-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frank,
On 6/22/2009 4:37 PM, frank.bowar wrote: > I used WSDL2Java to create stubs for the Web Service I am connecting to. > Here is my code that wraps around the generated stubs: [snip] I didn't see any SSL or cert stuff in there. > The only method in the stubs that I modified was sendData() to include the > username/password in the soap header. Here is that code: [snip] Nor here. >> Your code may have to become a lot more complicated in order >> to make a connecting using a client certificate while running >> within Tomcat. > > I hope not ... it seems like I'm so close. Where do you choose the client certificate that the server expects to receive? >> Or, you may have to override the keystore on >> Tomcat's command-line so that these system properties are set >> /before/ Tomcat tried to load anything itself. > > I added the following to the Tomcat startup command: > > -Djavax.net.ssl.trustStore="C:/certs/datahub.keystore" > -Djavax.net.ssl.trustStorePassword="wintwins" > -Djavax.net.ssl.keyStore="C:/certs/SDXWebservice.pfx" > -Djavax.net.ssl.keyStorePassword="137246?82" > -Djavax.net.ssl.keyStoreType="PKCS12" > > with no difference in the way things are running. I think my truststore > file is being used because if I don't define the truststore, the > communication process traps out much sooner. Apparently, choosing only the keystore is not sufficient. I must admit I don't have really any experience with client certificates and don't understand the whole SSL handshake process that would end up selecting a certificate. When you say that it "doesn't work", what /does/ happen when you try to run this code? - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkpBPeMACgkQ9CaO5/Lv0PAgKwCeJ1BG4CU1658AIFJn38OeuqtF L4kAn2qXGsB+MN2BAcSxNiTqgrRr05dl =lQQ5 -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org