2 Replies Latest reply on Jul 28, 2008 2:32 AM by aroeder

    How to enable SSL?

    aroeder

      I followed the steps for "Enabling Transport Security (SSL)":

      https://metro.dev.java.net/guide/Example_Applications.html#Example__Transport_Security__SSL_

      But I can still call the webservice via http. What do I have to do to call it via https?

        • 1. Re: How to enable SSL?
          aroeder

          For a more detailed description. My web.xml has the following entry:

          <security-constraint>
          <display-name>SSL transport for WebService</display-name>
          <web-resource-collection>
          <web-resource-name>Secure Area</web-resource-name>
          <description/>
          <url-pattern>/*</url-pattern>
          <http-method>POST</http-method>
          </web-resource-collection>
          <user-data-constraint>
          <description/>
          <transport-guarantee>CONFIDENTIAL</transport-guarantee>
          </user-data-constraint>
          </security-constraint>
          


          And my wsit-MyEndpoint.xml policy looks like that:

          <wsp:Policy wsu:Id="MyWSPortBindingPolicy">
          <wsp:ExactlyOne>
          <wsp:All>
          <wsoma:OptimizedMimeSerialization/>
          <wsaws:UsingAddressing xmlns:wsaws="http://www.w3.org/2006/05/addressing/wsdl"/>
          <sp:TransportBinding>
          <wsp:Policy>
          <sp:TransportToken>
          <wsp:Policy>
          <sp:HttpsToken RequireClientCertificate="false"/>
          </wsp:Policy>
          </sp:TransportToken>
          <sp:Layout>
          <wsp:Policy>
          <sp:Lax/>
          </wsp:Policy>
          </sp:Layout>
          <sp:IncludeTimestamp/>
          <sp:AlgorithmSuite>
          <wsp:Policy>
          <sp:Basic128/>
          </wsp:Policy>
          </sp:AlgorithmSuite>
          </wsp:Policy>
          </sp:TransportBinding>
          <sp:Wss10/>
          </wsp:All>
          </wsp:ExactlyOne>
          </wsp:Policy>
          


          • 2. Re: How to enable SSL?
            aroeder

            I needed to switch on the SSL port in the server.xml too. But now I'm getting exceptions on the .NET/WCF client side:

            Security Requirements not met - No Security header in message
            
            Server stack trace:
            bei System.ServiceModel.Channels.ServiceChannel.HandleReply(ProxyOperationRun
            time operation, ProxyRpc& rpc)
            bei System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean o
            neway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan ti
            meout)
            bei System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean o
            neway, ProxyOperationRuntime operation, Object[] ins, Object[] outs)
            bei System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCal
            lMessage methodCall, ProxyOperationRuntime operation)
            bei System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)