[jboss-user] [JBossWS] - How can I do mutual SSL when using JBoss as Web service clie

[zhijun]

Hi,

I'm running a Web Service client on JBoss 4.0.5 and JBossWS1.0.4GA. 

The Web service I'm trying to consume requires mutual SSL authentication.

I have created keytore, with the private key, the certificate in it. I also added the Web service provider's certificate to this keystore as a trusted certificate.

I have configured my server.xml file to include the following:

      <Connector port="8443" address="${jboss.bind.address}"
  |            maxThreads="100" strategy="ms" maxHttpHeaderSize="8192"
  |            emptySessionPath="true"
  |            scheme="https" secure="true" clientAuth="false"
  |            keystoreFile="${jboss.server.home.dir}/conf/jboss.keystore"
  |            keystoreType="jks"
  |            keystorePass="password" sslProtocol = "TLS" />

But I guess this is not good enough (I don't feel that way either). So when I called the service, the error message said that my request did not present a certificate.

How do I configure my Web service client, or write some code, to make sure that my web service request (to a https URL) will present a client certificate? 

I saw that you could specify user ID and password in the <service-ref> tag if you are using basic authentication. But I need certificate-based authentication and couldn't find an example. 

SOAP signing doesn't help me either because the Web service provider expects the certificate to be presented during the SSL handshake.

Thanks!


View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4027593#4027593

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4027593