>-----Original Message----- >From: Ciancetta, Jesse E. [mailto:[email protected]] >Sent: Friday, February 24, 2012 8:07 AM >To: [email protected] >Subject: RE: Enabling SSL for Shindig > >Shindig uses Apache HttpClient 4.1 under the covers for making outgoing >requests. > >For Shindig to make a request to an HTTPS endpoint the issuing authority of >the SSL certificate on the target server needs to be in the trust store of the >JVM running your Shindig server. > >If you need to do two way client certificate authentication you may end >needing to replace the default Shindig HttpFetcher with a custom >implementation.
Client certificates *should* work so long as the cert is in the trust store and you set the proper properties [1]. We have an Apache Rave user who was able to do this with Shindig 3.0 Beta 2 without any code changes. [1] : http://stackoverflow.com/questions/875467/java-client-certificates-over-https-ssl > >I would recommend experimenting with HttpClient directly from a simple >command line application to figure out exactly how to make it work with your >requirements. Once you figure that out you can look at how to apply that to >Shindig. > >You can have a look at Shindig's default HttpFetcher implementation here to >see how Shindig is using HTTPClient: > >https://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/ >org/apache/shindig/gadgets/http/BasicHttpFetcher.java > >>-----Original Message----- >>From: Siva Charan [mailto:[email protected]] >>Sent: Friday, February 24, 2012 6:37 AM >>To: [email protected] >>Subject: Enabling SSL for Shindig >> >>Hi >> >>How to enable SSL for shindig? >> >>I have been making https calls from Shindig but unfortunately this fails with. >Is >>there a way or any configuration change i can add to shindig container to >>enable SSL and allow it to make https requests. >> >>In my case i need a two way SSL >> >>Thanks >>shiv >> >>________________________________ >>::DISCLAIMER:: >>--------------------------------------------------------------------------------------------- >-- >>------------------------ >> >>The contents of this e-mail and any attachment(s) are confidential and >>intended for the named recipient(s) only. >>It shall not attach any liability on the originator or HCL or its affiliates. >>Any >>views or opinions presented in >>this email are solely those of the author and may not necessarily reflect the >>opinions of HCL or its affiliates. >>Any form of reproduction, dissemination, copying, disclosure, modification, >>distribution and / or publication of >>this message without the prior written consent of the author of this e-mail is >>strictly prohibited. If you have >>received this email in error please delete it and notify the sender >>immediately. Before opening any mail and >>attachments please check them for viruses and defect. >> >>--------------------------------------------------------------------------------------------- >-- >>------------------------
