If you want to change which certificate is used depending on which connection has been created, you need to configure SSLContext as described in this answer: https://stackoverflow.com/a/416829/
As far as I know, Axis 2 uses Apache HttpClient 3.x, so you will need to follow its SSLContext setting (and X509KeyManager if necessary). The easiest way is to configure the Apache HttpClient global https protocol handler using the SSLContext configured using the X509KeyManager configured to select the client certificate of your choice (via chooseClientAlias ).
If issuers and a connected Socket (possibly a remote address) are not enough to determine which certificate to choose, you may need to implement more complex logic, which will almost inevitably require careful synchronization with the rest of your application.
EDIT
After you have built SSLContext and X509KeyManager , you need to pass them to Apache HttpClient 3.x. To do this, you can create your own SecureProtocolSocketFactory , which will build a socket from this SSLContext (via SSLSocketFactory , see SSLContext ). Examples in the Apache HttpClient 3.x SSL guide . Avoid EasySSLProtocolSocketFactory , as it will not validate the server certificate (thereby allowing MITM attacks). You can also try this implementation .
Note that you really need to configure X509KeyManager , you can initialize your SSLContext (via init ) with null , so that other parameters retain their default values (in particular, default trust settings),
Then "install" this SecureProtocolSocketFactory globally for Apache HttpClient 3.x, using something like this:
Protocol.registerProtocol("https", new Protocol("https", (ProtocolSocketFactory)secureProtocolSocketFactory, 443));
Bruno
source share