ws-soap-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Daniel Herbison" <herbi...@nortelnetworks.com>
Subject RE: SOAP and HTTPS
Date Wed, 15 Sep 2004 14:56:37 GMT
I guess my question is how to use the keytool generated certificate file
with perl, php, etc...
Does HTTPS_CERT_FILE contain the keystore file or a certificate extraction
from it?  Do I put the key that is reported by keytool -list in a separate
file for use by HTTPS_KEY_FILE?  I've tried a number of variations but can't
get the keytool generated keystore file to work.

-----Original Message-----
From: Scott Nichol [mailto:snicholnews@scottnichol.com] 
Sent: Wednesday, September 15, 2004 7:57 AM
To: soap-user@ws.apache.org
Subject: Re: SOAP and HTTPS

I have never tried it, but the SOAP::Lite documentation has the following
specifically about client certificates:

SSL CERTIFICATE AUTHENTICATION
To get certificate authentication working you need to specify three
environment variables: HTTPS_CERT_FILE, HTTPS_KEY_FILE, and (optionally)
HTTPS_CERT_PASS:

  $ENV{HTTPS_CERT_FILE} = 'client-cert.pem';
  $ENV{HTTPS_KEY_FILE}  = 'client-key.pem';Crypt::SSLeay (which is used for
https support) will take care about everything else. Other options (like CA
peer verification) can be specified in a similar way. See Crypt::SSLeay
documentation for more details.


Those who would like to use encrypted keys may check
http://groups.yahoo.com/group/soaplite/message/729 for details.

As far as PHP goes, the only SOAP experience I have is NuSOAP, a project on
which I am a developer.  It does not currently support client certificates,
although it is on the to-do list, and one of the NuSOAP users has supplied
code he used when hard-coding NuSOAP to do client certs, so it is not a
particularly difficult modification.


Scott Nichol

Do not send e-mail directly to this e-mail address,
because it is filtered to accept only mail from
specific mail lists.
----- Original Message ----- 
From: "Daniel Herbison" <herbison@nortelnetworks.com>
To: <soap-user@ws.apache.org>
Sent: Wednesday, September 15, 2004 8:10 AM
Subject: RE: SOAP and HTTPS


> I'm unsure on how to configure things.  I got the public/private key thing
> working in java but it seemed straight forward.  In java I just let the
jvm
> know where the key store was and it seemed to magically know what to do.
I
> can't find anything on the web talking about perl or php and keystores.
> 
> -----Original Message-----
> From: Scott Nichol [mailto:snicholnews@scottnichol.com] 
> Sent: Tuesday, September 14, 2004 7:53 PM
> To: soap-user@ws.apache.org
> Subject: Re: SOAP and HTTPS
> 
> What is the nature of your problem?  Are you running SSL code and getting
> errors (in which case, what are the errors), or are you unsure of how to
> configure things?
> Scott Nichol
> 
> Do not send e-mail directly to this e-mail address,
> because it is filtered to accept only mail from
> specific mail lists.
> ----- Original Message ----- 
> From: "Daniel Herbison" <herbison@nortelnetworks.com>
> To: <Soap-user@ws.apache.org>
> Sent: Tuesday, September 14, 2004 6:54 PM
> Subject: SOAP and HTTPS
> 
> 
> > I'm trying to access a soap service, Java running under Tomcat, using
> > Soap::Lite.  Here is the code:
> > 
> >  
> > 
> > use SOAP::Lite;
> > 
> >  
> > 
> > push @x,"userid=".$ARGV[0];
> > 
> > push @x,"password=".$ARGV[1];
> > 
> > push @x,"sip=".$ARGV[2];
> > 
> > push @x,"date=".$ARGV[3];
> > 
> > push @x,"xmlIndent=true";
> > 
> > $,="\t";
> > 
> > $\="\n";
> > 
> > print 'htmlParams' ,$x[0],$x[1],$x[2],$x[3];
> > 
> > print SOAP::Lite
> > 
> >         -> service('http://service...?wsdl')
> > 
> >         -> getIPConversations(SOAP::Data->name('htmlParams' => \@x ))
> > 
> >  
> > 
> > It works great with http and I'm now trying to get it to authenticate
> using
> > https and a client credential file generated with the java tool keytool.
> > 
> > OpenSSL and Crypt-SSLeay are installed. 
> > 
> >  
> > 
> > Does anyone know how to do this?  
> > 
> >  
> > 
> > 
> 
> 


Mime
View raw message