geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Jencks <david_jen...@yahoo.com>
Subject Re: Problem with SSL connection
Date Tue, 22 Dec 2009 20:21:30 GMT
IIUC Frank is explaining how to set up server 1 to use https whereas  
Peter is asking how to get a web service client in the web app on  
server 1 to be able to access the web service on server 2 through  
https.  Is this correct?  If it is... I'm also not clear on what kind  
of client credentials the web service client is supposed to supply to  
the web service.  User/password? Client certificate?  Are the client  
credentials always the same or are they derived from the user identity  
of the web app user?

thanks
david jencks


On Dec 22, 2009, at 1:33 AM, frapien wrote:

>
> Hi Peter
>
> to use your new keytore, you have to
> just edit connectorTomcatWebSSLConnector  configuration in web console
> and change the *keystoreFile from
> ../security/keystores/geronimo-default to your keystore
> save it ans thats it
> You can do the same directly in the config.xml also
>
> Frank
>
>
> Peter Schulze wrote:
>>
>> Hi,
>> I got a rather simple problem, I think, but I don't know HOW to  
>> solve it
>> in
>> geronimo 2.1.4.
>> We develop a platform solution with two Servermachines. Server 1  
>> hosts a
>> Webapplication. Server 2 provides some Webservices which are used  
>> from
>> different
>> applications. I am the rather unlucky developer who has to write the
>> web-application for Server 1. My Problem is as follows:
>>
>> Server 2 has been reconfiguered to use SSL. When I now call the  
>> Webservice
>> I get
>> the folowing Exception:
>>
>> javax 
>> .net 
>> .ssl.SSLHandshakeException:sun.security.validator.ValidatorException:
>> PKIX path building
>> failed:sun.security.provider.certpath.SunCertPathBuilderException:  
>> unable
>> to
>> find valid certification path to requested target
>>
>>
>> ok, no Problem, I have to tell the application, where to get the
>> certificate
>> from. So I go to the geronimo console and generate a new Keystore,
>> „myKeystore“.
>> I add the certificates I need for my application and then... I  
>> don't know
>> how
>> exactly I can tell my application to access the keystore and use the
>> configured
>> certificates.
>>
>> As far as I can figure it out, I'd like to put this into the
>> geronimo-web.xml of
>> my web-application, but I haven't understood the geronimo good  
>> enough to
>> be sure
>> about this call.
>>
>> Thank you for your efforts.
>>
>> Peter Schulze
>>
>
> -- 
> View this message in context: http://old.nabble.com/Problem-with-SSL-connection-tp26884809s134p26885790.html
> Sent from the Apache Geronimo - Dev mailing list archive at  
> Nabble.com.
>


Mime
View raw message