Geek Answers Handbook

Creating an SSL Client Using Axis2 / Java

I am trying to connect to a WebService that uses SSL but is unsuccessful. I use Axis2, I found a useful article: http://people.apache.org/~dumindu/docs/HowToConfigureSSL.html , but this is for C. In this article they set the paths to SERVER_CERT, KEY_FILE and SSL_PASSPHRASE using axis2 encoding. xml or C. I tried to change the configuration file, but this does not work for me. If anyone knows how to set these parameters from Java code, let me know.

+1
source share
2 answers

You may be interested in this answer to a similar question. In particular, Axis 2 seems to be using Apache HttpClient 3.x, according to this document :

If you want to run an SSL authentication client (two-way SSL), you can use the Protocol.registerProtocol protocol function HttpClient. You can overwrite the https protocol or use a different protocol for your SSL client authentication if you do not want HTTPS. Find more information at http://jakarta.apache.org/commons/httpclient/sslguide.html

(You can create your SSLContext from an existing keystore and configure HttpClient 3.1 using this factory socket .)

+1
source

I initialized EasySSLProtocolSocketFactory and protocol instances for different endpoints and registered the protocol using a unique key as follows:

/** * This method does the following: * 1. Creates a new and unique protocol for each SSL URL that is secured by client certificate * 2. Bind keyStore related information to this protocol * 3. Registers it with HTTP Protocol object * 4. Stores the local reference for this custom protocol for use during furture collect calls * * @throws Exception */ public void registerProtocolCertificate() throws Exception { EasySSLProtocolSocketFactory easySSLPSFactory = new EasySSLProtocolSocketFactory(); easySSLPSFactory.setKeyMaterial(createKeyMaterial()); myProtocolPrefix = (HTTPS_PROTOCOL + uniqueCounter.incrementAndGet()); Protocol httpsProtocol = new Protocol(myProtocolPrefix,(ProtocolSocketFactory) easySSLPSFactory, port); Protocol.registerProtocol(myProtocolPrefix, httpsProtocol); log.trace("Protocol [ "+myProtocolPrefix+" ] registered for the first time"); } /** * Load keystore for CLIENT-CERT protected endpoints */ private KeyMaterial createKeyMaterial() throws GeneralSecurityException, Exception { KeyMaterial km = null; char[] password = keyStorePassphrase.toCharArray(); File f = new File(keyStoreLocation); if (f.exists()) { try { km = new KeyMaterial(keyStoreLocation, password); log.trace("Keystore location is: " + keyStoreLocation + ""); } catch (GeneralSecurityException gse) { if (logErrors){ log.error("Exception occured while loading keystore from the following location: "+keyStoreLocation, gse); throw gse; } } } else { log.error("Unable to load Keystore from the following location: " + keyStoreLocation ); throw new CollectorInitException("Unable to load Keystore from the following location: " + keyStoreLocation); } return km; }

When I have to link to a web service, I do this (which basically replace “https” in the https1 or https2 URL or something else depending on the protocol that you initialized for this particular endpoint):

 httpClient.getHostConfiguration().setHost(host, port,Protocol.getProtocol(myProtocolPrefix)); initializeHttpMethod(this.url.toString().replace(HTTPS_PROTOCOL, myProtocolPrefix));

It works like a charm!

+1
source

More articles:


All Articles