HItesh Rana
asked on
Add keystore to pom.xml
I got two key stores from the customer. One for encryption and one signing. I'm new to Java (2 days or so in) and not quite sure how to exactly do this in pom.xml
So lets say I have:
keystoreOneForEncryption.j ks password: 11111
keystoreTwoForSigning.jks password: 22222
I got it working SOAP UI. Not sure if this helps but here are the settings I see from there.
So lets say I have:
keystoreOneForEncryption.j
keystoreTwoForSigning.jks password: 22222
I got it working SOAP UI. Not sure if this helps but here are the settings I see from there.
Probably need to see pom.xml
ASKER
Here is my current pom.xml. I have not attempted to add the keystores in. I found some post about it but nothing that told me exactly where to add it. I'm coming from a .NET background where I'm assuming the keystores are configured in the configuration file. Am I right to think that?
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.example</groupId>
<artifactId>javasoapclient</artifactId>
<version>0.0.1-SNAPSHOT</version>
<packaging>jar</packaging>
<name>javasoapclient</name>
<description>Java Soap Client</description>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.0.1.RELEASE</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
<java.version>1.8</java.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter</artifactId>
</dependency>
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-spring-boot-starter-jaxws</artifactId>
<version>3.2.1</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
<plugin>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-codegen-plugin</artifactId>
<version>3.2.1</version>
<executions>
<execution>
<id>generate-sources</id>
<phase>generate-sources</phase>
<configuration>
<sourceRoot>${project.build.directory}/generated/cxf</sourceRoot>
<wsdlOptions>
<wsdlOption>
<wsdl>${basedir}/src/main/resources/wsdl/Service.wsdl</wsdl>
<wsdlLocation>classpath:wsdl/Service.wsdl</wsdlLocation>
</wsdlOption>
</wsdlOptions>
</configuration>
<goals>
<goal>wsdl2java</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
</build>
</project>
You could use maven propety configuration to setup Java System properties. Be careful to set "keyStore" not "trustStore".
Also, if you are using a certificate that it's not from a valid CA you have to configure maven.wagon.http.ssl.insec ure=true and maven.wagon.http.ssl.allow all=true
In your case use:
..
<executions>
<execution>
<goals>
<goal>generate</goal>
</goals>
<configuration>
<properties>
<property>
<name>javax.net.ssl.keySto re</name>
<value>yourks.jks</value>
</property>
<property>
<name>javax.net.ssl.keySto reType</na me>
<value>jks</value>
</property>
<property>
<name>javax.net.ssl.keySto rePassword </name>
<value>changeit</value>
</property>
<property>
<name>maven.wagon.http.ssl .insecure< /name>
<value>true</value>
</property>
<property>
<name>maven.wagon.http.ssl .allowall< /name>
<value>true</value>
</property>
</properties>
</configuration>
</execution>
</executions>
..
Also, if you are using a certificate that it's not from a valid CA you have to configure maven.wagon.http.ssl.insec
In your case use:
..
<executions>
<execution>
<goals>
<goal>generate</goal>
</goals>
<configuration>
<properties>
<property>
<name>javax.net.ssl.keySto
<value>yourks.jks</value>
</property>
<property>
<name>javax.net.ssl.keySto
<value>jks</value>
</property>
<property>
<name>javax.net.ssl.keySto
<value>changeit</value>
</property>
<property>
<name>maven.wagon.http.ssl
<value>true</value>
</property>
<property>
<name>maven.wagon.http.ssl
<value>true</value>
</property>
</properties>
</configuration>
</execution>
</executions>
..
ASKER
Thanks Zmi!
So that adds one keystore file. If I wanted to add another one Just add it below that. So for example:
So that adds one keystore file. If I wanted to add another one Just add it below that. So for example:
<properties>
<property>
<name>javax.net.ssl.keyStore1</name>
<value>yourks.jks</value>
</property>
<property>
<name>javax.net.ssl.keyStoreType</name>
<value>jks</value>
</property>
<property>
<name>javax.net.ssl.keyStorePassword</name>
<value>changeit</value>
</property>
<property>
<name>maven.wagon.http.ssl.insecure</name>
<value>true</value>
</property>
<property>
<name>maven.wagon.http.ssl.allowall</name>
<value>true</value>
</property>
</properties>
<properties>
<property>
<name>javax.net.ssl.keyStore2</name>
<value>yourks.jks</value>
</property>
<property>
<name>javax.net.ssl.keyStoreType</name>
<value>jks</value>
</property>
<property>
<name>javax.net.ssl.keyStorePassword</name>
<value>changeit</value>
</property>
<property>
<name>maven.wagon.http.ssl.insecure</name>
<value>true</value>
</property>
<property>
<name>maven.wagon.http.ssl.allowall</name>
<value>true</value>
</property>
</properties>
I don't see any phase/goal in that project that would require code signing. That would only be involved at some deployment time
ASKER
What do you mean by phase/goal?
Your project is concerned with consuming a web service. Why do need to sign code?
ASKER
When you say sign code you meaning Signature? If so the message is signed when sent I believe and also on the response its signed.
Sorry - misunderstood. You meant a key for signing your messages perhaps?
ASKER
Yes. That is what I meant. If so does that change anything from Zmi solution? Do you need to specify one as incoming and outgoing?
I think you possibly should return to this issue later, once you have it running. You need to solve the wdsl problem first
How to configure keytool:changeStorePasswor d using pom.xml
For the example, we will attach the execution to the generate-resources phase.
<project>
...
<packaging>pom</packaging>
...
<build>
<plugins>
<plugin>
<groupId>org.codehaus.mojo </groupId>
<artifactId>keytool-maven- plugin</ar tifactId>
<version>1.6-SNAPSHOT>/ver sion>
<executions>
<execution>
<goals>
<goal>changeStorePassword< /goal>
</goals>
<phase>generate-resources< /phase>
</execution>
</executions>
<configuration>
<keystore>/path/to/your/ke ystore</ke ystore>
<storepass>storepass</stor epass>
<newPassword>newPassword</ newPasswor d>
</configuration>
</plugin>
</plugins>
</build>
</project>
see: ShowBox VidMate Mobdro
For the example, we will attach the execution to the generate-resources phase.
<project>
...
<packaging>pom</packaging>
...
<build>
<plugins>
<plugin>
<groupId>org.codehaus.mojo
<artifactId>keytool-maven-
<version>1.6-SNAPSHOT>/ver
<executions>
<execution>
<goals>
<goal>changeStorePassword<
</goals>
<phase>generate-resources<
</execution>
</executions>
<configuration>
<keystore>/path/to/your/ke
<storepass>storepass</stor
<newPassword>newPassword</
</configuration>
</plugin>
</plugins>
</build>
</project>
see: ShowBox VidMate Mobdro
This question needs an answer!
Become an EE member today
7 DAY FREE TRIALMembers can start a 7-Day Free trial then enjoy unlimited access to the platform.
View membership options
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.