Hello,
By default HTTPS
makes authentication of webservers, which might be quite
reasonable
for standard web
applications. Since we are developing Webservices, we are interested in
authentication of our clients (or both)
I have successfully
made the client authenticate the server, but failed doing it vice
versa or both.
I would be
appreciated if anybody could assist me with that.
When running
the sample, the socket connection is closed after the server sends HelloDone
message?
Is anything missing
in the config and client code below?
Should I have
different keystorages for server and client?
I use tomcat-4.0.3
and axis-1.0
in server.xml of
tomcat I've got the following:
<Connector
className="org.apache.catalina.connector.http.HttpConnector"
port="8443"
minProcessors="5"
maxProcessors="75"
enableLookups="false"
acceptCount="10"
debug="9"
scheme="https"
secure="true">
<Factory className="org.apache.catalina.net.SSLServerSocketFactory"
clientAuth="true"
keystoreFile="D:\keys\.keystore"
protocol="TLS"/>
</Connector>
port="8443"
minProcessors="5"
maxProcessors="75"
enableLookups="false"
acceptCount="10"
debug="9"
scheme="https"
secure="true">
<Factory className="org.apache.catalina.net.SSLServerSocketFactory"
clientAuth="true"
keystoreFile="D:\keys\.keystore"
protocol="TLS"/>
</Connector>
in my client code
I've got this:
System.setProperty("java.protocol.handler.pkgs",
"com.sun.net.ssl.internal.www.protocol");
java.security.Security.addProvider(new
com.sun.net.ssl.internal.ssl.Provider());
System.setProperty("javax.net.ssl.trustStore",
"D:\\keys\\.keystore");
System.setProperty("javax.net.ssl.trustStorePassword", "changeit");
System.setProperty("javax.net.ssl.trustStorePassword", "changeit");
System.setProperty("javax.net.ssl.keyStore",
"D:\\keys\\.keystore");
System.setProperty("javax.net.ssl.keyStorePassword", "changeit");
System.setProperty("javax.net.ssl.keyStorePassword", "changeit");
Thanks!
