Re: How to support HTTPS
Hi Steven, I got SSL working with a client a while ago, and haven't had any problems so far. I'm attaching my axis2.xml, maybe that will help. Cheers, Sérgio --- On Fri, May 9, 2008 at 12:48 AM, Steven Zhang [EMAIL PROTECTED] wrote: Hi Dumindu: I have downloaded the server_cert as you suggested. I wrote the data in a file, and set the file name in SERVER_CERT parameter, and leave KEY_FILE and SSL_PASSPHRASE empty because the server does not clients authenticated. However I still get error. I find following problems: 1. In util\src\url.c, within axutil_url_parse_string(), the server protocol is compared with http, ftp and smtp. Since there is no https, the port is -1, which cause the server cannot be connected. I have to change the port to 80 manually. 2. Even with the socket opened, call for SSL_connect() will be blocked forever, which is called in transport\http\sender\ssl\ssl_utils.c. How you think about it? Thanks. Steven - Original Message - From: Dumindu Pallewela To: Apache AXIS C User List Sent: Monday, May 05, 2008 11:35 AM Subject: Re: How to support HTTPS On Mon, May 5, 2008 at 11:47 PM, Steven Zhang [EMAIL PROTECTED] wrote: Hi: How to let Axis2c client support HTTPS? There are two ways. You can either provide the parameters in axis2.xml or you can add the relavent properties to the service client. In either case you should un-comment the https transport receiver and https transport sender sections in the axis2.xml You have to provide the CA certificate that was used to sign the server's certificate for the SERVER_CERT parameter. Alternatively if you talk only to a single server you can obtain it's certificate and provide it for the SERVER_CERT parameter. Please refer to the relevant section of axis2 manual [1] for further details. HTH, Dumindu. [1] http://ws.apache.org/axis2/c/docs/axis2c_manual.html#ssl_client -- Dumindu Pallewela http://blog.dumindu.com GPG ID: 0x9E131672 WSO2 | Oxygenating the Web Service Platform | http://wso2.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] axisconfig name=Axis2/C !-- = -- !-- Parameters -- !-- = -- !-- Uncomment following to enable MTOM support globally -- !--parameter name=enableMTOM locked=falsetrue/parameter-- !-- Set the suitable size for optimum memory usage when sending large attachments -- !--parameter name=MTOMChunkBufferSize locked=false10/parameter-- !--parameter name=MTOMMaxChunkBuffers locked=false1000/parameter-- !-- Enable REST -- parameter name=enableREST locked=falsefalse/parameter parameter name=SERVER_CERT/home/sgomes/cert.pem/parameter !-- Uncomment following to persist op_ctx, useful with RM -- !--parameter name=persistOperationContext locked=falsetrue/parameter-- !--if you want to extract the service archive file and work with that please uncomment this-- !--else , it wont extract archive file or does not take into consideration if someone drop-- !--exploded directory into /service directory-- !--parameter name=extractServiceArchive locked=falsetrue/parameter-- !-- = -- !-- Message Receivers -- !-- = -- !-- This is the Deafult Message Receiver for the Request Response style Operations -- !--messageReceiver mep=INOUT class=axis2_receivers/-- !-- = -- !-- Transport Ins -- !-- = -- !--transportReceiver name=http class=axis2_http_receiver parameter name=port locked=false6060/parameter parameter name=exposeHeaders locked=truefalse/parameter /transportReceiver-- transportReceiver name=https class=axis2_http_receiver !--parameter name=port locked=false6060/parameter-- parameter name=exposeHeaders locked=truefalse/parameter /transportReceiver !--transportReceiver name=tcp class=axis2_tcp_receiver parameter name=port locked=false6060/parameter /transportReceiver-- !-- = -- !-- Transport Outs -- !-- = -- !--transportSender name=http class=axis2_http_sender parameter name=PROTOCOL locked=falseHTTP/1.1/parameter parameter name=xml-declaration insert=false/ /transportSender-- !-- Uncomment this one with the appropriate papameters to enable the TCP transport Sender-- !--transportSender name=tcp class=axis2_tcp_sender parameter name=PROTOCOL locked=falseTCP/parameter parameter name=xml-declaration insert=false/ /transportSender
Re: How to support HTTPS
Re: How to support HTTPSHi Sérgio: Your axis2.xml shows SERVER_CERT as /home/sgomes/cert.pem, however I concern what's the real path name. 1. Can I use full path name here? 2. Is the home means AXIS2_HOME? Thanks. Steven - Original Message - From: Sérgio Gomes To: Apache AXIS C User List Sent: Friday, May 09, 2008 3:37 AM Subject: Re: How to support HTTPS Hi Steven, I got SSL working with a client a while ago, and haven't had any problems so far. I'm attaching my axis2.xml, maybe that will help. Cheers, Sérgio --- On Fri, May 9, 2008 at 12:48 AM, Steven Zhang [EMAIL PROTECTED] wrote: Hi Dumindu: I have downloaded the server_cert as you suggested. I wrote the data in a file, and set the file name in SERVER_CERT parameter, and leave KEY_FILE and SSL_PASSPHRASE empty because the server does not clients authenticated. However I still get error. I find following problems: 1. In util\src\url.c, within axutil_url_parse_string(), the server protocol is compared with http, ftp and smtp. Since there is no https, the port is -1, which cause the server cannot be connected. I have to change the port to 80 manually. 2. Even with the socket opened, call for SSL_connect() will be blocked forever, which is called in transport\http\sender\ssl\ssl_utils.c. How you think about it? Thanks. Steven - Original Message - From: Dumindu Pallewela To: Apache AXIS C User List Sent: Monday, May 05, 2008 11:35 AM Subject: Re: How to support HTTPS On Mon, May 5, 2008 at 11:47 PM, Steven Zhang [EMAIL PROTECTED] wrote: Hi: How to let Axis2c client support HTTPS? There are two ways. You can either provide the parameters in axis2.xml or you can add the relavent properties to the service client. In either case you should un-comment the https transport receiver and https transport sender sections in the axis2.xml You have to provide the CA certificate that was used to sign the server's certificate for the SERVER_CERT parameter. Alternatively if you talk only to a single server you can obtain it's certificate and provide it for the SERVER_CERT parameter. Please refer to the relevant section of axis2 manual [1] for further details. HTH, Dumindu. [1] http://ws.apache.org/axis2/c/docs/axis2c_manual.html#ssl_client -- Dumindu Pallewela http://blog.dumindu.com GPG ID: 0x9E131672 WSO2 | Oxygenating the Web Service Platform | http://wso2.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to support HTTPS
Hi Steven, That is my full path, since I'm using a Unix machine. So, to answer your questions: 1. Yes, that is my full path, so it should work for you as well 2. No, that home is a special directory in Unix systems where the user data is stored So it should work if you just replace it with the full path to your file. Cheers, Sérgio --- On Fri, May 9, 2008 at 6:43 PM, Steven Zhang [EMAIL PROTECTED] wrote: Hi Sérgio: Your axis2.xml shows SERVER_CERT as /home/sgomes/cert.pem, however I concern what's the real path name. 1. Can I use full path name here? 2. Is the home means AXIS2_HOME? Thanks. Steven - Original Message - From: Sérgio Gomes To: Apache AXIS C User List Sent: Friday, May 09, 2008 3:37 AM Subject: Re: How to support HTTPS Hi Steven, I got SSL working with a client a while ago, and haven't had any problems so far. I'm attaching my axis2.xml, maybe that will help. Cheers, Sérgio --- On Fri, May 9, 2008 at 12:48 AM, Steven Zhang [EMAIL PROTECTED] wrote: Hi Dumindu: I have downloaded the server_cert as you suggested. I wrote the data in a file, and set the file name in SERVER_CERT parameter, and leave KEY_FILE and SSL_PASSPHRASE empty because the server does not clients authenticated. However I still get error. I find following problems: 1. In util\src\url.c, within axutil_url_parse_string(), the server protocol is compared with http, ftp and smtp. Since there is no https, the port is -1, which cause the server cannot be connected. I have to change the port to 80 manually. 2. Even with the socket opened, call for SSL_connect() will be blocked forever, which is called in transport\http\sender\ssl\ssl_utils.c. How you think about it? Thanks. Steven - Original Message - From: Dumindu Pallewela To: Apache AXIS C User List Sent: Monday, May 05, 2008 11:35 AM Subject: Re: How to support HTTPS On Mon, May 5, 2008 at 11:47 PM, Steven Zhang [EMAIL PROTECTED] wrote: Hi: How to let Axis2c client support HTTPS? There are two ways. You can either provide the parameters in axis2.xml or you can add the relavent properties to the service client. In either case you should un-comment the https transport receiver and https transport sender sections in the axis2.xml You have to provide the CA certificate that was used to sign the server's certificate for the SERVER_CERT parameter. Alternatively if you talk only to a single server you can obtain it's certificate and provide it for the SERVER_CERT parameter. Please refer to the relevant section of axis2 manual [1] for further details. HTH, Dumindu. [1] http://ws.apache.org/axis2/c/docs/axis2c_manual.html#ssl_client -- Dumindu Pallewela http://blog.dumindu.com GPG ID: 0x9E131672 WSO2 | Oxygenating the Web Service Platform | http://wso2.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to support HTTPS
Re: How to support HTTPSHi Dumindu: When I used version 1.4 it worked with HTTPS server. Thank you so much for your help! Steven - Original Message - From: Dumindu Pallewela To: Apache AXIS C User List Sent: Thursday, May 08, 2008 9:52 PM Subject: Re: How to support HTTPS Hi Steve, On Fri, May 9, 2008 at 5:18 AM, Steven Zhang [EMAIL PROTECTED] wrote: 1. In util\src\url.c, within axutil_url_parse_string(), the server protocol is compared with http, ftp and smtp. Since there is no https, the port is -1, which cause the server cannot be connected. I have to change the port to 80 manually. Which version of axis2/c are you using? axutil_url_parse_string() doesn't compare the protocol. All it does is to create a axutil_url_t structure corresponding to the string url passed. 2. Even with the socket opened, call for SSL_connect() will be blocked forever, which is called in transport\http\sender\ssl\ssl_utils.c. Could you please explain a bit more? I couldn't understand why this would be so... Btw, have you followed the axis2 manual properly[1]? We have tested the https transport and it works properly. Please go through the manual and send us your error log, so that we will be able to get some insight in to what's going wrong in your setting. Regards, Dumindu. [1] http://ws.apache.org/axis2/c/docs/axis2c_manual.html#ssl_client - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to support HTTPS
Re: How to support HTTPSHi Dumindu: I have downloaded the server_cert as you suggested. I wrote the data in a file, and set the file name in SERVER_CERT parameter, and leave KEY_FILE and SSL_PASSPHRASE empty because the server does not clients authenticated. However I still get error. I find following problems: 1. In util\src\url.c, within axutil_url_parse_string(), the server protocol is compared with http, ftp and smtp. Since there is no https, the port is -1, which cause the server cannot be connected. I have to change the port to 80 manually. 2. Even with the socket opened, call for SSL_connect() will be blocked forever, which is called in transport\http\sender\ssl\ssl_utils.c. How you think about it? Thanks. Steven - Original Message - From: Dumindu Pallewela To: Apache AXIS C User List Sent: Monday, May 05, 2008 11:35 AM Subject: Re: How to support HTTPS On Mon, May 5, 2008 at 11:47 PM, Steven Zhang [EMAIL PROTECTED] wrote: Hi: How to let Axis2c client support HTTPS? There are two ways. You can either provide the parameters in axis2.xml or you can add the relavent properties to the service client. In either case you should un-comment the https transport receiver and https transport sender sections in the axis2.xml You have to provide the CA certificate that was used to sign the server's certificate for the SERVER_CERT parameter. Alternatively if you talk only to a single server you can obtain it's certificate and provide it for the SERVER_CERT parameter. Please refer to the relevant section of axis2 manual [1] for further details. HTH, Dumindu. [1] http://ws.apache.org/axis2/c/docs/axis2c_manual.html#ssl_client -- Dumindu Pallewela http://blog.dumindu.com GPG ID: 0x9E131672 WSO2 | Oxygenating the Web Service Platform | http://wso2.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to support HTTPS
Hi Steve, On Fri, May 9, 2008 at 5:18 AM, Steven Zhang [EMAIL PROTECTED] wrote: 1. In util\src\url.c, within axutil_url_parse_string(), the server protocol is compared with http, ftp and smtp. Since there is no https, the port is -1, which cause the server cannot be connected. I have to change the port to 80 manually. Which version of axis2/c are you using? axutil_url_parse_string() doesn't compare the protocol. All it does is to create a axutil_url_t structure corresponding to the string url passed. 2. Even with the socket opened, call for SSL_connect() will be blocked forever, which is called in transport\http\sender\ssl\ssl_utils.c. Could you please explain a bit more? I couldn't understand why this would be so... Btw, have you followed the axis2 manual properly[1]? We have tested the https transport and it works properly. Please go through the manual and send us your error log, so that we will be able to get some insight in to what's going wrong in your setting. Regards, Dumindu. [1] http://ws.apache.org/axis2/c/docs/axis2c_manual.html#ssl_client - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
How to support HTTPS
Hi: How to let Axis2c client support HTTPS? Thanks. Steven Zhang
Re: How to support HTTPS
On Mon, May 5, 2008 at 11:47 PM, Steven Zhang [EMAIL PROTECTED] wrote: Hi: How to let Axis2c client support HTTPS? There are two ways. You can either provide the parameters in axis2.xml or you can add the relavent properties to the service client. In either case you should un-comment the https transport receiver and https transport sender sections in the axis2.xml You have to provide the CA certificate that was used to sign the server's certificate for the SERVER_CERT parameter. Alternatively if you talk only to a single server you can obtain it's certificate and provide it for the SERVER_CERT parameter. Please refer to the relevant section of axis2 manual [1] for further details. HTH, Dumindu. [1] http://ws.apache.org/axis2/c/docs/axis2c_manual.html#ssl_client -- Dumindu Pallewela http://blog.dumindu.com GPG ID: 0x9E131672 WSO2 | Oxygenating the Web Service Platform | http://wso2.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]