cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jim Schneider <>
Subject CXF client SSL pain
Date Thu, 11 Feb 2010 17:25:05 GMT

CXF 2.2.4 client trying to access an Axis2 soap web service over SSL

I can't get my CXF client to get past the SSL handshake, but the sample
Axis2 client from the web service developer works fine. Here's my config:

   <http:conduit name="*.http-conduit">
	    <http:tlsClientParameters secureSocketProtocol="SSL"
	      <sec:keyManagers >		  
	            <sec:keyStore type="PKCS12" password="testing" 										
				<sec:keyStore type="JKS" password="trustword" 

I'm logging/tracing the SSL for both the successful Axis2 client and
unsuccessful CXF client and I see the ServerHelloDone message on both. Then,
on the Axis2 client, I see a "Certificate chain" message with a single entry
right before the ClientKeyExchange. On the CXF client, I see the
"Certificate chain" header, but no entry. 

Then, for the ClientKeyExchange, the Axis2 client sends 2 - 926 byte
messages, whereas the CXF client sends 2 - 141 byte messages. The Axis2
client finishes the SSL handshake successfully and moves on to the
application data. The CXF client has a failed handshake and then restarts
the ClientHello phase again. 

I'm stuck. Any help is appreciated. I can send complete SSL outputs for both
if that would help.
View this message in context:
Sent from the cxf-user mailing list archive at

View raw message