asankha, Thank you for this. I gave it a try but I am running into some problems that are probably just configuration related. When I try to flow a request through synapse to the https endpoint I get the following message and exception in the log.
[HttpConnection-82-1] DEBUG Axis2FlexibleMEPClient - sending [add = false] [sec= false] [ rm = false] [ to Address: https://host.domain.com/service] [HttpConnection-82-1] ERROR Axis2Sender - Unexpected error during Sending messag e onwards java.lang.NullPointerException at org.apache.axis2.description.ClientUtils.inferInTransport(ClientUtils.java:8 5) at org.apache.synapse.core.axis2.DynamicAxisOperation$DynamicOperationClient.ex ecute(DynamicAxisOperation.java:228) at org.apache.synapse.core.axis2.Axis2FlexibleMEPClient.send(Axis2FlexibleMEPCl ient.java:151) at org.apache.synapse.core.axis2.Axis2Sender.sendOn(Axis2Sender.java:55) at org.apache.synapse.core.axis2.Axis2SynapseEnvironment.send(Axis2SynapseEnvir onment.java:84) at org.apache.synapse.mediators.builtin.SendMediator.mediate(SendMediator.java: 143) at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediat or.java:49) at org.apache.synapse.mediators.base.SequenceMediator.mediate(SequenceMediator. java:67) at org.apache.synapse.core.axis2.ProxyServiceMessageReceiver.receive(ProxyServi ceMessageReceiver.java:143) at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:497) at org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HT TPTransportUtils.java:326) at org.apache.axis2.transport.http.HTTPWorker.service(HTTPWorker.java:230) at org.apache.axis2.transport.http.server.DefaultHttpServiceProcessor.doService (DefaultHttpServiceProcessor.java:190) at org.apache.http.protocol.HttpService.handleRequest(HttpService.java:123) at org.apache.axis2.transport.http.server.DefaultHttpServiceProcessor.run(Defau ltHttpServiceProcessor.java:262) at edu.emory.mathcs.backport.java.util.concurrent.ThreadPoolExecutor$Worker.run Task(ThreadPoolExecutor.java:665) at edu.emory.mathcs.backport.java.util.concurrent.ThreadPoolExecutor$Worker.run (ThreadPoolExecutor.java:690) at java.lang.Thread.run(Thread.java:595) My axis2.xml in relation to transportSender is as follows: <transportSender name="http" class="org.apache.axis2.transport.nhttp.HttpCoreNIOSender"> <parameter name="non-blocking" locked="false">true</parameter> </transportSender> <transportSender name="https" class="org.apache.axis2.transport.nhttp.HttpCoreNIOSSLSender"> <parameter name="non-blocking" locked="false">true</parameter> <parameter name="keystore" locked="false"> <KeyStore> <Location>keystore.pkcs12</Location> <Type>PKCS12</Type> <Password>password</Password> <KeyPassword>password</KeyPassword> </KeyStore> </parameter> <parameter name="truststore" locked="false"> <TrustStore> <Location>truststore.jks</Location> <Type>JKS</Type> <Password>password</Password> </TrustStore> </parameter> </transportSender> I added the http sender in order to verify that my base configuration was still operable when delegating back to http end points. I encounter the same problem. Let me know if you have any suggestions. Thanks, Griffin -----Original Message----- From: Asankha C. Perera [mailto:[EMAIL PROTECTED] Sent: Tuesday, March 06, 2007 12:02 PM To: [email protected] Subject: Re: Outbound HTTPS with Client Certificate Hi Griffin If you are using the latest nhttp transport with 0.91 of Synapse, you will need to configure your axis2.xml to specify the https properties as shown here -> http://svn.apache.org/viewvc/webservices/synapse/trunk/java/repository/conf/ axis2.xml?view=markup i.e. for outgoing https: <transportSender name="https" class="org.apache.axis2.transport.nhttp.HttpCoreNIOSSLSender"> <parameter name="non-blocking" locked="false">true</parameter> <parameter name="keystore" locked="false"> <KeyStore> <Location>keystore.jks</Location> <Type>JKS</Type> <Password>password</Password> <KeyPassword>password</KeyPassword> </KeyStore> </parameter> <parameter name="truststore" locked="false"> <TrustStore> <Location>keystore.jks</Location> <Type>JKS</Type> <Password>password</Password> </TrustStore> </parameter> </transportSender> The keystore is expected to contain a single certificate for your identity and the trust store - the usual. Once this is setup, you should be able to talk https endpoints. Make sure to import the CA certs or the certs of the endpoints into your trust store. Now, once a Synapse configuration attempts to send a message to a https://.... endpoint, the https transport configuration above would be used. asankha Michael Griffin wrote: asankha, Thank you. I'll give it a try. Are there any specific samples / code that I should reference when I set this up. Let me know. Thanks, Griffin -----Original Message----- From: Asankha C. Perera [mailto:[EMAIL PROTECTED] Sent: Monday, March 05, 2007 1:37 PM To: [email protected] Subject: Re: Outbound HTTPS with Client Certificate Hi Griffin Yes, this should be ready with the NIO transport enhancements we did for HTTPS already. We do set the trust and identity stores for the TransportSender with these enhancements. However we do not yet do host-name verification, and this area needs some more testing. If you would like to try this out with the new transport enhancements and 0.91 code, I would suggest that you take a svn checkout of the trunk, and perform a build using "mvn clean install" and drop the nhttp.jar that gets built into your existing 0.91 installations' lib directory. Right now we are doing some changes and cleanup on the trunk, so I do not want you to try the latest trunk until we have stabilized and completed the changes Let me know if you need any more help on this asankha Michael Griffin wrote: Does Synapse support using HTTPS with Client Certificates as an outbound transport? I would like to use Synapse to act as a gateway between my internal applications and an third-party hosted web service requiring HTTPS and client certificates. Any help or direction would be great. Thanks, Griffin --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
