Skip client certificate for web service without setting system-wide properties

Question

Skip client certificate for web service without setting system-wide properties

I am trying to transfer a client certificate to a web service using a JAX-RPC implementation. (rpc style web service).

So far, I could do this by setting the system properties:

System.setProperty("javax.net.ssl.keyStore", "client_cert.p12"); System.setProperty("javax.net.ssl.keyStorePassword", "newpasswd"); System.setProperty("javax.net.ssl.keyStoreType", "PKCS12");

and then create and call the web service:

 CertificateInfoPortType svc = new CertificateInfoLocator().getCertificateInfo(new URL(SERVICE_URL)); svc.methodToBeInvoked();

But since it will be used internally by EJB, I don’t want to set JVM-wide parameters using System.setProperty , as this will affect all web service clients.

Is there a way to pass the client certificate as a parameter? From what I was able to read, I have to use a custom KeyManager , but I do not know how to configure the client KeyManager for the client.

Thanks!

+4

java web-services jax-rpc

miha Apr 16 '11 at 20:01

source share

1 answer

jtahlborn · Accepted Answer · 2011-04-16T20:48:00+0000

I'm not sure if this will work to use jaxws, but you can install your own factory socket (configured using the ssl custom context) on the jaxws client using something like:

 dispatch.getRequestContext().put(com.sun.xml.ws.developer.JAXWSProperties.SSL_SOCKET_FACTORY, getSSLContext().getSocketFactory());

(this applies to the jaxws sun / oracle implementation).

Skip client certificate for web service without setting system-wide properties

More articles: