karaf-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jean-Baptiste Onofré ...@nanthrax.net>
Subject Re: Karaf SSL CXF Client https
Date Mon, 17 Jul 2017 07:40:09 GMT
Hi,

Pax Web is for the "server" side, not the client side. That's why you have to 
configure the http-conduits (which is the client side).

The org.apache.cxf.osgi.cfg is wrong in  your case.

Can you explain what did you do exactly ?

Regards
JB

On 07/17/2017 09:34 AM, erwan wrote:
> Hello, and thanks for your reply.
> I tried to use what is described in the documentation without any success.
> I still have these kind of messages in traces:
> 2017-07-17 09:22:57,344 | DEBUG | heduler_Worker-1 | HTTPConduit
> :940 | 137 - org.apache.cxf.cxf-rt-transports-http - 3.1.9 | Conduit
> '{https://mydomain}WebClient.http-conduit' has been (re)configured for plain
> http.
> 
> I though it was a configuration problem.
> I add this parameter to the command line:
> 
> -Dcxf.config.file=cxf.xml
> 
> but got an error as well:
> [FelixStartLevel] ERROR org.apache.felix.fileinstall - Failed to install
> artifact: \etc\org.apache.cxf.osgi.cfg
> java.util.InvalidPropertiesFormatException: org.xml.sax.SAXParseException:
> Document root element "beans", must match DOCTYPE root "null".
> 
> content cxf.xml:
> <?xml version="1.0" encoding="UTF-8"?>
> <beans xmlns="http://www.springframework.org/schema/beans"
>    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
>    xmlns:sec="http://cxf.apache.org/configuration/security"
>    xmlns:http="http://cxf.apache.org/transports/http/configuration"
>    xmlns:jaxws="http://java.sun.com/xml/ns/jaxws"
>    xsi:schemaLocation="
>        http://cxf.apache.org/configuration/security
> http://cxf.apache.org/schemas/configuration/security.xsd
>        http://cxf.apache.org/transports/http/configuration
> http://cxf.apache.org/schemas/configuration/http-conf.xsd
>        http://www.springframework.org/schema/beans
> http://www.springframework.org/schema/beans/spring-beans.xsd">
>        
>        
>   
>    <http:conduit name="*.http-conduit">
>   
>      <http:tlsClientParameters>
>        <sec:keyManagers keyPassword="dummy">
>          <sec:keyStore type="JKS" password="dummy"
>                        file="etc/keystores/dummy.jks"/>
>        </sec:keyManagers>
>        <sec:trustManagers>
>          <sec:keyStore type="JKS" password="dummy"
>                        file="etc/truststores/dummy.jks"/>
>        </sec:trustManagers>
>        <sec:cipherSuitesFilter>
>          
>          <sec:include>.*_EXPORT_.*</sec:include>
>          <sec:include>.*_EXPORT1024_.*</sec:include>
>          <sec:include>.*_WITH_DES_.*</sec:include>
>          <sec:include>.*_WITH_AES_.*</sec:include>
>          <sec:include>.*_WITH_NULL_.*</sec:include>
>          <sec:exclude>.*_DH_anon_.*</sec:exclude>
>        </sec:cipherSuitesFilter>
>      </http:tlsClientParameters>
>      <http:client AutoRedirect="true" Connection="Keep-Alive"/>
>   
>    </http:conduit>
>   
> </beans>
> So not working yet...
> Something seems to be strange as well in startup traces:
> 2017-07-17 09:22:47,625 | INFO  | FelixStartLevel  | HttpServiceFactoryImpl
> :35 | 240 - org.ops4j.pax.web.pax-web-runtime - 4.3.0 | Binding bundle:
> [cxf-dosgi-ri-dsw-cxf [68]] to http service
> 
> do we have to configure pax-web as well?
> 
> 
> 
> --
> View this message in context: http://karaf.922171.n3.nabble.com/Karaf-SSL-CXF-Client-https-tp4050999p4051025.html
> Sent from the Karaf - User mailing list archive at Nabble.com.
> 

-- 
Jean-Baptiste Onofré
jbonofre@apache.org
http://blog.nanthrax.net
Talend - http://www.talend.com

Mime
View raw message