Win a copy of JDBC Workbook this week in the JDBC and Relational Databases forum
or A Day in Code in the A Day in Code forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Paul Clapham
  • Jeanne Boyarsky
  • Junilu Lacar
  • Henry Wong
Sheriffs:
  • Ron McLeod
  • Devaka Cooray
  • Tim Cooke
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Frits Walraven
  • Tim Holloway
  • Carey Brown
Bartenders:
  • Piet Souris
  • salvin francis
  • fred rosenberger

<sc:Trustore> is missing on server side's WSIT configuration file

 
Ranch Foreman
Posts: 1897
12
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
According to WSIT tutorial chapter 6 mutual certificate security, it demonstrates how to create a server side WSIT configuration file for mutual authentication.
It says make sure sc:KeyStore> is in the file. But why it does not have <sc:TrustStore> to authenticate the client?
This is an example I generated:
 
Creator of Enthuware JWS+ V6
Posts: 3341
303
Android Eclipse IDE Chrome
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I am not sure what you are asking because in chapter 6 they explain how to secure the client and server, and this is the description of Mutual Certificates Security:

Mutual Certificates Security

The Mutual Certificates Security mechanism adds security via authentication and message protection that ensures integrity and confidentiality. When using mutual certificates, a keystore and truststore file must be configured for both the client and server sides of the application.

 
Himai Minh
Ranch Foreman
Posts: 1897
12
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks for your reply.
When mutual authentication is used, the server should have a trust store to authenticate the client's certificate.
But in the previous example, after line 55, there is no <sc:trustStore>..... node on the server side's WSIT config file.

However in the client side's WSIT config file, there is a keyStore and trustStore like this as shown in chapter 6:

Simplified server side WSIT config file :
 
Fire me boy! Cool, soothing, shameless self promotion:
Devious Experiments for a Truly Passive Greenhouse!
https://www.kickstarter.com/projects/paulwheaton/greenhouse-1
    Bookmark Topic Watch Topic
  • New Topic