Interesting stuff. Just to be clear on what this actually does: It allows the server to use any certificate, and that will be trusted by the client, without being in the local keystore or the signing authority being trusted by the client?
It seems like this technique should work everywhere where HTTPS is used, not just for WS.
Joined: Jan 10, 2005
You are correct. This should work in any case where the commons-httpclient components are used.
I followed what you mentioned and something changed indeed: instead of getting the error about missing PKIX path and certification problems I now get the following error: "No X509TrustManager implementation available".
Does anyone have an idea what that could be?
Just a note: I don't use it in the Axis environment, I just try to retrieve some data from a self signed HTTPS site with apaches HttpClient (from within the commons package).
I post this answer regarding the "No X509TrustManager implementation" when using commons httpclient.
The problem arise because EasyX509TrustManager is extending com.sun.net.ssl.X509TrustManager which has been deprecated.
If you hit this problem when using httpclient then you need to change the source code of EasyX509TrustManager so that it extends javax.net.ssl.X509TrustManager. Implement the aditional two abstract methods by leaving the method body empty and that's it. Should work now. Good luck !