From users-return-215419-apmail-tomcat-users-archive=tomcat.apache.org@tomcat.apache.org Sat Aug 07 22:25:06 2010 Return-Path: Delivered-To: apmail-tomcat-users-archive@www.apache.org Received: (qmail 39452 invoked from network); 7 Aug 2010 22:25:06 -0000 Received: from unknown (HELO mail.apache.org) (140.211.11.3) by 140.211.11.9 with SMTP; 7 Aug 2010 22:25:06 -0000 Received: (qmail 42313 invoked by uid 500); 7 Aug 2010 22:25:03 -0000 Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org Received: (qmail 42079 invoked by uid 500); 7 Aug 2010 22:25:01 -0000 Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Users List" Delivered-To: mailing list users@tomcat.apache.org Received: (qmail 42070 invoked by uid 99); 7 Aug 2010 22:25:00 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 07 Aug 2010 22:25:00 +0000 X-ASF-Spam-Status: No, hits=0.7 required=10.0 tests=RCVD_IN_DNSWL_NONE,SPF_HELO_PASS,SPF_NEUTRAL X-Spam-Check-By: apache.org Received-SPF: neutral (athena.apache.org: local policy) Received: from [74.208.4.195] (HELO mout.perfora.net) (74.208.4.195) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 07 Aug 2010 22:24:54 +0000 Received: from [127.0.0.1] (netblock-66-159-223-55.dslextreme.com [66.159.223.55]) by mrelay.perfora.net (node=mrus0) with ESMTP (Nemesis) id 0MTAtC-1OYTub1om6-00SBJT; Sat, 07 Aug 2010 18:24:32 -0400 Message-ID: <4C5DDD1D.1060904@parisgroup.net> Date: Sat, 07 Aug 2010 15:24:29 -0700 From: Steve Johnson User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.8) Gecko/20100802 Thunderbird/3.1.2 MIME-Version: 1.0 To: users@tomcat.apache.org Subject: Re: Two-way SSL setup as Tomcat as a client References: ,,<3304811778278244249@unknownmsgid>,,<99C8B2929B39C24493377AC7A121E21F99011AA0D8@USEA-EXCH8.na.uis.unisys.com> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Antivirus: avast! (VPS 100807-1, 08/07/2010), Outbound message X-Antivirus-Status: Clean X-Provags-ID: V02:K0:7Z+0yzDq8AXLFaMLAlz3fY/sCBPX2IX/VzXr9/MBblE iU1/nVqyS0mw1b+fsY7/091E+ZoVaqDC49E49NH1dBSwMn9BKG y3VoI4i7Dis+bs7b8oITvUbCuLC6ry4kLKFV9Y1cQ90cxwLKCb P8sxgK+HrI7oWdQUh/mLM3p5tat3fRabma/KA9yl2HOD9a+vAM I1r9qKsdEpPbuDlS5sP/rnlMWXEQPLzdAl9jkZjW5M= I can confirm that the Apache HTTPClient module is a good way to go. In fact, it works with zero configuration. You simply give it a normal 'https' URL, and it does the right thing automagically. It may be that you have to do some configuration of your JDK and environment to have SSL capabilities available to HTTPClient, but I don't think so. I don't remember ever doing that on my dev box, and I know for a fact that my use of HTTPClient allows HTTPS URLs with no additional fuss. HTTPClient is an excellent library in general, as is most of the apache stuff. Have fun! S On 8/7/2010 3:13 PM, yifeng wu wrote: > I see. I guess I will look into using apache httpclient or some other library (any recommendation?). > Webshpere actually takes care of outbound SSL connection by configuration (no extra coding) that's why I got confused. > Thanks for input, Chuck. > > YF > >> From: Chuck.Caldarale@unisys.com >> To: users@tomcat.apache.org >> Date: Sat, 7 Aug 2010 11:22:41 -0500 >> Subject: RE: Two-way SSL setup as Tomcat as a client >> >>> From: yifeng wu [mailto:yifengwu@hotmail.com] >>> Subject: RE: Two-way SSL setup as Tomcat as a client >>> >>> I am refering two way SSL not just one way. >> Irrelevant; Pid's statement still stands: it's your webapp, not Tomcat, that is trying to communicate with an external server. Tomcat plays no role is such a connection, it's entirely up to your webapp. There is nothing in Tomcat to configure for this, since Tomcat is not involved. You'll need to use the secure connection capabilities of the JRE or a 3rd-party library of your choice to do the negotiation. >> >> - Chuck >> >> >> THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. >> >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org >> For additional commands, e-mail: users-help@tomcat.apache.org >> > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org For additional commands, e-mail: users-help@tomcat.apache.org