As far I know,  for 1-way authentication, you only have to import the keystore and certificate from the Web service,  and set up the environment in the Web Service Client ( via System.setProperty).

You need to provide your own certificate in a keystore for mutual authentications, that is, when you also want the remote Web service to trust you.



Best Regards,

Ying Tang



2009/1/28 cesarAugusto <ccesar.guzman@gmail.com>

I'm also a little confused with this subject, but my intention is connect to
an existing websebservice, I have a certificate from the owner of the
webservices, and I have my java application deployed in a web sphere
community edition, my concrete question is if I need to configure a keystore
in the application server (Web Sphere C.E) to establish communication with
that existing webservice?.
or
I have a keystore with the certificate of my werservice provider, Can I use
this keystore to establish this communication?

thanks in advance.



djencks wrote:
>
> Sorry, I'm confused.  Are you trying to expose a web service and need
> to set up a https connector using this certificate or are you trying
> to connect to an existing webservice that requires client certificate
> authentication?
>
> I assume since you mention wasce that you are using geronimo-
> tomcat.... which was ce version are you using?
>
> thanks
> david jencks
>
> On Jan 27, 2009, at 1:27 PM, cesarAugusto wrote:
>
>>
>> Hi, everybody,
>>
>> I formed a keystore from keystore configuration of was ce.
>> I log me in for administrative console, in
>> console navigation
>> -Security
>> --keystores.
>>
>> I created a keystore named testKS in this I import a certificate and
>> create
>> a private key.
>>
>> I need to establish a communication with a WebService published over
>> https,
>> normally I use instruction like
>> // path to the JKS which contains the public cert of the server
>>                              System.setProperty("javax.net.ssl.trustStore","path");
>>
>> // store password of the above JKS
>> System.setProperty("javax.net.ssl.trustStorePassword","password");
>>
>> However, how can I access the keystore from my WASCE distribution.
>>
>> I need to establish a HTTPS Connector?
>> or
>> I need to access directly to <WASCE_HOME>\var\security\keystores
>> \testKS?
>>
>> thanks in advance.
>>
>>
>>
>> --
>> View this message in context:
>> http://www.nabble.com/Use-a-keystore-in-java-application-tp21694808s134p21694808.html
>> Sent from the Apache Geronimo - Users mailing list archive at
>> Nabble.com.
>>
>
>
>

--
View this message in context: http://www.nabble.com/Use-a-keystore-in-java-application-tp21694808s134p21706084.html
Sent from the Apache Geronimo - Users mailing list archive at Nabble.com.