Two Laptop Bag
The moose likes Web Services and the fly likes Certification problems Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Web Services
Bookmark "Certification problems" Watch "Certification problems" New topic

Certification problems

John Farrel
Ranch Hand

Joined: May 24, 2010
Posts: 88


I'm working on a Tomcat installation that accesses various web services. I added an interface into a new web service using axis.

the code I used to add certification for that web service was like so:


which works, but it stops all the other web services from authenticating.

However, all the other web services dont use the trustStore.

they generally do something like this:

KeyStore ks = KeyStore.getInstance("PKCS12", "SunJSSE");
ks.load(new FileInputStream(cert_name), cert_password.toCharArray());
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");

kmf.init(ks, cert_password.toCharArray());
SSLContext sslc = SSLContext.getInstance("SSLv3");
sslc.init(kmf.getKeyManagers(), null, null);
SSLSocketFactory ssf = sslc.getSocketFactory();

which use the keystore. I was under the impression that the trustStore and the keyStore were seperate, and wouldn't interfere with each other.

How can I resolve this?


Alok Chaudhary

Joined: Oct 30, 2010
Posts: 1
John if my understanding is correct.

You are creating a web service and deployed the same in axis in tomcat. Right?
You can use the tomcat/conf/server.xml file to refer the keystore file.
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" keyAlias="myKey" keystoreFile="keystore.ks" keypass="tomcat"/>

And at client side, you can use set the following:
System.setProperty("", url.getPath());
System.setProperty("", "changeit");

Use your service with HTTPs and rest of the services on HTTP.

John Farrel
Ranch Hand

Joined: May 24, 2010
Posts: 88


No, I am not creating a web service. I have an application that is a client for many external web services.

For one client web service call, creating a keystore from one certificate and setting the keystore property stops all the other client web service calls from succeeding.

How can I use one service with HTTPs and the others with HTTP? The others are SSL as well.

I agree. Here's the link:
subject: Certification problems
It's not a secret anymore!