hi try this
try to instantiate SSLSocketfactory with jsse like this:
java.security.Security.insertProviderAt(new com.sun.net.ssl.internal.ssl.Provider(), 1) ;
System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol") ;
// KeyStore pkcs12 client
char[] password = pwd.toCharArray () ;
KeyStore ks = KeyStore.getInstance ("PKCS12") ;
ks.load (p12InputStream, password) ;
KeyManagerFactory kmf = KeyManagerFactory.getInstance ("SUNX509");
kmf.init (ks, password);
KeyManager [] km = kmf.getKeyManagers () ;
SSLContext context = SSLContext.getInstance ("SSL") ;
CertificateFactory cf = CertificateFactory.getInstance("X.509") ;
X509Certificate serverCert = (X509Certificate)cf.generateCertificate(serverCertInputStream) ;
CWECATrustManager tm[] = new CweCATrustManager[1] ;
tm[0] = new CweCATrustManager(serverCert) ;
context.init (km, tm, null) ;
HttpsURLConnection.setDefaultSSLSocketFactory (_sf);
public class CweCATrustManager implements X509TrustManager
{
X509Certificate[] acceptedIssuers = null ;
public CweCATrustManager ()
{
}
public CweCATrustManager (X509Certificate trustedCertificate)
{
acceptedIssuers = new X509Certificate[1] ;
acceptedIssuers[0] = trustedCertificate ;
System.out.println("trusted certificate=" + trustedCertificate.getSubjectDN().toString()) ;
}
public boolean isServerTrusted (X509Certificate[] chain)
{
/*
System.out.println("isServerTrusted:" + chain.length) ;
for(int i=0 ; i<chain.length ; i++)
{
System.out.println("->" + chain[i].getSubjectDN().toString()) ;
}*/
for(int i=0 ; i<chain.length ; i++)
{
if (isTrusted(chain[i]))
return true ;
}
return false ;
}
public boolean isClientTrusted (X509Certificate[] chain)
{
return true;
}
public X509Certificate[] getAcceptedIssuers ()
{
return acceptedIssuers ;
}
private boolean isTrusted (X509Certificate cert)
{
if(acceptedIssuers==null)
return false ;
for(int i=0 ; i<acceptedIssuers.length ; i++)
{
if(acceptedIssuers[i].equals(cert))
return true ;
}
return false ;
}
}
good luck
-----Message d'origine-----
De : Dora Potluri [mailto:[EMAIL PROTECTED]]
Envoye : mardi 23 octobre 2001 23:01
A : [EMAIL PROTECTED]; [EMAIL PROTECTED]
Objet : Problems using SOAP with SSL
Folks,
We are trying to use SSL (Sun's JSSE) and we get the following error when trying to access this soap service. The code we have works fine from accessing via the intranet. It gets this IllegalArgumentException when run outside our network?
Any ideas on what causes this error?
Thanks
dora
[SOAPException: faultCode=SOAP-ENV:Client; msg=Error
opening socket: org.apache.soap.util.net.SSLUtils;
targetException=java.lang.IllegalArgumentException:
Error opening socket:org.apache.soap.util.net.SSLUtils]
at org.apache.soap.transport.http.SOAPHTTPConnection.send(SOAPHTTPConnection.java:324)
at org.apache.soap.transport.FilterTransport.send(FilterTransport.java:129)
at org.apache.soap.rpc.Call.invoke(Call.java:205)
--
Dora Potluri
Technical Architecture
Sprint
Phone: 972-405-8005 (Work)
Email: [EMAIL PROTECTED]
