Axis2 with SSL Host Name Verification

kancansan Tue, 04 Nov 2008 00:32:35 -0800

Hi All,

I am using axis2 and tomcat. 
I would like to use ssl with two way authentication and host name
verification. 
For this purpose, I did the followings;


1-Create ssl server keystore and certificate with keytool.
2-Create client keystore and certificate with keytool.
3-Create server trusted keystore and import client certificate in it.
4-Create client trusted keystore and import server certificate in it.


In tomcat's server.xml. I did the following things;

                <Connector SSLEnabled="true" clientAuth="true"
                        keystoreFile="D:\SSL\server.keystore" 
keystorePass="pass"
                        keystoreType="jks"  
                        truststoreFile="D:\SSL\servertrusted.keystore" 
                        truststorePass="pass"
                        truststoreType="jks" maxThreads="150" port="8443"
                        protocol="HTTP/1.1" scheme="https" secure="true" 
sslProtocol="TLS" />

And in java code, I set the some properties like;

        System.setProperty("javax.net.ssl.trustStore",
"D:/SSL/clienttrusted.keystore");
        System.setProperty("javax.net.ssl.trustStorePassword", "pass");
        System.setProperty("javax.net.ssl.trustStoreType", "jks");        

        System.setProperty("javax.net.ssl.keyStore", "D:/SSL/client.keystore");
        System.setProperty("javax.net.ssl.keyStorePassword", "pass");
        System.setProperty("javax.net.ssl.keyStoreType", "jks");

Up to now; everything worked great. But i have no idea how could i manage
host name verification.
In axis2.xml, there is something like that;


    <!-- the non-blocking https transport sender based on HttpCore + NIO SSL
extensions
    <transportSender name="https"
class="org.apache.axis2.transport.nhttp.HttpCoreNIOSSLSender">
        <parameter name="non-blocking" locked="false">true</parameter>
        <parameter name="keystore" locked="false">
            <KeyStore>
                <Location>identity.jks</Location>
                <Type>JKS</Type>
                <Password>password</Password>
                <KeyPassword>password</KeyPassword>
            </KeyStore>
        </parameter>
        <parameter name="truststore" locked="false">
            <TrustStore>
                <Location>trust.jks</Location>
                <Type>JKS</Type>
                <Password>password</Password>
            </TrustStore>
        </parameter>-->
        <!--<parameter
name="HostnameVerifier">DefaultAndLocalhost</parameter>
            supports Strict|AllowAll|DefaultAndLocalhost or the default if
none specified -->
    <!--</transportSender>-->


How can i set above's parameter?
what is the difference between above and tomcat's server.xml settings?

In axis2, I get the stub like;

SampleStub stub = new SampleStub("https://.....";);

is there any option should i set?

I am waiting your answers.

Thanks.

--
kancansan





-- 
View this message in context: 
http://www.nabble.com/Axis2-with-SSL-Host-Name-Verification-tp20318060p20318060.html
Sent from the Axis - User mailing list archive at Nabble.com.


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Axis2 with SSL Host Name Verification

Reply via email to