[prev in list] [next in list] [prev in thread] [next in thread]
List: axis-user
Subject: RE: Relative path keystore Axis2
From: Martin Gainty <mgainty () hotmail ! com>
Date: 2016-04-28 13:20:00
Message-ID: BLU172-W1453963E721A0960A6DC10AE650 () phx ! gbl
[Download RAW message or body]
Buenasyesterday I was trying to determine *best price* to get to South America this \
year..obrigado Robert for stepping in public org.apache.commons.ssl.SSLClient client;
public java.security.KeyStore ks = java.security.KeyStore.getInstance("JKS");public \
java.security.cert.Certificate cert = ks.getCertificate(alias);public String \
original_keystoreFile="servidor.jks"; //sub in actual location of keystore filepublic \
String keystoreFile ="servidor.jks"; //sub in actual location of keystore \
filepublic String keystorePass="contrasuena"; //sub in actual password to \
keystorepublic String cert_filename="C:\\cacerts"; // sub in actual location of \
cacerts filepublic javax.net.ssl.SSLSocket ssl_socket;public java.util.Properties \
props = new java.util.Properties();public String hostURL_for_socket= \
props.getProperty("HostURL"); //sub in actual HTTP hostpublic String securePortURL \
=props.getProperty("SSLHostURL"); //sub in actual SSL hosttry{ client=new \
org.apache.commons.ssl.SSLClient(); client = setup_certificate(client); \
System.out.println("SSLClient="+client);}catch(Exception excp){ \
System.err.println("Cannot setup SSLClient message="+excp.getMessage()); \
return;}System.out.println("before secure_socket = (SSLSocket) \
client.createSocket(hostURL_for_socket,securePortURL )");secure_socket = \
(javax.net.ssl.SSLSocket) client.createSocket(hostURL_for_socket,securePortURL \
); System.out.println("AFTER client.createSocket secure_socket="+secure_socket); \
} catch(UnknownHostException unknown_host) { \
System.out.println("UnknownHostException has been thrown \
message="+unknown_host.getMessage()); System.out.println("new \
Socket(hostURL_for_socket="+hostURL_for_socket); System.out.println("securePortURL=" \
+securePortURL); System.out.println("client.createSocket(hostURL_for_socket,securePortURL \
) throws UnknownHostException has been thrown message="+unknown_host.getMessage()); \
} public org.apache.commons.ssl.SSLClient \
setup_certificate(org.apache.commons.ssl.SSLClient client){try{// Let's trust usual \
"cacerts" that come with Java. Plus, let's also trust a self-signed cert// we know \
of. We may have additional trusted certs inside keystore file. \
System.out.println("before client.addTrustMaterial( TrustMaterial.DEFAULT )"); \
client.addTrustMaterial( org.apache.commons.ssl.TrustMaterial.DEFAULT );// \
client.addTrustMaterial( new org.apache.commons.ssl.TrustMaterial( \
"/path/to/self-signed.pem" ) ); try { System.out.println("before key_material=new \
org.apache.commons.ssl.KeyMaterial( keystoreFile,keystorePass.toCharArray() \
)");//public org.apache.commons.ssl.KeyMateria(File jksFile,char[] password) throws \
GeneralSecurityException,IOException Throws: //GeneralSecurityException \
IOException key_material=new org.apache.commons.ssl.KeyMaterial( new \
java.io.File(keystoreFile),(char[])keystorePass.toCharArray() ); } \
catch(java.security.GeneralSecurityException general_security_exception) \
{ System.out.println("key_material=new org.apache.commons.ssl.KeyMaterial( new \
java.io.File(keystoreFile),(char[])keystorePass.toCharArray() ) throws \
GeneralSecurityException has been thrown \
message="+general_security_exception.getMessage()); key_material=null; \
return null; } System.out.println("key_material="+key_material); \
System.out.println("addding keystore file ..before client.addTrustMaterial( \
key_material )"); if(key_material!=null) client.addTrustMaterial( key_material ); \
// To be different, let's bypass check the hostname of the \
certificate System.out.println("before client.setCheckHostname( false \
)"); client.setCheckHostname( false ); // default setting is "true" for SSLClient \
//to be difference lets allow for expired certs (not \
recommended) System.out.println("before client.setCheckExpiry( false \
)"); client.setCheckExpiry( false ); // default setting is "true" for SSLClient \
//lets check against the Certificate Revocation List System.out.println("before \
client.setCheckCRL( true )"); client.setCheckCRL( true ); // default setting \
is "true" for SSLClient System.out.println("before key_material=new \
org.apache.commons.ssl.KeyMaterial(cert_filename, keystorePass.toCharArray()) where \
cert_filename="+cert_filename+" keystoreFile="+keystoreFile+" \
keystorePass="+keystorePass); //org.apache.commons.ssl.KeyMaterial(String \
pathToCerts, String pathToKey, char[] keystorePass) key_material=new \
org.apache.commons.ssl.KeyMaterial(cert_filename, (String)keystoreFile,(char \
[])keystorePass.toCharArray()); System.out.println("(Certificate) \
key_material="+key_material); // Let's load a client certificate (max: 1 per \
SSLClient instance). System.out.println("adding cert to client ..before \
client.setKeyMaterial( key_material )"); client.setKeyMaterial( key_material); \
cert_filename = "C:\cacerts"; //sub in actual location of cacerts file \
original_keystoreFile = "servidor.jks"; //sub in actual location of server key file \
char[] lfstorepass = keystorePass.toCharArray(); //make sure keystorePass contains \
actual password for cacerts char[] lfkeypass = \
keystorePass.toCharArray(); //make sure keystorePass contains actual password for \
key store stored in cacerts (i use //same password..NOT recommended) \
java.security.cert.CertificateFactory cf = \
java.security.cert.CertificateFactory.getInstance("X.509"); \
System.out.println("X.509 CertificateFactory ="+cf); \
java.io.FileInputStream cacert_file = new java.io.FileInputStream(cert_filename); \
System.out.println("FileInputStream cacert_file="+cert_filename); \
System.out.println("Generating the cert"); java.security.cert.Certificate \
certificate = cf.generateCertificate(cacert_file); \
System.out.println("closing cacert_file="+cert_filename); \
cacert_file.close(); System.out.println("Generating cert chain for certificate \
="+certificate); java.security.cert.Certificate[] cchain = { certificate \
}; System.out.println("cchain="+cchain); System.out.println("loading \
server key "+original_keystoreFile); java.io.FileInputStream \
original_keystoreFile_file = new java.io.FileInputStream(original_keystoreFile); \
System.out.println("original_keystoreFile_file="+original_keystoreFile_file); \
System.out.println("about to load KeyStore ks = \
java.security.KeyStore.getInstance(JKS"); java.security.KeyStore ks = \
java.security.KeyStore.getInstance("JKS"); System.out.println("ks="+ks); \
System.out.println("load keystore from \
original_keystoreFile_file="+original_keystoreFile_file+" lfstorepass="+lfstorepass); \
ks.load(original_keystoreFile_file, lfstorepass); //for asymmetric encryption (server \
and client keys are different) we need to dig out the private key \
System.out.println("before java.security.PrivateKey prk = (java.security.PrivateKey) \
ks.getKey(lf, lfkeypass)"); java.security.PrivateKey prk = \
(java.security.PrivateKey) ks.getKey(alias, lfkeypass); \
System.out.println("private key="+prk); System.out.println("setting signed key for \
keystore ks.setKeyEntry(lf_signed, prk, lfstorepass, cchain)"); \
ks.setKeyEntry("lf_signed", prk, lfstorepass, cchain); System.out.println("Store \
keystore to file"); java.io.FileOutputStream server_key_file = new \
java.io.FileOutputStream(original_keystoreFile); \
ks.store(server_key_file, keystorePass.toCharArray()); \
server_key_file.close(); } catch(java.security.GeneralSecurityException \
security_exception) \
{ System.out.println("************************************************************************************************************"); System.out.println("* \
GeneralSecurityException has been thrown \
message="+security_exception.getMessage()); System.out.println("******************** \
****************************************************************************************"); \
} catch(java.io.IOException \
ioe) { System.out.println("************************************************************************************************************"); System.out.println("* \
IOException has been thrown \
message="+ioe.getMessage()); System.out.println("*********************************** \
*************************************************************************"); } catch(java.lang.SecurityException \
security_excp) { System.out.println("********************************************** \
**************************************************************"); System.out.println("* \
SecurityException has been thrown \
message="+security_excp.getMessage()); System.out.println("************************* \
***********************************************************************************"); } System.out.println("returning \
SSLClient client="+client); return client; } ˇSaludos Cordiales desde las \
Americas!Martín
From: oscaster@hotmail.com
To: java-user@axis.apache.org
Subject: RE: Relative path keystore Axis2
Date: Thu, 28 Apr 2016 13:05:22 +0200
Hi Robert:
Thank you very much for pointing me.
I have performed the following code:
KeyStore theKeystore = null;
try {
InputStream theKeystoreInputStream = \
ClassLoader.getSystemResourceAsStream("keysdata.jks"); theKeystore = \
KeyStore.getInstance("JKS"); theKeystore.load(theKeystoreInputStream, null);
theKeystoreInputStream.close();
} catch (KeyStoreException ex) {
java.util.logging.Logger.getLogger(AsnefWS.class.getName()).log(Level.SEVERE, \
null, ex); } catch (IOException ex) {
java.util.logging.Logger.getLogger(AsnefWS.class.getName()).log(Level.SEVERE, \
null, ex); } catch (NoSuchAlgorithmException ex) {
java.util.logging.Logger.getLogger(AsnefWS.class.getName()).log(Level.SEVERE, \
null, ex); } catch (CertificateException ex) {
java.util.logging.Logger.getLogger(AsnefWS.class.getName()).log(Level.SEVERE, \
null, ex); }
And as far as I have debugged it, theKeystore is not null.
Reaching this point, I have been trying to perform code to use theKeystore but \
unfortunately I didn´t reach the solution.
I have surfing on google, and I found some examples using a SecureSocketFactory.
I have done my own SecureSocketFactory and I have told Axis like this
AxisProperties.setProperty("axis.socketSecureFactory","solvenciacenter.webservice.impl.MyCustomSSLSocketFactory"); \
My call to the web service looks like:
IcTransactionServiceServiceStub service = new \
IcTransactionServiceServiceStub(axisContext, endpointURL);
org.apache.axis2.transport.http.HttpTransportProperties.ProxyProperties \
HTTPProxyProperties = new \
org.apache.axis2.transport.http.HttpTransportProperties.ProxyProperties();
HTTPProxyProperties.setProxyName(IberdrolaConfigurationManager.getProperty("ws.proxy.host"));
HTTPProxyProperties.setProxyPort(Integer.parseInt(IberdrolaConfigurationManager.getProperty("ws.proxy.port")));
HTTPProxyProperties.setUserName(proxyUser);
HTTPProxyProperties.setPassWord(proxyPassword);
org.apache.axis2.client.Options options = \
service._getServiceClient().getOptions(); options.setProperty("PROXY", \
HTTPProxyProperties);
respuesta = service.submit(peticionA);
And I´m still getting the same error about not finding the certificate.
Could you please point me what I´m understanding wrong?
Thank you very much
Kind regards
> Date: Wed, 27 Apr 2016 12:54:36 -0300
> Subject: Re: Relative path keystore Axis2
> From: robertlazarski@gmail.com
> To: java-user@axis.apache.org
>
> On Wed, Apr 27, 2016 at 12:25 PM, Oscar Rugama <oscaster@hotmail.com> wrote:
> > Hi all:
> >
> > I'm developing a web service using axis2 & tomcat .
> >
> <snip>
> > My project could be like that, so at first glance my keystore is placed at
> > the what I thought is the root level, so just writing
> >
> > System.setProperty("javax.net.ssl.keyStore", "keysdata.jks");
> >
> >
> > I thought it should look in the root level. But nothing works (I mean an
> > absolute path yes it works)
> >
>
> I would try to use some form of getResourceAsSteam() . Lots of ways to
> do that. At the axis2 level, you should be able to do something like:
>
> MessageContext.getCurrentMessageContext().getAxisService().getClassLoader().getResourceAsSteam("keysdata.jks");
>
> - R
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: java-user-unsubscribe@axis.apache.org
> For additional commands, e-mail: java-user-help@axis.apache.org
>
[Attachment #3 (text/html)]
<html>
<head>
<style><!--
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
font-size: 12pt;
font-family:Calibri
}
--></style></head>
<body class='hmmessage'><div dir='ltr'><div><font face="Arial,sans-serif" \
color="#000000">Buenas</font></div><font face="Arial,sans-serif" \
color="#000000">yesterday I was trying to determine *best price* to get to South \
America this year..obrigado Robert for stepping in</font><div><font face="Arial, \
sans-serif"><br></font></div><div><font face="Arial, \
sans-serif">public org.apache.commons.ssl.SSLClient client;<br></font><div><font \
face="Arial,sans-serif" color="#000000">public</font><font face="Arial, \
sans-serif"> java.security.KeyStore ks \
= java.security.KeyStore.getInstance("JKS");</font></div><div><font \
face="Arial,sans-serif" \
color="#000000">public java.security.cert.Certificate cert</font><font \
face="Arial, sans-serif"> = ks.getCertificate(alias);</font></div><div><font \
face="Arial,sans-serif" color="#000000">public String \
original_keystoreFile="servidor.jks"; //sub in actual location of keystore \
file</font></div><div><font face="Arial,sans-serif" color="#000000">public String \
keystoreFile ="servidor.jks"; //sub in actual location of keystore \
file</font></div><div><font face="Arial,sans-serif" color="#000000">public String \
keystorePass="contrasuena"; //sub in actual password to \
keystore</font></div><div><font face="Arial,sans-serif" color="#000000">public String \
cert_filename="C:\\cacerts"; // sub in actual location of cacerts \
file</font></div><div><font face="Arial,sans-serif" \
color="#000000">public javax.net.ssl.SSLSocket ssl_socket;</font></div><div><font \
face="Arial,sans-serif" color="#000000">public java.util.Properties props = new \
java.util.Properties();</font></div><div><font face="Arial,sans-serif" \
color="#000000">public String </font>hostURL_for_socket<font \
face="Arial,sans-serif" color="#000000">= props.getProperty("HostURL"); \
//sub in actual HTTP host</font></div><div><font face="Arial,sans-serif" \
color="#000000">public \
String </font>securePortURL =props.getProperty("SSLHostURL"); //sub in \
actual SSL host</div><div><font color="#000000"><br \
id="FontBreak"></font><div>try</div><div>{</div><div> client=new \
org.apache.commons.ssl.SSLClient();</div><div> client = \
setup_certificate(client);</div><div> System.out.println("SSLClient="+client);</div><div>}</div><div>catch(Exception \
excp)</div><div>{</div><div> System.err.println("Cannot setup SSLClient \
message="+excp.getMessage());</div><div> return;</div><div>}</div><div><div>System.out.println("before \
secure_socket = (SSLSocket) client.createSocket(hostURL_for_socket,securePortURL \
)");</div><div>secure_socket = (javax.net.ssl.SSLSocket) \
client.createSocket(hostURL_for_socket,securePortURL );</div><div><span \
class="Apple-tab-span" style="white-space:pre"> </span>System.out.println("AFTER \
client.createSocket secure_socket="+secure_socket);</div><div><span \
class="Apple-tab-span" style="white-space:pre"> </span> \
}</div><div><span class="Apple-tab-span" style="white-space:pre"> </span> \
catch(UnknownHostException unknown_host)</div><div><span \
class="Apple-tab-span" style="white-space:pre"> </span> \
{</div><div><span class="Apple-tab-span" \
style="white-space:pre"> </span> \
System.out.println("UnknownHostException has been thrown \
message="+unknown_host.getMessage());</div><div><span class="Apple-tab-span" \
style="white-space:pre"> </span> System.out.println("new \
Socket(hostURL_for_socket="+hostURL_for_socket);</div><div><span \
class="Apple-tab-span" \
style="white-space:pre"> </span>System.out.println("securePortURL="+securePortURL);</div><div><span \
class="Apple-tab-span" \
style="white-space:pre"> </span>System.out.println("client.createSocket(hostURL_for_socket,securePortURL \
) throws UnknownHostException has been thrown \
message="+unknown_host.getMessage());</div></div><div> \
}</div><div><br></div><div>public org.apache.commons.ssl.SSLClient \
setup_certificate(org.apache.commons.ssl.SSLClient \
client)</div><div>{</div><div>try</div><div>{</div><div>// Let's trust usual \
"cacerts" that come with Java. Plus, let's also trust a self-signed \
cert</div><div>// we know of. We may have additional trusted certs inside \
keystore file.</div><div> System.out.println("before \
client.addTrustMaterial( TrustMaterial.DEFAULT )");</div><div> \
client.addTrustMaterial( org.apache.commons.ssl.TrustMaterial.DEFAULT );</div><div>// \
client.addTrustMaterial( new org.apache.commons.ssl.TrustMaterial( \
"/path/to/self-signed.pem" ) );</div><div><span class="Apple-tab-span" \
style="white-space:pre"> </span>try</div><div><span class="Apple-tab-span" \
style="white-space:pre"> </span>{</div><div><span class="Apple-tab-span" \
style="white-space:pre"> </span>System.out.println("before key_material=new \
org.apache.commons.ssl.KeyMaterial( keystoreFile,keystorePass.toCharArray() \
)");</div><div><span style="font-size: \
12pt;">//public org.apache.commons.ssl.KeyMateria</span><span style="font-size: \
12pt;">(File jksFile,char[] password) throws GeneralSecurityException,IOException \
Throws: //GeneralSecurityException IOException</span></div><div><span \
class="Apple-tab-span" style="white-space:pre"> </span>key_material=new \
org.apache.commons.ssl.KeyMaterial( new \
java.io.File(keystoreFile),(char[])keystorePass.toCharArray() );</div><div><span \
class="Apple-tab-span" style="white-space:pre"> </span> \
}</div><div><span class="Apple-tab-span" style="white-space:pre"> </span> \
catch(java.security.GeneralSecurityException \
general_security_exception)</div><div><span class="Apple-tab-span" \
style="white-space:pre"> </span> {</div><div><span \
class="Apple-tab-span" \
style="white-space:pre"> </span>System.out.println("key_material=new org.apache.commons.ssl.KeyMaterial( \
new java.io.File(keystoreFile),(char[])keystorePass.toCharArray() ) \
throws GeneralSecurityException has been thrown \
message="+general_security_exception.getMessage());</div><div><span \
class="Apple-tab-span" \
style="white-space:pre"> </span>key_material=null;</div><div> \
\
return null;</div><div><span class="Apple-tab-span" \
style="white-space:pre"> </span>}</div><div><span class="Apple-tab-span" \
style="white-space:pre"> </span>System.out.println("key_material="+key_material);</div><div><br></div><div><span \
class="Apple-tab-span" style="white-space:pre"> </span>System.out.println("addding \
keystore file ..before client.addTrustMaterial( key_material )");</div><div><span \
class="Apple-tab-span" style="white-space:pre"> </span>if(key_material!=null) \
client.addTrustMaterial( key_material );</div><div><br></div><div><span \
class="Apple-tab-span" style="white-space:pre"> </span>// To be different, let's \
bypass check the hostname of the certificate</div><div><span class="Apple-tab-span" \
style="white-space:pre"> </span>System.out.println("before client.setCheckHostname( \
false )");</div><div><span class="Apple-tab-span" \
style="white-space:pre"> </span>client.setCheckHostname( false ); // default \
setting is "true" for SSLClient</div><div> \
//to be difference lets allow \
for expired certs (not recommended)</div><div><span class="Apple-tab-span" \
style="white-space:pre"> </span>System.out.println("before client.setCheckExpiry( \
false )");</div><div><span class="Apple-tab-span" \
style="white-space:pre"> </span>client.setCheckExpiry( false ); // default \
setting is "true" for SSLClient</div><div><br></div><div> \
//lets check against the \
Certificate Revocation List</div><div><span class="Apple-tab-span" \
style="white-space:pre"> </span>System.out.println("before client.setCheckCRL( true \
)");</div><div><span class="Apple-tab-span" \
style="white-space:pre"> </span>client.setCheckCRL( true ); // \
default setting is "true" for SSLClient</div><div><br></div><div><span \
class="Apple-tab-span" style="white-space:pre"> </span>System.out.println("before \
key_material=new org.apache.commons.ssl.KeyMaterial(cert_filename, \
keystorePass.toCharArray()) where cert_filename="+cert_filename+" \
keystoreFile="+keystoreFile+" keystorePass="+keystorePass);</div><div><span \
class="Apple-tab-span" \
style="white-space:pre"> </span>//org.apache.commons.ssl.KeyMaterial(String \
pathToCerts, String pathToKey, char[] keystorePass)</div><div><span \
class="Apple-tab-span" \
style="white-space:pre"> </span>key_material=new org.apache.commons.ssl.KeyMaterial(cert_filename, \
(String)keystoreFile,(char [])keystorePass.toCharArray());</div><div><span \
class="Apple-tab-span" \
style="white-space:pre"> </span>System.out.println("(Certificate) \
key_material="+key_material);</div><div><br></div><div><span class="Apple-tab-span" \
style="white-space:pre"> </span>// Let's load a client certificate (max: 1 per \
SSLClient instance).</div><div><span class="Apple-tab-span" \
style="white-space:pre"> </span>System.out.println("adding cert to client ..before \
client.setKeyMaterial( key_material )");</div><div><span class="Apple-tab-span" \
style="white-space:pre"> </span>client.setKeyMaterial( \
key_material);</div><div><br></div><div> <span class="Apple-tab-span" \
style="white-space:pre"> </span>cert_filename = "C:\cacerts"; //sub in actual \
location of cacerts file</div><div> <span class="Apple-tab-span" \
style="white-space:pre"> </span> \
original_keystoreFile = "servidor.jks"; //sub in actual location of server key \
file</div><div> <span class="Apple-tab-span" \
style="white-space:pre"> </span> char[] lfstorepass \
= keystorePass.toCharArray(); //make sure keystorePass contains actual password for \
cacerts</div><div> <span class="Apple-tab-span" \
style="white-space:pre"> </span> char[] lfkeypass \
= keystorePass.toCharArray(); //make sure keystorePass contains actual \
password for key store stored in cacerts (i use //same password..NOT \
recommended)</div><div><br></div><div> <span class="Apple-tab-span" \
style="white-space:pre"> </span>java.security.cert.CertificateFactory cf = \
java.security.cert.CertificateFactory.getInstance("X.509");</div><div> <span \
class="Apple-tab-span" style="white-space:pre"> </span>System.out.println("X.509 \
CertificateFactory ="+cf);</div><div> <span class="Apple-tab-span" \
style="white-space:pre"> </span> java.io.FileInputStream \
cacert_file = new java.io.FileInputStream(cert_filename);</div><div> \
<span class="Apple-tab-span" style="white-space:pre"> </span> \
System.out.println("FileInputStream \
cacert_file="+cert_filename);</div><div><br></div><div> <span \
class="Apple-tab-span" style="white-space:pre"> </span> \
System.out.println("Generating the cert");</div><div> <span \
class="Apple-tab-span" style="white-space:pre"> </span> \
java.security.cert.Certificate certificate = \
cf.generateCertificate(cacert_file);</div><div> <span \
class="Apple-tab-span" style="white-space:pre"> </span> \
System.out.println("closing cacert_file="+cert_filename);</div><div> \
<span class="Apple-tab-span" style="white-space:pre"> </span> \
cacert_file.close();</div><div><br></div><div> <span \
class="Apple-tab-span" \
style="white-space:pre"> </span>System.out.println("Generating cert chain for \
certificate ="+certificate);</div><div> <span class="Apple-tab-span" \
style="white-space:pre"> </span> \
java.security.cert.Certificate[] cchain = { certificate \
};</div><div> <span class="Apple-tab-span" \
style="white-space:pre"> </span> \
System.out.println("cchain="+cchain);</div><div><br></div><div> \
<span class="Apple-tab-span" style="white-space:pre"> </span> \
System.out.println("loading server key \
"+original_keystoreFile);</div><div> <span class="Apple-tab-span" \
style="white-space:pre"> </span> java.io.FileInputStream \
original_keystoreFile_file = new \
java.io.FileInputStream(original_keystoreFile);</div><div> <span \
class="Apple-tab-span" style="white-space:pre"> </span> \
System.out.println("original_keystoreFile_file="+original_keystoreFile_file);</div><div><br></div><div> \
<span class="Apple-tab-span" style="white-space:pre"> </span> \
System.out.println("about to load KeyStore ks = \
java.security.KeyStore.getInstance(JKS");</div><div> <span \
class="Apple-tab-span" style="white-space:pre"> </span> \
java.security.KeyStore ks = \
java.security.KeyStore.getInstance("JKS");</div><div> <span \
class="Apple-tab-span" style="white-space:pre"> </span> \
System.out.println("ks="+ks);</div><div><br></div><div> <span \
class="Apple-tab-span" style="white-space:pre"> </span>System.out.println("load \
keystore from original_keystoreFile_file="+original_keystoreFile_file+" \
lfstorepass="+lfstorepass);</div><div> <span class="Apple-tab-span" \
style="white-space:pre"> </span>ks.load(original_keystoreFile_file, \
lfstorepass);</div><div><br></div><div>//for asymmetric encryption (server and client \
keys are different) we need to dig out the private key</div><div> <span \
class="Apple-tab-span" style="white-space:pre"> </span> \
System.out.println("before java.security.PrivateKey prk = \
(java.security.PrivateKey) ks.getKey(lf, lfkeypass)");</div><div> <span \
class="Apple-tab-span" style="white-space:pre"> </span> \
java.security.PrivateKey prk = (java.security.PrivateKey) ks.getKey(alias, \
lfkeypass);</div><div> <span class="Apple-tab-span" \
style="white-space:pre"> </span> \
System.out.println("private key="+prk);</div><div><br></div><div> \
<style><!--
.ExternalClass .ecxhmmessage P {
padding:0px;
}
.ExternalClass body.ecxhmmessage {
font-size:12pt;
font-family:Calibri;
}
--></style>
<div dir="ltr"> Hi Robert:<br><br> Thank you very much for pointing \
me.<br><br> I have performed the following \
code:<br><br> KeyStore theKeystore = \
null;<br> \
<br> try \
{<br> InputStream \
theKeystoreInputStream = \
ClassLoader.getSystemResourceAsStream("keysdata.jks");<br> \
theKeystore = KeyStore.getInstance("JKS");<br> \
theKeystore.load(theKeystoreInputStream, \
null);<br> \
theKeystoreInputStream.close();<br> } catch \
(KeyStoreException ex) \
{<br> \
java.util.logging.Logger.getLogger(AsnefWS.class.getName()).log(Level.SEVERE, null, \
ex);<br> } catch (IOException ex) \
{<br> \
java.util.logging.Logger.getLogger(AsnefWS.class.getName()).log(Level.SEVERE, null, \
ex);<br> } catch (NoSuchAlgorithmException \
ex) {<br> \
java.util.logging.Logger.getLogger(AsnefWS.class.getName()).log(Level.SEVERE, null, \
ex);<br> } catch (CertificateException ex) \
{<br> \
java.util.logging.Logger.getLogger(AsnefWS.class.getName()).log(Level.SEVERE, null, \
ex);<br> }<br><br>And as far as I have \
debugged it, theKeystore is not null.<br><br>Reaching this point, I have been \
trying to perform code to use theKeystore but unfortunately I didn´t reach the \
solution.<br><br>I have surfing on google, and I found some examples using a \
SecureSocketFactory.<br><br>I have done my own SecureSocketFactory and I have told \
Axis like this<br><br> AxisProperties.setProperty("axis.socketSecureFactory","solvenciacenter.webservice.impl.MyCustomSSLSocketFactory"); \
<br><br>My call to the web service looks like:<br><br>IcTransactionServiceServiceStub \
service = new IcTransactionServiceServiceStub(axisContext, \
endpointURL);<br> \
<br> \
org.apache.axis2.transport.http.HttpTransportProperties.ProxyProperties \
HTTPProxyProperties = new \
org.apache.axis2.transport.http.HttpTransportProperties.ProxyProperties();<br> \
HTTPProxyProperties.setProxyName(IberdrolaConfigurationManager.getProperty("ws.proxy.host"));<br> \
HTTPProxyProperties.setProxyPort(Integer.parseInt(IberdrolaConfigurationManager.getPro \
perty("ws.proxy.port")));<br> \
HTTPProxyProperties.setUserName(proxyUser);<br> \
HTTPProxyProperties.setPassWord(proxyPassword);<br> \
org.apache.axis2.client.Options options = \
service._getServiceClient().getOptions();<br> \
options.setProperty("PROXY", HTTPProxyProperties);<br><br> \
respuesta = service.submit(peticionA);<br><br>And I´m still getting the \
same error about not finding the certificate.<br><br>Could you please point me what \
I´m understanding wrong?<br><br>Thank you very much<br><br>Kind \
regards<br><br><br><br><br><div>> Date: Wed, 27 Apr 2016 12:54:36 -0300<br>> \
Subject: Re: Relative path keystore Axis2<br>> From: \
robertlazarski@gmail.com<br>> To: java-user@axis.apache.org<br>> <br>> On \
Wed, Apr 27, 2016 at 12:25 PM, Oscar Rugama <oscaster@hotmail.com> \
wrote:<br>> > Hi all:<br>> ><br>> > I'm developing a web \
service using axis2 & tomcat .<br>> ><br>> <snip><br>> > My \
project could be like that, so at first glance my keystore is placed at<br>> > \
the what I thought is the root level, so just writing<br>> ><br>> > \
System.setProperty("javax.net.ssl.keyStore", "keysdata.jks");<br>> ><br>> \
><br>> > I thought it should look in the root level. But nothing works (I \
mean an<br>> > absolute path yes it works)<br>> ><br>> <br>> I \
would try to use some form of getResourceAsSteam() . Lots of ways to<br>> do that. \
At the axis2 level, you should be able to do something like:<br>> <br>> \
MessageContext.getCurrentMessageContext().getAxisService().getClassLoader().getResourceAsSteam("keysdata.jks");<br>> \
<br>> - R<br>> <br>> \
---------------------------------------------------------------------<br>> To \
unsubscribe, e-mail: java-user-unsubscribe@axis.apache.org<br>> For additional \
commands, e-mail: java-user-help@axis.apache.org<br>> <br></div> \
</div></div></div></div> </div></body> </html>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic