Hi Dumindu, We've done some modifications to CA cert verification. There Vivi would not want to store the entire cert chain locally.
Regards, Senaka > Hi Vivian, > >> >> (1) I looked at the manuals you refered to, it seems to me that I will >> need >> to re-compile the AXIS2/c to enable ssl. My question is this, is the >> downloaded binary from AXIS2/c side SSL enabled? > > No, you have to compile source with --enable-openssl option set. > >> >> (2) Now suppose I have an AXIS2/c based client, and an AXIS-j (v1.4) + >> TOMCAT based server component, will the HTTPS continue to work if I set >> up >> key chain file for the client and set up keystore file for the >> AXIS-J/TOMCAT >> based server? Did anyone ever test this senario? and how to test? > > Well, I haven't tested this particular scenario myself and I'm not > sure if someone else has tested it already either. But we have tested > our https transport againts other servers and there is no reason that > I can think of, why it would fail for TOMCAT. > > Of course you are welcome to test this scenario, I can help you with > setting up the axis2/c client, but I am not sure how TOMCAT should be > dealt with. However, if you can set up https for TOMCAT somehow, you > can check if it is working properly, by pointing your browser to the > end point url. > > Then the easiest way to configure AXIS2/C client is to provide the > same server certificate that you have used in TOMCAT server for the > SERVER_CERT parameter in axis2.xml. Note that there is no need for a > key-chain file or a pass-phrase if you do not want client > authentication. > > > HTH, > Dumindu. > > -- > Dumindu Pallewela > http://blog.dumindu.com > GPG ID: 0x9E131672 > > WSO2 | "Oxygenating the Web Service Platform" | http://wso2.com > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
