS > Affects Versions: 3.0.0-milestone2 > Reporter: Vjacheslav Borisov > Assignee: Andrei Shakirin > Priority: Minor > Attachments: URLConnectionTest.java > > > I got error when using WebClient with SSL using client certificate: > javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure > I found a way to fix this error > KeyStore keyStore = KeyStore.getInstance("JKS"); > String trustpass = "chageit"; > File truststore = new File("/home/slavb/.java/deployment/security/trusted.clientcerts"); > keyStore.load(new FileInputStream(truststore), trustpass.toCharArray()); > KeyStore ts = KeyStore.getInstance("JKS"); > truststore = new File("/etc/ssl/certs/trusted.cacerts"); > ts.load(new FileInputStream(truststore), "".toCharArray()); > Client client = ClientBuilder.newBuilder().keyStore(keyStore, trustpass). > trustStore(ts).build(); > And I have question, why WebClient is not working like embedded in java URLConnection or > apache http client when I specify system properties > -Djavax.net.ssl.trustStore=/etc/ssl/certs/trusted.cacerts > -Djavax.net.ssl.keyStore=/home/slavb/.java/deployment/security/trusted.clientcerts > -Djavax.net.ssl.keyStorePassword=changeit > (i got error javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure when using SSL web client) > Why it is need to configure ssl in code? -- This message was sent by Atlassian JIRA (v6.2#6252)