Does anyone have a clue how I can refresh the keystore in axis2?
Thank you.
On Wed, Jan 28, 2009 at 10:56 AM, Sebastian Van Sande <
sebast...@vansande.org> wrote:
> Hi,
>
> I have a problem with Axis2.
>
> At my project, we have an Microsoft Exchange 2007, and some other project
> has created an API to interact with this Exchange server with the help of
> Axis2.
> This other project uses a Websphere server to manage a keystore to do basic
> authentication over SSL.
> My application on the otherhand runs as a standalone application, and I
> have to manage the keystore myself.
>
> Now, I managed to use this keystore to calling the Exchange 2007 Web
> services over SSL, and it works great.
> But, as you probably know, certificates expire ... and they have to get
> renewed.
>
> So, I managed to create something a 'KeyStoreManager' that will fetch the
> new certificates from the Exchange server and put it in the keystore file.
> And this works great as well .. *IF* I restart my application.
>
> When my application modifies the keystore file, it looks like Axis2 is
> using some caching mechanism. Because when I make the web service call again
> (after inserting the new certificate in my keystore), it can't authenticate
> because it cached the keystore file in memory.
>
> To specify the keystore to Axis2, I use this code:
>
> System.setProperty("javax.net.ssl.trustStore",
> "/path/to/keystore.jks");
> System.setProperty("javax.net.ssl.trustStorePassword",
> "thisisnottherealpassword");
>
> To extract the new certificate and add it to my keystore, I use code based
> on the one you can find at
> http://helpdesk.objects.com.au/java/how-do-i-programatically-extract-a-certificate-from-a-site-and-add-it-to-my-keystore
>
> The problem is: when the keystore file is updated with the new certificate,
> axis2 doesn't seem to know about it because it uses a cached version of the
> keystore file.
>
> So my question is: how can I clear this axis2 keystore cache in some way so
> axis2 will be forced to read the keystore file again?
>
> Thank you for your help,
>
> Kind regards,
> Sebastian
