Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 598
  • Last Modified:

Consume rpc/encoded webservice using axis + client certificate

Hi,

I'm trying to build a webservice client using IntelliJ 13.
The webservice is rpc/encoded so I'm using an old version of Axis (I think it's 1.4).
I need to use a client certificate to access it.

The client I created works fine with the non-https version, but now I need to add the magic to make client certificates work. I found lots of examples on the internet but it's all for Axis 2 and I'm using an older version. Axis 2 doesn't support rpc/encoded.

So, my question is: what do I have to do to load a client certificate before I access the webservice?

regards,

Marco
0
mvanrooij
Asked:
mvanrooij
  • 2
  • 2
2 Solutions
 
mccarlIT Business Systems Analyst / Software DeveloperCommented:
Have you tried setting the System Properties "javax.net.ssl.keyStore" to point to the location of your file containing the client certificate and "javax.net.ssl.keyStorePassword" to the password for that keystore file?

If everything is left as default, I believe the Axis (even 1.4) will use the standard Java SSL implementations that will use the above system properties to locate a keystore containing the client certificate. And then when the server request the client certificate (as part of the SSL handshake), the certificate can be found and passed along to the server.

Have you debugged the SSL connection to see exactly what is happening between client and server? (You can do this by setting an additional system property "javax.net.debug" to "all", ie.       -Djavax.net.debug=all       )
0
 
mvanrooijAuthor Commented:
Yes, I tried that but the problem is that System.setProperty makes the setting global and I need to be able to switch certificates at runtime.

After trying to sort this out all night I found an interesting website where a custom SocketFactory is explained. I implemented it and guess what... it works great!

http://staff.washington.edu/fox/notes/ws_client_j.shtml
0
 
mccarlIT Business Systems Analyst / Software DeveloperCommented:
I need to be able to switch certificates at runtime.
Ahh, that wasn't stated in the original question. So yeah, you would need the different solution. Glad that you got it working though! :)
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now