views:

27

answers:

1

Hi,

I have written an application that connects to a SSL web service (including client certificate) through jaxws. For this to work I have a wstrust.jks that contains trusted root certificate for ws, and client.p12 that is the client certificate to use when connecting to ws. I have then created a custom SSLSocketFactory to be able to use my wstrust.jks and client.12 during the connection to ws. I tell jaxws to use my implementation by:

[javax.xml.ws.BindingProvider].getRequestContext().put(JAXWSProperties.SSL_SOCKET_FACTORY, customSSLSocketFactory);

Everything works like a charm if i run it as a standalone java-application. However when i use the same technique inside a Java bean (JSF) deployed as a war-file running under Tomcat, i get a "PKIX path building failed"-error.

BUT If i configure SSL through JAVA_OPTS when i start my Tomcat (through the -Djavax.net.ssl.* parameters) I get it to work.

So my question:

How do i (or is it possible) to get my custom-SSLSocketFactory-technique to work inside the Java bean?

I guess as tomcat wraps itself around my application, when running as a bean, it is working differently and my wish to use a custom SSLSocketFactory isnt respected...

Thanks for any input on this!

/Tobbe

+1  A: 

Solved it. If anyone have the same issue here is how. Instead of setting my custom factory through:

[javax.xml.ws.BindingProvider].getRequestContext().put(JAXWSProperties.SSL_SOCKET_FACTORY, customSSLSocketFactory);

I had to set it through:

HttpsURLConnection.setDefaultSSLSocketFactory(customSSLSocketFactory);

otherwise it seems to get ignored.

/Tobbe

Tobbe