I have written an SAAJ SOAP Client for a service that requires mutual authentication via HTTPS. This client is able to communicate with the service when executing w/in a JUnit test in Eclipse, given the keystore/truststore is configured properly via the javax.net.ssl.* system properties.
When deployed within a WAR to JBoss EAP 6.2, I get a 403 response. CXF Logging shows that the resulting conduit is treated as 'plain http'. I looked around for a bit in JBoss's SOAPConnectionImpl class and it seems that the CXF HTTP Conduit is not being provided any TLSClientConfiguration programatically.
This leaves me to assume that JBoss expects that I include some type of configuration, in addition to the javax.net.ssl system properties, in order to achieve mutual authentication via HTTPS with the SOAP Service.
1. Can someone confirm/deny that additional configuration is required to do what I need?
2. If confirmed, can someone assist me with that configuration (link to documentation, example, etc)?
Many thanks!