I m creating a CXF client that tries to access a webservice over SSL. I have the certificate and I was able to generate the stubs by providing vm args for Trust store and keystore like -Djavax.net.ssl.keyStore=<keystore location> etc. For the actual invocation of the service i tried the method specified in CXF site which uses a 'cxf.xml' file to define a http-conduit element but it didnt work(or i did it wrong). One way i know this will work is by setting the "System.setProperty". But is this recommended? Because i have a very bad feeling about changing system properties.