Here is what I did, hope it works:
1), create your own secure socket factory to read your own key store with
the root ca cert of the target host cert been imported (sample code below);
2), set system property before you make the https webservices call:
System.setProperty(org.apache.axis.components.net.SecureSocketFactory,
com.MyAxisSecureSocketFactory);
// sample custom ss factory ...
public class MyAxisSecureSocketFactory extends JSSESocketFactory {
public InthubAxisSecureSocketFactory(Hashtable table) throws Exception {
super(table);
String jks = KeyStore.getDefaultType();
KeyStore ks = KeyStore.getInstance(jks, SUN);
char[] password = changeit.toCharArray();
// keystore file, with cert (root ca or self signed cert)
imported
String keystore = /opt/server/etc/cacerts.jks;
InputStream is = new FileInputStream(keystore);
ks.load(is, password);
KeyManagerFactory kmf =
KeyManagerFactory.getInstance(SunX509);
kmf.init(ks, password);
TrustManagerFactory tmf =
TrustManagerFactory.getInstance(SunX509);
tmf.init(ks);
SSLContext context = SSLContext.getInstance(SSL);
context.init(kmf.getKeyManagers(), tmf.getTrustManagers(),
new SecureRandom());
sslFactory = context.getSocketFactory();
}
}
Raghuram Sreenath wrote:
I am writing this email as the last hope to get some help with my effort
to
get a custom trust manager with axis.
I have gone through the documention (whatever is available) and have found
no answers. Specificall, i have tried the following:
1. followed the steps in axis/docs/integration-guide.html#Pluggable%20APIs
2. Tried the steps mentioned by John in his post
http://marc.info/?l=axis-userm=110211163701959w=2
I have had no luck.
Basically, I have an axis client trying to contact an axis server over
HTTPS. I have an implementation of X509TrustManager that I want to be used
while doing a SSL handshake. From what I understand, this should be
typically achieved by the following lines of code:
TrustManager[] myTMs = new TrustManager [] {
new MyTrustManager() };
SSLContext ctx = SSLContext.getInstance(SSL);
ctx.init(null, myTMs, null);
SSLSocketFactory factory =ctx.getSocketFactory();
HttpsURLConnectionImpl.setDefaultSSLSocketFactory(factory);
after moving to axis. I created an implementation of axis's
SecureSocketFactory that delegates to my 'factory' above and added the
following:
System.setProperty(
org.apache.axis.components.net.SecureSocketFactory,
my.package.MySecureSocketFactory);
AxisProperties.setClassOverrideProperty(
org.apache.axis.components.net.SecureSocketFactory.class,
amazon.subway.mapps.notif.adapters.webservice.MySecureSocketFactory);
AxisProperties.setProperty(
org.apache.axis.components.net.SecureSocketFactory,
my.package.MySecureSocketFactory);
I even tried passing the jvm parameters: -
Dorg.apache.axis.components.net.SecureSocketFactory=my.package.MySecureSocketFactory-
Daxis.socketSecureFactory=my.package.MySecureSocketFactory
Nothing has worked :(
Please help!
Regards,
Raghuram.
Quoted from:
http://www.nabble.com/Custom-TrustManagers-with-Axis-%2B-SSL-tp15591313p15591313.html
Raghuram Sreenath wrote:
I am writing this email as the last hope to get some help with my effort
to
get a custom trust manager with axis.
I have gone through the documention (whatever is available) and have found
no answers. Specificall, i have tried the following:
1. followed the steps in axis/docs/integration-guide.html#Pluggable%20APIs
2. Tried the steps mentioned by John in his post
http://marc.info/?l=axis-userm=110211163701959w=2
I have had no luck.
Basically, I have an axis client trying to contact an axis server over
HTTPS. I have an implementation of X509TrustManager that I want to be used
while doing a SSL handshake. From what I understand, this should be
typically achieved by the following lines of code:
TrustManager[] myTMs = new TrustManager [] {
new MyTrustManager() };
SSLContext ctx = SSLContext.getInstance(SSL);
ctx.init(null, myTMs, null);
SSLSocketFactory factory =ctx.getSocketFactory();
HttpsURLConnectionImpl.setDefaultSSLSocketFactory(factory);
after moving to axis. I created an implementation of axis's
SecureSocketFactory that delegates to my 'factory' above and added the
following:
System.setProperty(
org.apache.axis.components.net.SecureSocketFactory,
my.package.MySecureSocketFactory
