2 Replies Latest reply: Jul 28, 2008 2:32 AM by aroeder RSS

How to enable SSL?

aroeder Newbie

I followed the steps for "Enabling Transport Security (SSL)":

https://metro.dev.java.net/guide/Example_Applications.html#Example__Transport_Security__SSL_

But I can still call the webservice via http. What do I have to do to call it via https?

  • 1. Re: How to enable SSL?
    aroeder Newbie

    For a more detailed description. My web.xml has the following entry:

    <security-constraint>
    <display-name>SSL transport for WebService</display-name>
    <web-resource-collection>
    <web-resource-name>Secure Area</web-resource-name>
    <description/>
    <url-pattern>/*</url-pattern>
    <http-method>POST</http-method>
    </web-resource-collection>
    <user-data-constraint>
    <description/>
    <transport-guarantee>CONFIDENTIAL</transport-guarantee>
    </user-data-constraint>
    </security-constraint>
    


    And my wsit-MyEndpoint.xml policy looks like that:

    <wsp:Policy wsu:Id="MyWSPortBindingPolicy">
    <wsp:ExactlyOne>
    <wsp:All>
    <wsoma:OptimizedMimeSerialization/>
    <wsaws:UsingAddressing xmlns:wsaws="http://www.w3.org/2006/05/addressing/wsdl"/>
    <sp:TransportBinding>
    <wsp:Policy>
    <sp:TransportToken>
    <wsp:Policy>
    <sp:HttpsToken RequireClientCertificate="false"/>
    </wsp:Policy>
    </sp:TransportToken>
    <sp:Layout>
    <wsp:Policy>
    <sp:Lax/>
    </wsp:Policy>
    </sp:Layout>
    <sp:IncludeTimestamp/>
    <sp:AlgorithmSuite>
    <wsp:Policy>
    <sp:Basic128/>
    </wsp:Policy>
    </sp:AlgorithmSuite>
    </wsp:Policy>
    </sp:TransportBinding>
    <sp:Wss10/>
    </wsp:All>
    </wsp:ExactlyOne>
    </wsp:Policy>
    


  • 2. Re: How to enable SSL?
    aroeder Newbie

    I needed to switch on the SSL port in the server.xml too. But now I'm getting exceptions on the .NET/WCF client side:

    Security Requirements not met - No Security header in message
    
    Server stack trace:
    bei System.ServiceModel.Channels.ServiceChannel.HandleReply(ProxyOperationRun
    time operation, ProxyRpc& rpc)
    bei System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean o
    neway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan ti
    meout)
    bei System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean o
    neway, ProxyOperationRuntime operation, Object[] ins, Object[] outs)
    bei System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCal
    lMessage methodCall, ProxyOperationRuntime operation)
    bei System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)