wood burning stoves 2.0*
The moose likes Web Services and the fly likes SOAP over SSL using Apache Axis Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Web Services
Bookmark "SOAP over SSL using Apache Axis " Watch "SOAP over SSL using Apache Axis " New topic
Author

SOAP over SSL using Apache Axis

sriraman seshadri
Greenhorn

Joined: May 25, 2010
Posts: 7
Hi,

We are using Apache axis to connect to external party.
We use call.invoke(soapEnvelope) to send soap messages to them.

Now we need to communicate to the thrid party using SSL.
The server will authenticate the client (whether the request is coming from the trusted client)
We (The client) need not authenticate the server. The client will accept the responses from all the servers

We have the server certificate which we have imported into JKS file

We have set the following properties before calling call.invoke()
AxisProperties.setProperty("org.apache.axis.components.net.SecureSocketFactory", "TestSOAPService");
AxisProperties.setProperty("keystore", "/tmp/java/keystore.jks");
AxisProperties.setProperty("keystorePassword", "h4CXm?R*n/9zg");
AxisProperties.setProperty("keystoreType", "JKS");

The belwo method is present in the TestSOAPService to get SSl context
protected SSLContext getContext() throws IOException {
try {
if (attributes == null || (attributes.get("keystore") == null && attributes.get("truststore") == null)) {
SSLContext context = SSLContext.getInstance(DEFAULT_PROTOCOL);
context.init(null, null, null);
return context;
}

String protocol = getProtocol();

KeyManager[] keyManagers = getKeyManagers();

SSLContext sslContext = SSLContext.getInstance(protocol);
//trust manager is set to null because we trust the server
sslContext.init(keyManagers, null, null);

return sslContext;
} catch (NoSuchAlgorithmException e) {
throw new IOException("Exception trying to load sslContext "
+ e.getMessage());
} catch (KeyManagementException e) {
throw new IOException("Exception trying to load sslContext "
+ e.getMessage());
}
}

When we tried to invoke the service we are getting SSL HandShake exception: Unknown certificate.
Is there any additional properties need to be set ?
Is there any other way to send soap message?


Hany Shafik
Ranch Hand

Joined: Jun 21, 2008
Posts: 80
We (The client) need not authenticate the server. The client will accept the responses from all the servers


The SSL protocol allows only two kinds of authentication. The first mode is when the server authenticates himself to the client. the second one is mutual authentication in which both the server and the client authenticate themselves. That is why you always must trust the server certificate by importing it in the key store regardless of the authentication mode you are using.

 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: SOAP over SSL using Apache Axis
 
Similar Threads
This SSL code runs... but does it provide security?
java.net.UnknownHostException in SSL
Problem with Intial Context with t3s protocal
Invalidate trusting certificate control
regarding cacerts from JAVA_HOME\jre\lib\security