Hi Axis Developers, I'm experiencing some problems trying to connect to a WS using SSL with a PKCS#11 Provider and a HSM (Hardware Security Module). The destination WS is returning a message "HTTP 403.7 - Forbidden: Client certificate required".
When I try to connect the same WS, but using a JKS KeyStore, the connection and handshake is done without any problem. Before I call the WS, I basically set the JCA system variables like that: Using a JKS KeyStore: props.setProperty("javax.net.ssl.keyStore","C:/Certificados/xpto.jks"); props.setProperty("javax.net.ssl.keyStorePassword", "xxxxx"); props.setProperty("javax.net.ssl.keyStoreType", "JKS"); Using HSM and PKCS #11: props.setProperty("javax.net.ssl.keyStore", "NONE"); props.setProperty("javax.net.ssl.keyStorePassword", "xxxx"); props.setProperty("javax.net.ssl.keyStoreType", "PKCS11"); The server certificate where I'm trying to connect and his certificate chain was imported to the <JAVA_HOME>\jre\lib\security\cacerts. Since I'm receiving the message "Client certificate required", I can conclude that Axis for some reason cannot get the private key from inside HSM. Hence, I'd like to know what exactly Axis is trying to do to read this private key. Is Axis trying to export the private key? If so, we've got a problem because the key isn't exportable. I already check my PKCS#11 configurations according to "JavaTM Secure Socket Extension (JSSE) Reference Guide" and everything seems to be OK. I spent my last weeks trying to figure out this issue, so, any clue will be very helpful. Fernando Cesar --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]