Error Using JAX-WS-Based Web Services with SSL(mutual)
peter_jaxy Dec 10, 2015 7:01 AM1.) I created the server keystore:
keytool -genkey -alias serverkeys -keyalg RSA -keystore server.keystore -storepass 123456 -keypass 123456 -dname "CN=localhost, OU=MYOU, O=MYORG, L=MYCITY, ST=MYSTATE, C=MY"
2.) I created the server certificate:
keytool -export -alias serverkeys -keystore server.keystore -storepass 123456 -file server.cer
3.) I created the client keystore:
keytool -genkey -alias clientkeys -keyalg RSA -keystore client.keystore -storepass 123456 -keypass 123456 -dname "CN=localhost, OU=MYOU, O=MYORG, L=MYCITY, S=MYSTATE, C=MY"
4.) I created the client certificate:
keytool -export -alias clientkeys -keystore client.keystore -storepass 123456 -file client.cer
5.) I imported the server certificate into client truststore:
keytool -import -v -keystore client.truststore -storepass 123456 -file server.cer
6.) I imported the client certificate into server truststore:
keytool -import -v -keystore server.truststore -storepass 123456 -file client.cer
I copied the server.keystore and server.truststore files in the directory $JBOSS_HOME/standalone/configuration.
I configured the standalone.xml file as follows:
<subsystem xmlns="urn:jboss:domain:web:2.2" default-virtual-server="default-host" native="false"> <connector name="http" protocol="HTTP/1.1" scheme="http" socket-binding="http"/> <connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https"> <ssl name="ssl" password="123456" certificate-key-file="${jboss.server.config.dir}/server.keystore" protocol="TLSv1" verify-client="true" ca-certificate-file="${jboss.server.config.dir}/server.truststore" ca-certificate-password="123456"/> </connector> <virtual-server name="default-host" enable-welcome-root="true"> <alias name="localhost"/> <alias name="example.com"/> </virtual-server> </subsystem>
I created a war-file Jax-ejb-Server.war.
I deployed the Jax-ejb-Server.war upon the server:
address=http://localhost:8443/jboss-jaxws-addressing/AddressingService implementor=org.jboss.quickstarts.ws.jaxws.samples.wsa.ServiceImpl serviceName={http://www.jboss.org/jbossws/ws-extensions/wsaddressing}AddressingService portName={http://www.jboss.org/jbossws/ws-extensions/wsaddressing}AddressingServicePort annotationWsdlLocation=WEB-INF/wsdl/AddressingService.wsdl wsdlLocationOverride=null mtomEnabled=false
I created a client Jax-ejb-client.jar:
public class Client { public static void main(String[] args) { String endPointAddress; endPointAddress = "https://localhost:8443/jboss-jaxws-ejb-endpoint/EJB3Bean01"; QName serviceName; serviceName = new QName("http://jsr181pojo.samples.jaxws.ws.quickstarts.jboss.org/", "EJB3Bean01Service"); try { URL wsdlURL = new URL(endPointAddress + "?wsdl"); Service service = Service.create(wsdlURL, serviceName); EJB3RemoteInterface proxy = (EJB3RemoteInterface) service.getPort(EJB3RemoteInterface.class); System.out.println(proxy.echo("ejbClient calling")); } catch (Exception e) { System.out.println(e); } } }
I copied client.keystore and client.truststore in the client app.
I execute the client app with the following java options:
-Djavax.net.ssl.keyStoreType=jks
-Djavax.net.ssl.trustStoreType=jks
-Djavax.net.ssl.keyStore=client.keystore
-Djavax.net.ssl.trustStore=client.truststore
-Djavax.net.ssl.keyStorePassword=123456
-Djavax.net.ssl.trustStorePassword=123456
But I get the following error message:
Javax.xml.ws.WebServiceException: No access on WSDL: https://localhost:8443/jboss-jaxws-ejb-endpoint/EJB3Bean03?wsdl. Access was not successfully with:
https://localhost:8443/jboss-jaxws-ejb-endpoint/EJB3Bean03?wsdl
Whad did I wrong?