1 Reply Latest reply: Apr 9, 2012 9:14 AM by spyhunter99 RSS

JBoss5.1 and HTTPS webservice client

dario novakovic Newbie

Hello,

 

I created WS client which is OK for HTTP but in production it needs to run through HTTPS.

 

Setting system propoerties (-Djavax.net.ssl.trust...) is not an option!

 

I created custom socket factory which reads my truststore and it works as standalone app. I configure custom socketFactory like this:

 

((BindingProvider)port).getRequestContext().put("com.sun.xml.internal.ws.transport.https.client.SSLSocketFactory", new MySocketFactory());

 

 

However, when i deploy to JBoss5.1 i get SSLHandshakeException which means that MySocketFactory and my truststore are not used.

 

I also tried

put("org.jboss.ws.socketFactory", PaymentsSocketFactory.class.getName());

(from https://community.jboss.org/thread/164188)

but it doesn't help.

 

 

I use

Version: jbossws-native-3.1.2.GA

Build: 200905081542

 

 

Is there any way I can setup WS client in JBoss to use my own truststore when setting up HTTPS for WS call?

 

Thank you!

  • 1. Re: JBoss5.1 and HTTPS webservice client
    spyhunter99 Novice

    I believe org.jboss.ws.socketFactory is used for message level signing and encryption, not transport.

     

    try put("javax.net.ssl....") in the request context.

     

    I've complained about this and modified a version of the community stack for this purpose. There's a jira on it. No idea how it works in the eap version of jboss. It irritates me too. As a work around, I store the passwords encrypted on disk. Then at run time, I read in the passwords, decrypt them, then add them to System.properties, I suppose then you can remove them but it obviously depends on whether or not something else is relying on them