Providing a keystore to a webService client

Question

Providing a keystore to a webService client

Hi, I created a web service client in eclipse from a wsdl file. But when I try to access the service from the client, he says. SSL configuration for the endpoint is not available. And then the address of my endpoint. Please let me know how I can provide ssl configuration through the keystore to my webservice client. I have a standalone client and a keystore provided by the client. TIA

+6

eclipse ssl web-services keystore webservice-client

ankit Apr 26 '13 at 10:41

source share

2 answers

You can do this using Apache CXF and setting up a client channel. See the Configuring SSL Support section in this great tutorial .

Hope this helps.

+3

Farzad fallah Sep 27 '13 at 21:22

source share

Rahul tripathi · Accepted Answer · 2013-10-02T19:03:16+0000

You can start by checking what is in the keystore:

keytool -list -keystore D:\Tomcat\ukdp.keystore -storepass 123456

A sample of what your conduit definition might look like: -

 <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:sec="http://cxf.apache.org/configuration/security" xmlns:http="http://cxf.apache.org/transports/http/configuration" xmlns:jaxws="http://java.sun.com/xml/ns/jaxws" xsi:schemaLocation=" http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd"> <http:conduit name="{http://apache.org/hello_world}HelloWorld.http-conduit"> <http:tlsClientParameters> <sec:keyManagers keyPassword="password"> <sec:keyStore type="JKS" password="password" file="my/file/dir/Morpit.jks"/> </sec:keyManagers> <sec:trustManagers> <sec:keyStore type="JKS" password="password" file="my/file/dir/Truststore.jks"/> </sec:trustManagers> <sec:cipherSuitesFilter> <!-- these filters ensure that a ciphersuite with export-suitable or null encryption is used, but exclude anonymous Diffie-Hellman key change as this is vulnerable to man-in-the-middle attacks --> <sec:include>.*_EXPORT_.*</sec:include> <sec:include>.*_EXPORT1024_.*</sec:include> <sec:include>.*_WITH_DES_.*</sec:include> <sec:include>.*_WITH_AES_.*</sec:include> <sec:include>.*_WITH_NULL_.*</sec:include> <sec:exclude>.*_DH_anon_.*</sec:exclude> </sec:cipherSuitesFilter> </http:tlsClientParameters> <http:authorization> <sec:UserName>Betty</sec:UserName> <sec:Password>password</sec:Password> </http:authorization> <http:client AutoRedirect="true" Connection="Keep-Alive"/> </http:conduit> </beans>

I also found several topics that could help you: -

Providing a keystore to a webService client

More articles: