1 Reply Latest reply on Dec 11, 2015 5:38 AM by Mustafa Musaji

    Error Using JAX-WS-Based Web Services with SSL(mutual)

    Peter Jaxy Newbie

      1.) I created the server keystore:

      keytool -genkey -alias serverkeys -keyalg RSA -keystore server.keystore -storepass 123456 -keypass 123456 -dname "CN=localhost, OU=MYOU, O=MYORG, L=MYCITY, ST=MYSTATE, C=MY"
      
      


      2.) I created the server certificate:

      keytool -export -alias serverkeys -keystore server.keystore -storepass 123456 -file server.cer
      
      


      3.) I created the client keystore:

      keytool -genkey -alias clientkeys  -keyalg RSA -keystore client.keystore -storepass 123456 -keypass 123456 -dname "CN=localhost, OU=MYOU, O=MYORG, L=MYCITY, S=MYSTATE, C=MY"
      
      


      4.) I created the client certificate:

      keytool -export -alias clientkeys -keystore client.keystore -storepass 123456 -file client.cer
      
      


      5.) I imported the server certificate into client truststore:

      keytool -import -v -keystore client.truststore  -storepass 123456 -file server.cer
      
      


      6.) I imported the client certificate into server truststore:

      keytool -import -v -keystore server.truststore  -storepass 123456 -file client.cer
      
      

       

      I copied the server.keystore and server.truststore files in the directory $JBOSS_HOME/standalone/configuration.

       

      I configured the standalone.xml file as follows:

       

      <subsystem xmlns="urn:jboss:domain:web:2.2" default-virtual-server="default-host" native="false">
                  <connector name="http" protocol="HTTP/1.1" scheme="http" socket-binding="http"/>
                  <connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https">
                      <ssl name="ssl" 
                           password="123456" 
                           certificate-key-file="${jboss.server.config.dir}/server.keystore" 
                           protocol="TLSv1" 
                           verify-client="true" 
                           ca-certificate-file="${jboss.server.config.dir}/server.truststore" 
                           ca-certificate-password="123456"/>
                 </connector>
                 <virtual-server name="default-host" enable-welcome-root="true">
                     <alias name="localhost"/>
                     <alias name="example.com"/>
                 </virtual-server>
      </subsystem>
      

       

      I created a war-file Jax-ejb-Server.war.

       

      I deployed the Jax-ejb-Server.war upon the server:

       address=http://localhost:8443/jboss-jaxws-addressing/AddressingService
       implementor=org.jboss.quickstarts.ws.jaxws.samples.wsa.ServiceImpl
       serviceName={http://www.jboss.org/jbossws/ws-extensions/wsaddressing}AddressingService
       portName={http://www.jboss.org/jbossws/ws-extensions/wsaddressing}AddressingServicePort
       annotationWsdlLocation=WEB-INF/wsdl/AddressingService.wsdl
       wsdlLocationOverride=null
       mtomEnabled=false
      

       

      I created a client Jax-ejb-client.jar:

      public class Client {
          
          public static void main(String[] args)
          {
              String endPointAddress;
              endPointAddress = "https://localhost:8443/jboss-jaxws-ejb-endpoint/EJB3Bean01";
              QName serviceName;
              serviceName = new QName("http://jsr181pojo.samples.jaxws.ws.quickstarts.jboss.org/", "EJB3Bean01Service");
      
      
              try {
                  URL wsdlURL = new URL(endPointAddress + "?wsdl");
                  Service service = Service.create(wsdlURL, serviceName);
                  EJB3RemoteInterface proxy = (EJB3RemoteInterface) service.getPort(EJB3RemoteInterface.class);
                  System.out.println(proxy.echo("ejbClient calling"));
              } catch (Exception e) {
                  System.out.println(e);
              }
          }
      }
      

       

      I copied client.keystore and client.truststore in the client app.

       

      I execute the client app with the following java options:

      -Djavax.net.ssl.keyStoreType=jks

      -Djavax.net.ssl.trustStoreType=jks

      -Djavax.net.ssl.keyStore=client.keystore

      -Djavax.net.ssl.trustStore=client.truststore

      -Djavax.net.ssl.keyStorePassword=123456

      -Djavax.net.ssl.trustStorePassword=123456

       

      But I get the following error message:

      Javax.xml.ws.WebServiceException: No access on WSDL: https://localhost:8443/jboss-jaxws-ejb-endpoint/EJB3Bean03?wsdl. Access was not successfully with:

      https://localhost:8443/jboss-jaxws-ejb-endpoint/EJB3Bean03?wsdl

       

      Whad did I wrong?