Re: SOAP and SSL HELP

[pop m]

First of all , I would thank you for your answer.   I've tried to configure my soap client  as you have written in  your example as you see below:         ...... ...... ...... ...... ...... ...... ...... ......     // settings for client-authentication via certificates.      // for trustStore  we need client.keystore ??? I think      System.setProperty("javax.net.ssl.trustStore","C:\java_sources\jsse\key\client.keystore");    System.setProperty("javax.net.ssl.trustStorePassword","XXXXXXXX");       // Keystore       // I don't understand what I need to put here. M yserver.keystore ? It is imlemented in my Orion app.         // server,      //System.setProperty("javax.net.ssl.keyStore","/home/atrieger/workspaces/xmlclient4.p12");      //System.setProperty("javax.net.ssl.keyStoreType","PKCS12");      //System.setProperty("javax.net.ssl.keyStorePassword","XXXXXXXX");        System.setProperty("java.protocol.handler.pkgs","com.sun.net.ssl.internal.www.protocol");         java.security.Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());         m_https = "https://" + m_host + ":" + m_port + "/regens_app/servlet/rpcrouter";       URL url = new URL (m_https);     ...... ...... ...... ...... ...... ...... ...... ......     but, I haven't enjoyed, I always get an Exception :   Caught SOAPException (SOAP-ENV:Client): Error opening socket: null     Any ideas !   Regards  Pop Marius L. ----- Original Message ----- From: Andrew Trieger To: [EMAIL PROTECTED] Sent: Friday, April 19, 2002 2:16 PM Subject: Re: SOAP and SSL HELP I did this:       // settings for client-auth via certs.     // Truststore     System.setProperty("javax.net.ssl.trustStore","/home/atrieger/workspaces/trieger_rootca_truststore.jks");     // missing type-setting here because default type is jks     System.setProperty("javax.net.ssl.trustStorePassword","XXXXXXXXX");     // Keystore     System.setProperty("javax.net.ssl.keyStore","/home/atrieger/workspaces/xmlclient4.p12");     System.setProperty("javax.net.ssl.keyStoreType","PKCS12");     System.setProperty("javax.net.ssl.keyStorePassword","XXXXXXXXXX");     // use Sun's reference implementation of a URL handler for the "https" URL protocol type.     // debugtrieger, note this is what the jsse docs say to do either here or command line     // when this is run with -Dblablabla=this.thing.below     //System.setProperty("java.protocol.handler.pkgs","com.sun.net.ssl.internal.www.protocol");     // dynamically register sun's ssl provider     // debugtrieger, also note:  just like above, this can also be done in the     //   security/java.policy or something file according to jsse install docs.     //Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());     try {       soapRouterURL= new URL("https://" + host + ":" + port + "/soap/servlet/rpcrouter") ;       resp = call.invoke(soapRouterURL,"");       if (resp.generatedFault() == false) {         System.out.println("no faults generated.");           // dangerous, check to make sure its a string first.         answer = (String)(resp.getReturnValue().getValue());         //h = (Hashtable)(resp.getReturnValue().getValue());       } else {         // there was a fault.         System.out.println("A fault was generated: "+resp.getFault().toString());       }     } catch (SOAPException e) {       System.out.println("Soap Exception raised in authenticate: ["+e.getMessage()+"]");     } catch (java.net.MalformedURLException e ) {       System.out.println("Malformed URL exception caught in authenticate: "+e.getMessage());     }     System.out.println("answer is: "+answer);     System.out.println("hashtable is: "+h);     //return auth;    } } Which is a soap rpc-style client that not only talks over SSL to the soap server, but also has a local certificate that authenticates itself, the server requires clients to prove their identity with certificates. (its an iplanet 6.0 server). I had a hard time getting this to work, but finally realized that my truststore should have the trusted root CA in it, and I was having problems with my java $HOME/.keystore file with keys made using keytool, so i finally had a browser with a key in it that was the identity i wanted to use, I exported that key into a pkcs12 file and i use that file as my keystore, referenced in the code above. the basic idea here is that because the URL is "https..." instead of http, it will use the providers associated with https set in the System properties above it.  you dont need the truststore/keystore jazz if you're not doing client authentication, and just talking to some ssl server. hope this helps... Drew       pop m wrote: Hi ! I have the client.keystore and server.keystore files. Can anyone send me a part of a soap client code example where SSl is being integrated with the code.My soap client looks like :...................  try {    Call call = new Call();    call.setTargetObjectURI("urn:" + m_service);    call.setMethodName("select_vegreh");    call.setEncodingStyleURI(Constants.NS_URI_SOAP_ENC);    // where should I implement SSL and how can I test it , if it data is encoded indeed !    URL url = new URL (m_http);.............................................. Üdv. Pop Marius L. --  ---