Re: SSL, Mutual or Client Authentication

[Jesús Daniel Blázquez Carazo]

If you want mutual authentication between client and server you need first a certificate for the client and the server. To get them you can try use openssl.   Second you need configure SSL with Tomcat in the way you have explained and delete or comment from the server.xml the <connector port="8080">   In this way Tomcat will be listening in the secure port 8443. ----- Original Message ----- From: VELUMMYLUM Piragash To: axis-user@ws.apache.org Sent: Thursday, October 19, 2006 5:28 PM Subject: SSL, Mutual or Client Authentication Hi All,   I am very new to Axis, I just installed it yesterday.   I am trying to use Axis over an HTTPS connection.  I want to be able to use SSL with mutual authentication before Axis2 even receives the request.  I am running Axis2 on Tomcat.  I was wondering if I should let Tomcat handle the SSL part or if Axis2 has its own features?  Can Tomcat do mutual authentication, i.e. authenticating the client?  If not can Axis2 do mutual authentication for SSL?   Here are 2 routes I have considered and my questions regarding both possibilities:   1. Configuring SSL with Tomcat:     - I have discovered that I can define a connector with Tomcat under the  $CATALINA_HOME/conf/server.xml     <!-- Define a SSL HTTP/1.1 Connector on port 8443 -->     <Connector port="8443" maxHttpHeaderSize="8192"                maxThreads="150" minSpareThreads="25" maxSpareThreads="75"                enableLookups="false" disableUploadTimeout="true"                acceptCount="100" scheme="https" secure="true"                clientAuth="false" sslProtocol="TLS" />     - How do I specify Tomcat to use only use the secure connector and not the non-SSL connector when talking to Axis2?   2. Configuring Axis2 to handle SSL connections:     - Can Axis2 do this?  If so can it deal with mutual authentication?   Thank you in advance,   Piragash