SSL in standalone axis2 1.4.1

Hi,

How do I enable SSL on the server side on standalone (no using Tomcat) Axis2 1.4.1 ?

When I try to uncomment the https lines in the axis2.xml i get NullPointerExceptions like:
NullPointerException at org.apache.axis2.transport.nhttp.HttpCoreNIOSSLListener

I cannot find a good tutorial about this.

I am not quite sure if you can switched it on in axis2.xml. But something that woked for me is rampart modules.

You will need to include security modules Rampart along with with Axis 2. Look into http://wso2.org/library/3190#Step_3._Engaging_Rampart_and_setting_authentication_information.
You will also uncomment some code in tomcat/other app server's server.xml.

To follow the tutorial which also talk about user name token authentication, which you may leave out just use the SSL part.
You will need to edit the META-INF/services.xml in server to add these policy. Here Your concern should be <sp:TransportBinding > ....</sp:TransportBinding> which defines ssl, you can remove the <sp:SignedSupportingTokens >.. </sp:SignedSupportingTokens > which is used for user name token.

<module ref="rampart"/> <wsp:Policy wsu:Id="UsernameTokenOverHTTPS" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"> <wsp:ExactlyOne> <wsp:All> <sp:TransportBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> <wsp:Policy> <sp:TransportToken> <wsp:Policy> <sp:HttpsToken RequireClientCertificate="false"/> </wsp:Policy> </sp:TransportToken> <sp:AlgorithmSuite> <wsp:Policy> <sp:Basic256/> </wsp:Policy> </sp:AlgorithmSuite> <sp:Layout> <wsp:Policy> <sp:Lax/> </wsp:Policy> </sp:Layout> <sp:IncludeTimestamp/> </wsp:Policy> </sp:TransportBinding> <sp:SignedSupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> <wsp:Policy> <sp:UsernameToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient" /> </wsp:Policy> </sp:SignedSupportingTokens> <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy"> <ramp:passwordCallbackClass>tutorial.rampart.service.PWCBHandler</ramp:passwordCallbackClass> </ramp:RampartConfig> </wsp:All> </wsp:ExactlyOne> </wsp:Policy>

I've tried to do that but my problem is that I cannot enable the ssl in axis2.xml

I've uncommented the necessary code:
<transportReceiver name="https" class="org.apache.axis2.transport.nhttp.HttpCoreNIOSSLListener"> <parameter name="port" locked="false">9042</parameter> <parameter name="non-blocking" locked="false">true</parameter> <parameter name="keystore" locked="false"> <KeyStore> <Location>/home/keytest/keystore.jks</Location> <Type>JKS</Type> <Password>lava42</Password> <KeyPassword>lava42</KeyPassword> </KeyStore> </parameter> <parameter name="truststore" locked="false"> <TrustStore> <Location>/home/keytest/keystore.jks</Location> <Type>JKS</Type> <Password>lava42</Password> </TrustStore> </parameter>--> <!--<parameter name="SSLVerifyClient">require</parameter> supports optional|require or defaults to none --> </transportReceiver>

But when I try to run the server I get

[INFO] ListenerManager:132 - java.lang.NullPointerException at org.apache.axis2.transport.nhttp.HttpCoreNIOSSLListener.getSSLContext(HttpCoreNIOSSLListener.java:96) at org.apache.axis2.transport.nhttp.HttpCoreNIOListener.init(HttpCoreNIOListener.java:151) at org.apache.axis2.engine.ListenerManager.start(ListenerManager.java:125) at org.apache.axis2.engine.ListenerManager.startSystem(ListenerManager.java:140) at org.apache.axis2.engine.AxisServer.start(AxisServer.java:85) at org.apache.axis2.transport.SimpleAxis2Server.main(SimpleAxis2Server.java:100)

I just followed the tutorial as I mentioned earlier. I did not change the axis2.xml for enabling SSL. Also make sure that you enable SSL in tomcat server.xml. You probably need to add rampart jars and modules in your classpath. If you are using rampart also add it to the services.xml in both the places <module ref="rampart"> and key store definitions <ramp:RampartConfig ... />. I used axis 1.5 and rampart 1.5 and it worked.

Wouldn't you rather be using message-level security (using the WS-Security standard as implemented by the Rampart module) than transport-level security (like SSL)?