1 Reply Latest reply on Jan 19, 2007 3:14 PM by hitman_in_wis

Help using Client Certificates with Web Services

joekiller Jan 19, 2007 12:51 PM

We are using jboss-4.0.1sp1 along with AXIS web services. I have been successful in getting the jboss server to use its server certificate where if you connect via a web browser it prompts you with the certificate.

The problem we are running into, I believe, is getting the web service to authenticate to the remote server using a client certificate. That is, if we connect to the remote server using our browser, we are prompted to select a Client Certificate to use, however we are unsure how to make our AXIS service actually send the certificate to the remote server.

Any suggestions, questions, or comments are appreciated.

1. Re: Help using Client Certificates with Web Services

hitman_in_wis Jan 19, 2007 3:14 PM (in response to joekiller)
Use this guide. I have extremely limited knowledge of Webservices and SSL, and I was able to get my java client talking to my WS thru SSL using it:

http://java.sys-con.com/read/216388.htm

The only confusing part of the guide is at the end where he instructs you to create your own SSLSocketFactory for Axis to use. He references Listing 5, but the code referenced is not a complete class. What I did was encapsulated the code in a new class:

public class MySocketFactory extends JSSESocketFactory { ... code from Listing 5 ... }

You will get one compile error on the line that says:
factory = context.getSocketFactory();

Simply change 'factory' to sslFactory, which is inherited from JSSESocketFactory.

Then, in order to have Axis use your new SSLSocketFactory, you simply need to set the system property: "axis.socketSecureFactory" to "com.****.MySocketFactory"

Hope that helps!
Actions