Freeman, I tried that and and that seemed to start the server in SSL but I cannot hit the WSDL anymore through IE or Firefox, I am attaching the appropriate log
Apr 13, 2009 6:42:41 PM org.apache.cxf.endpoint.ServerImpl initDestination INFO: Setting the server's publish address to be https://localhost:8092/Services/MathService INFO - ServiceAssemblyLifeCycle - Starting service assembly: samples-sa INFO - ServiceUnitLifeCycle - Initializing service unit: samples-cxf-se INFO - ServiceUnitLifeCycle - Initializing service unit: samples-cxf-bc Apr 13, 2009 6:42:41 PM sun.reflect.NativeMethodAccessorImpl invoke0 INFO: Logging to org.slf4j.impl.JDK14LoggerAdapter(org.mortbay.log) via org.mortbay.log.Slf4jLog Apr 13, 2009 6:42:41 PM sun.reflect.NativeMethodAccessorImpl invoke0 INFO: jetty-6.1.6 Apr 13, 2009 6:42:42 PM org.apache.cxf.transport.https.SSLUtils getCiphersuites INFO: The cipher suites have not been configured, falling back to cipher suite filters. Apr 13, 2009 6:42:42 PM org.apache.cxf.transport.https.SSLUtils getCiphersFromList INFO: The cipher suites have been set to SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA , TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_DH_anon_WITH_R C4_128_MD5, TLS_DH_anon_WITH_AES_128_CBC_SHA, SSL_DH_anon_WITH_3DES_EDE_CBC_SHA, SSL_DH_anon_WITH_DES_CBC_SHA, SSL_DH_anon_EXPORT_WITH_RC4_40_MD5, SSL_DH_a non_EXPORT_WITH_DES40_CBC_SHA, TLS_KRB5_WITH_RC4_128_SHA, TLS_KRB5_WITH_RC4_128_MD5, TLS_KRB5_WITH_3DES_EDE_CBC_SHA, TLS_KRB5_WITH_3DES_EDE_CBC_MD5. Apr 13, 2009 6:42:42 PM sun.reflect.NativeMethodAccessorImpl invoke0 INFO: Started [email protected]:8092 INFO - ServiceUnitLifeCycle - Starting service unit: samples-cxf-se Apr 13, 2009 6:42:42 PM org.apache.cxf.service.factory.ReflectionServiceFactoryBean buildServiceFromClass INFO: Creating Service {http://samples.com/}MathService from class com.samples.MathService Apr 13, 2009 6:42:43 PM org.apache.cxf.configuration.spring.ConfigurerImpl getBeanName INFO: Could not determine bean name for instance of class org.apache.cxf.transport.jbi.JBIDestination. Apr 13, 2009 6:42:43 PM org.apache.cxf.endpoint.ServerImpl initDestination INFO: Setting the server's publish address to be jbi://ID-192-168-216-101-120a212d27b-19-0 INFO - ServiceUnitLifeCycle - Starting service unit: samples-cxf-bc thanks -gopal Freeman Fang wrote: > > Hi, > If you really can't use fuse version now, one work around I can come up > with is > rename your busCfg from cxf.xml to cxf-ssl.xml in your xbean.xml, and > copy cxf-ssl.xml to your $SMX_HOME directory,by this way, the busCfg > could be picked up. > Freeman > GNarra wrote: >> Anybody, >> >> Is there any way to get the SSL and CXF to work consistently? Any >> workarounds? I would be glad to try anything at this point. >> >> thanks >> -gopal >> >> >> GNarra wrote: >> >>> Freeman, >>> >>> Do you have a JIRA for me so that I can manually patch my installation? >>> Our infrastructure is built on top of SMX 3.3 and I just cannot rip it >>> out >>> and replace with SMX 3.4.0.1 (fuse) without considerable effort. >>> >>> I would definitely change when we do our next release. >>> >>> thanks >>> -gopal >>> >>> >>> Freeman Fang wrote: >>> >>>> Hi, >>>> The resource load problem already get resolved, try with FUSE ESB >>>> 3.4.0.1 [1](which is based on Apache Servicemix 3.3 but get released >>>> more frequently) >>>> [1]http://repo.open.iona.com/maven2/org/apache/servicemix/apache-servicemix/3.4.0.1-fuse/ >>>> Freeman >>>> GNarra wrote: >>>> >>>>> Freeman, >>>>> >>>>> Uploading the sample for your reference, I think it might be 1) busCfg >>>>> isn't >>>>> picked up but I cannot figure out why? >>>>> >>>>> I am uploading the sample(samples-3.3.zip) code I have for your >>>>> reference >>>>> >>>>> thanks >>>>> -gopal >>>>> >>>>> >>>>> Freeman Fang wrote: >>>>> >>>>> >>>>>> Seems >>>>>> 1)the busCfg isn't picked up, >>>>>> 2) or the port QName you specified in >>>>>> <http:destination >>>>>> name="{http://samples.com/}MathServicePort.http-destination";> >>>>>> </http:destination> >>>>>> isn't match the one in your wsdl. >>>>>> >>>>>> Freeman >>>>>> >>>>>> GNarra wrote: >>>>>> >>>>>> >>>>>>> Freeman, >>>>>>> >>>>>>> This is the only SA I deploy, I checked hotdeploy and there is only >>>>>>> one >>>>>>> sa >>>>>>> more than what is shipped with SMX 3.3 >>>>>>> >>>>>>> thanks >>>>>>> -gopal >>>>>>> >>>>>>> >>>>>>> Freeman Fang wrote: >>>>>>> >>>>>>> >>>>>>> >>>>>>>> Hmm, do you already bind http protocol to port 8092? You may >>>>>>>> already >>>>>>>> have endpoint registered to use port 8092 with http(but not https), >>>>>>>> for >>>>>>>> example you deploy another SA using 8092 with http(maybe the >>>>>>>> cxf-wsdl-first example with kit?) >>>>>>>> GNarra wrote: >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>>> Freeman, >>>>>>>>> >>>>>>>>> I looked at the test and I am getting this error when I try it... >>>>>>>>> >>>>>>>>> xbean.xml configuration is >>>>>>>>> <cxfbc:consumer wsdl="classpath:MathService.wsdl" >>>>>>>>> busCfg="cxf.xml" >>>>>>>>> locationURI="https://localhost:8092/Services/MathService"; >>>>>>>>> targetService="samples:MathService" >>>>>>>>> targetEndpoint="MathServicePort" >>>>>>>>> /> >>>>>>>>> >>>>>>>>> the busCfg cxf.xml configuration, I use the keystore.jks that >>>>>>>>> ships >>>>>>>>> with >>>>>>>>> the >>>>>>>>> Servicemix. >>>>>>>>> <bean id="cxf" class="org.apache.cxf.bus.CXFBusImpl" /> >>>>>>>>> >>>>>>>>> <http:destination >>>>>>>>> name="{http://samples.com/}MathServicePort.http-destination";> >>>>>>>>> </http:destination> >>>>>>>>> >>>>>>>>> <httpj:engine-factory bus="cxf"> >>>>>>>>> <httpj:engine port="8092"> >>>>>>>>> <httpj:tlsServerParameters> >>>>>>>>> <sec:keyManagers keyPassword="password"> >>>>>>>>> <sec:keyStore type="JKS" >>>>>>>>> password="servicemix" >>>>>>>>> resource="keystore.jks" >>>>>>>>> /> >>>>>>>>> </sec:keyManagers> >>>>>>>>> <sec:trustManagers> >>>>>>>>> <sec:keyStore type="JKS" >>>>>>>>> password="servicemix" >>>>>>>>> resource="keystore.jks" >>>>>>>>> /> >>>>>>>>> </sec:trustManagers> >>>>>>>>> <sec:cipherSuitesFilter> >>>>>>>>> <!-- >>>>>>>>> these filters ensure that a ciphersuite >>>>>>>>> with export-suitable >>>>>>>>> or >>>>>>>>> null encryption is used, but exclude >>>>>>>>> anonymous Diffie-Hellman >>>>>>>>> key >>>>>>>>> change as this is vulnerable to >>>>>>>>> man-in-the-middle attacks >>>>>>>>> --> >>>>>>>>> <sec:include>.*_EXPORT_.*</sec:include> >>>>>>>>> >>>>>>>>> <sec:include>.*_EXPORT1024_.*</sec:include> >>>>>>>>> >>>>>>>>> <sec:include>.*_WITH_DES_.*</sec:include> >>>>>>>>> >>>>>>>>> <sec:include>.*_WITH_NULL_.*</sec:include> >>>>>>>>> <sec:exclude>.*_DH_anon_.*</sec:exclude> >>>>>>>>> </sec:cipherSuitesFilter> >>>>>>>>> <sec:clientAuthentication want="true" >>>>>>>>> required="true" /> >>>>>>>>> </httpj:tlsServerParameters> >>>>>>>>> </httpj:engine> >>>>>>>>> </httpj:engine-factory> >>>>>>>>> >>>>>>>>> I get this error >>>>>>>>> ava.lang.Exception: <?xml version="1.0" encoding="UTF-8"?> >>>>>>>>> <jbi-task >>>>>>>>> xmlns="http://java.sun.com/xml/ns/jbi/management-message"; >>>>>>>>> version="1.0"> >>>>>>>>> <jbi-task-result> >>>>>>>>> <frmwk-task-result> >>>>>>>>> <frmwk-task-result-details> >>>>>>>>> <task-result-details> >>>>>>>>> <task-id>deploy</task-id> >>>>>>>>> <task-result>FAILED</task-result> >>>>>>>>> <message-type>ERROR</message-type> >>>>>>>>> </task-result-details> >>>>>>>>> </frmwk-task-result-details> >>>>>>>>> </frmwk-task-result> >>>>>>>>> <component-task-result >>>>>>>>> xmlns="http://java.sun.com/xml/ns/jbi/management-message";> >>>>>>>>> <component-name>servicemix-cxf-se</component-name> >>>>>>>>> <component-task-result-details> >>>>>>>>> <task-result-details> >>>>>>>>> <task-id>deploy</task-id> >>>>>>>>> <task-result>SUCCESS</task-result> >>>>>>>>> </task-result-details> >>>>>>>>> </component-task-result-details> >>>>>>>>> </component-task-result> >>>>>>>>> <component-task-result >>>>>>>>> xmlns="http://java.sun.com/xml/ns/jbi/management-message";> >>>>>>>>> <component-name>servicemix-cxf-se</component-name> >>>>>>>>> <component-task-result-details> >>>>>>>>> <task-result-details> >>>>>>>>> <task-id>deploy</task-id> >>>>>>>>> <task-result>SUCCESS</task-result> >>>>>>>>> </task-result-details> >>>>>>>>> </component-task-result-details> >>>>>>>>> </component-task-result> >>>>>>>>> <component-task-result> >>>>>>>>> <component-name>servicemix-cxf-bc</component-name> >>>>>>>>> <component-task-result-details> >>>>>>>>> <task-result-details> >>>>>>>>> <task-id>deploy</task-id> >>>>>>>>> <task-result>FAILED</task-result> >>>>>>>>> <message-type>ERROR</message-type> >>>>>>>>> <task-status-msg> >>>>>>>>> <msg-loc-info> >>>>>>>>> <loc-token/> >>>>>>>>> <loc-message>Unable to parse result string</loc-message> >>>>>>>>> </msg-loc-info> >>>>>>>>> </task-status-msg> >>>>>>>>> <exception-info> >>>>>>>>> <nesting-level>1</nesting-level> >>>>>>>>> <loc-token/> >>>>>>>>> <loc-message>java.io.IOException: Protocol mismatch for port 8092: >>>>>>>>> engine's >>>>>>>>> protocol is http, the url protocol is https</loc-message> >>>>>>>>> <stack-trace><![CDATA[javax.jbi.management.DeploymentException: >>>>>>>>> java.io.IOException: Protocol mismatch for port 8092: engine's >>>>>>>>> protocol >>>>>>>>> is >>>>>>>>> http, the url protocol is https >>>>>>>>> >>>>>>>>> at >>>>>>>>> org.apache.servicemix.cxfbc.CxfBcConsumer.validate(CxfBcConsumer.java:441) >>>>>>>>> >>>>>>>>> at >>>>>>>>> org.apache.servicemix.common.AbstractDeployer.validate(AbstractDeployer.java:58) >>>>>>>>> >>>>>>>>> at >>>>>>>>> org.apache.servicemix.common.xbean.BaseXBeanDeployer.validate(BaseXBeanDeployer.java:55) >>>>>>>>> >>>>>>>>> at >>>>>>>>> org.apache.servicemix.common.xbean.AbstractXBeanDeployer.deploy(AbstractXBeanDeployer.java:96) >>>>>>>>> >>>>>>>>> at >>>>>>>>> org.apache.servicemix.common.BaseServiceUnitManager.doDeploy(BaseServiceUnitManager.java:88) >>>>>>>>> >>>>>>>>> at >>>>>>>>> org.apache.servicemix.common.BaseServiceUnitManager.deploy(BaseServiceUnitManager.java:69) >>>>>>>>> >>>>>>>>> at >>>>>>>>> org.apache.servicemix.jbi.framework.DeploymentService.deployServiceAssembly(DeploymentService.java:508) >>>>>>>>> >>>>>>>>> at >>>>>>>>> org.apache.servicemix.jbi.framework.AutoDeploymentService.checkPendingSAs(AutoDeploymentService.java:482) >>>>>>>>> >>>>>>>>> at >>>>>>>>> org.apache.servicemix.jbi.framework.AutoDeploymentService.checkPendingComponents(AutoDeploymentService.java:535) >>>>>>>>> >>>>>>>>> at >>>>>>>>> org.apache.servicemix.jbi.framework.AutoDeploymentService.updateSharedLibrary(AutoDeploymentService.java:317) >>>>>>>>> >>>>>>>>> at >>>>>>>>> org.apache.servicemix.jbi.framework.AutoDeploymentService.updateArchive(AutoDeploymentService.java:254) >>>>>>>>> >>>>>>>>> at >>>>>>>>> org.apache.servicemix.jbi.framework.AutoDeploymentService.monitorDirectory(AutoDeploymentService.java:667) >>>>>>>>> >>>>>>>>> at >>>>>>>>> org.apache.servicemix.jbi.framework.AutoDeploymentService.access$800(AutoDeploymentService.java:62) >>>>>>>>> >>>>>>>>> at >>>>>>>>> org.apache.servicemix.jbi.framework.AutoDeploymentService$1.run(AutoDeploymentService.java:631) >>>>>>>>> >>>>>>>>> at java.util.TimerThread.mainLoop(Timer.java:512) >>>>>>>>> >>>>>>>>> at java.util.TimerThread.run(Timer.java:462) >>>>>>>>> >>>>>>>>> Caused by: java.io.IOException: Protocol mismatch for port 8092: >>>>>>>>> engine's >>>>>>>>> protocol is http, the url protocol is https >>>>>>>>> >>>>>>>>> at >>>>>>>>> org.apache.cxf.transport.http_jetty.JettyHTTPServerEngineFactory.createJettyHTTPServerEngine(JettyHTTPServerEngineFactory.java:205) >>>>>>>>> >>>>>>>>> at >>>>>>>>> org.apache.cxf.transport.http_jetty.JettyHTTPDestination.retrieveEngine(JettyHTTPDestination.java:106) >>>>>>>>> >>>>>>>>> at >>>>>>>>> org.apache.cxf.transport.http_jetty.JettyHTTPDestination.finalizeConfig(JettyHTTPDestination.java:134) >>>>>>>>> >>>>>>>>> at >>>>>>>>> org.apache.cxf.transport.http_jetty.JettyHTTPTransportFactory.createDestination(JettyHTTPTransportFactory.java:123) >>>>>>>>> >>>>>>>>> at >>>>>>>>> org.apache.cxf.transport.http_jetty.JettyHTTPTransportFactory.getDestination(JettyHTTPTransportFactory.java:103) >>>>>>>>> >>>>>>>>> at >>>>>>>>> org.apache.cxf.endpoint.ServerImpl.initDestination(ServerImpl.java:90) >>>>>>>>> >>>>>>>>> at org.apache.cxf.endpoint.ServerImpl.<init>(ServerImpl.java:58) >>>>>>>>> >>>>>>>>> at >>>>>>>>> org.apache.servicemix.cxfbc.CxfBcConsumer.validate(CxfBcConsumer.java:435) >>>>>>>>> >>>>>>>>> ... 15 more >>>>>>>>> >>>>>>>>> ]]></stack-trace> >>>>>>>>> </exception-info> >>>>>>>>> </task-result-details> >>>>>>>>> </component-task-result-details> >>>>>>>>> </component-task-result> >>>>>>>>> </jbi-task-result> >>>>>>>>> </jbi-task> >>>>>>>>> >>>>>>>>> at >>>>>>>>> org.apache.servicemix.jbi.framework.ManagementSupport.failure(ManagementSupport.java:125) >>>>>>>>> at >>>>>>>>> org.apache.servicemix.jbi.framework.ManagementSupport.failure(ManagementSupport.java:111) >>>>>>>>> at >>>>>>>>> org.apache.servicemix.jbi.framework.DeploymentService.deployServiceAssembly(DeploymentService.java:543) >>>>>>>>> at >>>>>>>>> org.apache.servicemix.jbi.framework.AutoDeploymentService.checkPendingSAs(AutoDeploymentService.java:482) >>>>>>>>> at >>>>>>>>> org.apache.servicemix.jbi.framework.AutoDeploymentService.checkPendingComponents(AutoDeploymentService.java:535) >>>>>>>>> at >>>>>>>>> org.apache.servicemix.jbi.framework.AutoDeploymentService.updateSharedLibrary(AutoDeploymentService.java:317) >>>>>>>>> at >>>>>>>>> org.apache.servicemix.jbi.framework.AutoDeploymentService.updateArchive(AutoDeploymentService.java:254) >>>>>>>>> at >>>>>>>>> org.apache.servicemix.jbi.framework.AutoDeploymentService.monitorDirectory(AutoDeploymentService.java:667) >>>>>>>>> at >>>>>>>>> org.apache.servicemix.jbi.framework.AutoDeploymentService.access$800(AutoDeploymentService.java:62) >>>>>>>>> at >>>>>>>>> org.apache.servicemix.jbi.framework.AutoDeploymentService$1.run(AutoDeploymentService.java:631) >>>>>>>>> at java.util.TimerThread.mainLoop(Timer.java:512) >>>>>>>>> at java.util.TimerThread.run(Timer.java:462) >>>>>>>>> >>>>>>>>> thanks >>>>>>>>> -gopal >>>>>>>>> >>>>>>>>> >>>>>>>>> Freeman Fang wrote: >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>>> Hi, >>>>>>>>>> Take a look at [1] and [2], those test demostrate how to >>>>>>>>>> configure >>>>>>>>>> SSL >>>>>>>>>> for servicemix-cxf-bc consumer and provider. >>>>>>>>>> >>>>>>>>>> [1]http://svn.apache.org/repos/asf/servicemix/smx3/branches/servicemix-3.2/deployables/bindingcomponents/servicemix-cxf-bc/src/test/java/org/apache/servicemix/cxfbc/ws/security/CxfBcHttpsConsumerTest.java >>>>>>>>>> [2]http://svn.apache.org/repos/asf/servicemix/smx3/branches/servicemix-3.2/deployables/bindingcomponents/servicemix-cxf-bc/src/test/java/org/apache/servicemix/cxfbc/ws/security/CxfBcProviderHttpsTest.java >>>>>>>>>> Freeman >>>>>>>>>> >>>>>>>>>> GNarra wrote: >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>>> Hi All, >>>>>>>>>>> >>>>>>>>>>> Can you somebody post a example on how to configure CXF SSL in >>>>>>>>>>> Servicemix? I >>>>>>>>>>> see examples only for http and not for https >>>>>>>>>>> >>>>>>>>>>> thanks >>>>>>>>>>> -gopal >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>> -- >>>>>>>>>> Freeman Fang >>>>>>>>>> ------------------------ >>>>>>>>>> Open Source SOA: http://fusesource.com >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>> -- >>>>>>>> Freeman Fang >>>>>>>> ------------------------ >>>>>>>> Open Source SOA: http://fusesource.com >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>> -- >>>>>> Freeman Fang >>>>>> ------------------------ >>>>>> Open Source SOA: http://fusesource.com >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>> http://www.nabble.com/file/p22983203/samples-3.3.zip samples-3.3.zip >>>>> >>>>> >>>> -- >>>> Freeman Fang >>>> ------------------------ >>>> Open Source SOA: http://fusesource.com >>>> >>>> >>>> >>>> >>> >> >> > > > -- > Freeman Fang > ------------------------ > Open Source SOA: http://fusesource.com > > > -- View this message in context: http://www.nabble.com/CXF-and-SSL-tp22982013p23031420.html Sent from the ServiceMix - User mailing list archive at Nabble.com.
