All geek questions in one place

SSL negotiation using SSL Soap

My client successfully receives a response from the server via HTTP.

SOAPConnectionFactory sfc = SOAPConnectionFactory.newInstance(); SOAPConnection connection = sfc.createConnection(); SOAPMessage soapMessageResponse = connection.call(soapRequest, new URL(serviceLocation));

I need SSL communication between client / server.

In another project, I successfully create an SSLSocketFactory from KeyStore and TrustManagerFactory for SSL handshakes.

How can I use the SSLSocketFactory code in the webservice client to make the successful SSL client connection successful for the server call.

+4
source share
3 answers

This line of code will not work with SSL.

 SOAPMessage soapMessageResponse = connection.call(soapRequest, new URL(serviceLocation));

Create a trust and key managers from here .

To get an SSL response from the axis2 web service, you need to open the streams as indicated here

0
source

I am sure it will use SSLC by default. You can change this with SSLContext.setDefault ().

 SSLContext c = SSLContext.getInstance("SSL"); TrustManagerFactory tmf = TrustManagerFactory.getInstance("PKIX"); tmf.init(yourKeystore); TrustManager tm = tmf.getTrustManagers()[0]; tm. c.init(null, tm, null);

Here are some other values for the string parameters above.

If you need more control, you can implement your own subclass of SSLContext, which returns your own implementation of SSLSocketFactory and sets that SSLContext as the default value:

 public class MySSLContext extends SSLContext { private SSLContext wrapped; private SSLSocketFactory mySocketFactory; public MySSLContext(SSLContext toWrap, SSLSocketFactory mySocketFactory) { wrapped = toWrap; this.mySocketFactory = mySocketFactory; } public SSLSocketFactory getSocketFactory() { return mySocketFactory; } public SSLSessionContext getClientSessionContext() { return wrapped; } // other delegates }
+1
source

Hi, if you add this code to your webservice class, think that your problem will be solved.

  ` //just put it your somewhere public static class miTM implements javax.net.ssl.TrustManager, javax.net.ssl.X509TrustManager { public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; } public boolean isServerTrusted( java.security.cert.X509Certificate[] certs) { return true; } public boolean isClientTrusted( java.security.cert.X509Certificate[] certs) { return true; } public void checkServerTrusted( java.security.cert.X509Certificate[] certs, String authType) throws java.security.cert.CertificateException { return; } public void checkClientTrusted( java.security.cert.X509Certificate[] certs, String authType) throws java.security.cert.CertificateException { return; } } // CAll This function in your webservice class . private static void trustAllHttpsCertificates() throws Exception { // Create a trust manager that does not validate certificate chains: javax.net.ssl.TrustManager[] trustAllCerts = new javax.net.ssl.TrustManager[1]; javax.net.ssl.TrustManager tm = new miTM(); trustAllCerts[0] = tm; javax.net.ssl.SSLContext sc = javax.net.ssl.SSLContext.getInstance("SSL"); sc.init(null, trustAllCerts, null); javax.net.ssl.HttpsURLConnection.setDefaultSSLSocketFactory( sc.getSocketFactory()); }
0
source

Source: https://habr.com/ru/post/1415554/

More articles:


All Articles