[prev in list] [next in list] [prev in thread] [next in thread]
List: axis-c-dev
Subject: Re: [jira] [Updated] (AXIS2C-1550) HTTPS using axis2c.xml or embedded axis2 lib does not work with S
From: "Steve Leland" <steve () pouchapond ! com>
Date: 2011-06-29 20:01:48
Message-ID: 3ECAFC88C4C741989303547314712E75 () gracie
[Download RAW message or body]
This works in our axis2c.xml:
<transportSender name="https" class="axis2_http_sender">
<parameter name="PROTOCOL" locked="false">HTTP/1.1</parameter>
<parameter name="xml-declaration" insert="false"/>
</transportSender>
<parameter name="SERVER_CERT">/path/ca-file.pem</parameter>
<parameter name="KEY_FILE">/path/client.pem</parameter>
If you deploy to windows, be sure to use a fully qualified paths.
Cheers!
Steve
----- Original Message -----
From: "Kevin H (JIRA)" <jira@apache.org>
To: <c-dev@axis.apache.org>
Sent: Tuesday, June 28, 2011 5:31 PM
Subject: [jira] [Updated] (AXIS2C-1550) HTTPS using axis2c.xml or embedded
axis2 lib does not work with SSL authentication?
>
> [
> https://issues.apache.org/jira/browse/AXIS2C-1550?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel \
> ]
> Kevin H updated AXIS2C-1550:
> ----------------------------
>
> Description:
> Hi all,
>
> I have followed this instruction here to set up an https request (client)
> to a server but encountered error. I am not sure why. Basically i found
> that the changes to axis2.xml is needed while the changes to the C codes
> doesnt make any effect. However, the changes to axis2.xml still does not
> get me thru the SSL authentication.
>
> The instruction is here:
>
> http://people.apache.org/~dumindu/docs/HowToConfigureSSL.html
>
> I basically have the CA cert, the key, and the client cert in 3 different
> files. The instruction said i needed to "cat" the client cert and the key
> to 1 same file, which i did.
>
> On another attempt, I did manage to write my own client codes (using
> libcurl) with these credentials which connects OK to the server. But
> somehow the axis2c client service does not work.
>
> In details, the changes i made are these:
>
> In axis2c.xml:
>
> Enable https both in receiver and sender:
>
> <transportReceiver name="https" class="axis2_http_receiver">
> <parameter name="port" locked="false">6060</parameter>
> <parameter name="exposeHeaders" locked="true">false</parameter>
> </transportReceiver>
>
> <transportSender name="https" class="axis2_http_sender">
> <parameter name="PROTOCOL" locked="false">HTTP/1.1</parameter>
> <parameter name="xml-declaration" insert="false"/>
> <parameter name="SERVER_CERT">/path/ca-file.pem</parameter>
> <parameter name="KEY_FILE">/path/client.pem</parameter>
> </transportSender>
>
> My understanding is this is all i need to make the transport layer carry
> the credentials, which are needed for the server to handshake/authenticate
> this client code.
>
> But the error i get from the logs is like this:
>
> [Fri Jun 24 17:56:56 2011] [error] libcurl/axis2_libcurl.c(538) NSS:
> client certificate not found (nickname not specified)
> [Fri Jun 24 17:56:56 2011] [error] libcurl/axis2_libcurl.c(540) Error
> occurred in transport
> [Fri Jun 24 17:56:56 2011] [error] engine.c(179) Transport sender invoke
> failed
>
> I wonder what i did wrong? Any help is greatly appreciated.
>
> was:
> Hi all,
>
> I have followed this instruction here to set up an https request (client)
> to a server but encountered error. I am not sure why. Basically i found
> that the changes to axis2.xml is needed while the changes to the C codes
> doesnt make any effect. However, the changes to axis2.xml still does not
> get me thru the SSL authentication.
>
> The instruction is here:
>
> http://damithakumarage.wordpress.com/
>
> I basically have the CA cert, the key, and the client cert in 3 different
> files. The instruction said i needed to "cat" the client cert and the key
> to 1 same file, which i did.
>
> On another attempt, I did manage to write my own client codes (using
> libcurl) with these credentials which connects OK to the server. But
> somehow the axis2c client service does not work.
>
> In details, the changes i made are these:
>
> In axis2c.xml:
>
> Enable https both in receiver and sender:
>
> <transportReceiver name="https" class="axis2_http_receiver">
> <parameter name="port" locked="false">6060</parameter>
> <parameter name="exposeHeaders" locked="true">false</parameter>
> </transportReceiver>
>
> <transportSender name="https" class="axis2_http_sender">
> <parameter name="PROTOCOL" locked="false">HTTP/1.1</parameter>
> <parameter name="xml-declaration" insert="false"/>
> <parameter name="SERVER_CERT">/path/ca-file.pem</parameter>
> <parameter name="KEY_FILE">/path/client.pem</parameter>
> </transportSender>
>
> My understanding is this is all i need to make the transport layer carry
> the credentials, which are needed for the server to handshake/authenticate
> this client code.
>
> But the error i get from the logs is like this:
>
> [Fri Jun 24 17:56:56 2011] [error] libcurl/axis2_libcurl.c(538) NSS:
> client certificate not found (nickname not specified)
> [Fri Jun 24 17:56:56 2011] [error] libcurl/axis2_libcurl.c(540) Error
> occurred in transport
> [Fri Jun 24 17:56:56 2011] [error] engine.c(179) Transport sender invoke
> failed
>
> I wonder what i did wrong? Any help is greatly appreciated.
>
>
> > HTTPS using axis2c.xml or embedded axis2 lib does not work with SSL
> > authentication?
> > -----------------------------------------------------------------------------------
> >
> > Key: AXIS2C-1550
> > URL: https://issues.apache.org/jira/browse/AXIS2C-1550
> > Project: Axis2-C
> > Issue Type: Bug
> > Reporter: Kevin H
> >
> > Hi all,
> > I have followed this instruction here to set up an https request (client)
> > to a server but encountered error. I am not sure why. Basically i found
> > that the changes to axis2.xml is needed while the changes to the C codes
> > doesnt make any effect. However, the changes to axis2.xml still does not
> > get me thru the SSL authentication.
> > The instruction is here:
> > http://people.apache.org/~dumindu/docs/HowToConfigureSSL.html
> > I basically have the CA cert, the key, and the client cert in 3 different
> > files. The instruction said i needed to "cat" the client cert and the key
> > to 1 same file, which i did.
> > On another attempt, I did manage to write my own client codes (using
> > libcurl) with these credentials which connects OK to the server. But
> > somehow the axis2c client service does not work.
> > In details, the changes i made are these:
> > In axis2c.xml:
> > Enable https both in receiver and sender:
> > <transportReceiver name="https" class="axis2_http_receiver">
> > <parameter name="port" locked="false">6060</parameter>
> > <parameter name="exposeHeaders" locked="true">false</parameter>
> > </transportReceiver>
> > <transportSender name="https" class="axis2_http_sender">
> > <parameter name="PROTOCOL" locked="false">HTTP/1.1</parameter>
> > <parameter name="xml-declaration" insert="false"/>
> > <parameter name="SERVER_CERT">/path/ca-file.pem</parameter>
> > <parameter name="KEY_FILE">/path/client.pem</parameter>
> > </transportSender>
> > My understanding is this is all i need to make the transport layer carry
> > the credentials, which are needed for the server to
> > handshake/authenticate this client code.
> > But the error i get from the logs is like this:
> > [Fri Jun 24 17:56:56 2011] [error] libcurl/axis2_libcurl.c(538) NSS:
> > client certificate not found (nickname not specified)
> > [Fri Jun 24 17:56:56 2011] [error] libcurl/axis2_libcurl.c(540) Error
> > occurred in transport
> > [Fri Jun 24 17:56:56 2011] [error] engine.c(179) Transport sender invoke
> > failed
> > I wonder what i did wrong? Any help is greatly appreciated.
>
> --
> This message is automatically generated by JIRA.
> For more information on JIRA, see: http://www.atlassian.com/software/jira
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: c-dev-unsubscribe@axis.apache.org
> For additional commands, e-mail: c-dev-help@axis.apache.org
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: c-dev-unsubscribe@axis.apache.org
For additional commands, e-mail: c-dev-help@axis.apache.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic