Does anyone have a clue how I can refresh the keystore in axis2? Thank you.
On Wed, Jan 28, 2009 at 10:56 AM, Sebastian Van Sande < sebast...@vansande.org> wrote: > Hi, > > I have a problem with Axis2. > > At my project, we have an Microsoft Exchange 2007, and some other project > has created an API to interact with this Exchange server with the help of > Axis2. > This other project uses a Websphere server to manage a keystore to do basic > authentication over SSL. > My application on the otherhand runs as a standalone application, and I > have to manage the keystore myself. > > Now, I managed to use this keystore to calling the Exchange 2007 Web > services over SSL, and it works great. > But, as you probably know, certificates expire ... and they have to get > renewed. > > So, I managed to create something a 'KeyStoreManager' that will fetch the > new certificates from the Exchange server and put it in the keystore file. > And this works great as well .. *IF* I restart my application. > > When my application modifies the keystore file, it looks like Axis2 is > using some caching mechanism. Because when I make the web service call again > (after inserting the new certificate in my keystore), it can't authenticate > because it cached the keystore file in memory. > > To specify the keystore to Axis2, I use this code: > > System.setProperty("javax.net.ssl.trustStore", > "/path/to/keystore.jks"); > System.setProperty("javax.net.ssl.trustStorePassword", > "thisisnottherealpassword"); > > To extract the new certificate and add it to my keystore, I use code based > on the one you can find at > http://helpdesk.objects.com.au/java/how-do-i-programatically-extract-a-certificate-from-a-site-and-add-it-to-my-keystore > > The problem is: when the keystore file is updated with the new certificate, > axis2 doesn't seem to know about it because it uses a cached version of the > keystore file. > > So my question is: how can I clear this axis2 keystore cache in some way so > axis2 will be forced to read the keystore file again? > > Thank you for your help, > > Kind regards, > Sebastian