Quantcast

SOAP over HTTPS

classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

SOAP over HTTPS

kernelmod3
CONTENTS DELETED
The author has deleted this message.
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: SOAP over HTTPS

David BRASSELY
Administrator
This post has NOT been accepted by the mailing list yet.
Hello Kirill,

Yes, it is perfectly possible !
You can configure keystore using both jvm properties and WSDL policy.

Regards,
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

RE: SOAP over HTTPS

vishnu.piskala
In reply to this post by kernelmod3

Hello Kirill

 

You need to specify the below properties in your openesb.sh/openesb.bat:

 

        -Djavax.net.ssl.keyStore=$OPENESB_HOME/keystore.jks \

        -Djavax.net.ssl.keyStorePassword=***** \

        -Djavax.net.ssl.trustStore=$OPENESB_HOME/cacerts.jks \

        -Djavax.net.ssl.trustStorePassword=****** \

 

keystore.jks should store the identity certificates for openesb se and cacerts.jks should store the certificates of  other servers you want to trust.

 

You may have a look at this to get some idea: http://logicoy.com/blogs/ssl-keystore-truststore-and-mutual-authentication/

 

Thanks

Vishnu

www.logicoy.com

 

From: kernelmod3 [via OpenESB Community Forum] [mailto:[hidden email]]
Sent: 28 April 2015 22:33
To: vishnu.piskala
Subject: SOAP over HTTPS

 

Hello!

I need to secure my OpenESB SE SOAP services with SSL. Is it possible?
How can I configure keystore, SSL settings, algorithms to use and etc.
?

Best regards,
Kirill Dubovikov.


If you reply to this email, your message will be added to the discussion below:

http://openesb-community-forum.794670.n2.nabble.com/SOAP-over-HTTPS-tp7580916.html

To start a new topic under OpenESB Community Forum, email [hidden email]
To unsubscribe from OpenESB Community Forum, click here.
NAML

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: SOAP over HTTPS

kernelmod3
CONTENTS DELETED
The author has deleted this message.
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: SOAP over HTTPS

David BRASSELY
Administrator
This post has NOT been accepted by the mailing list yet.
Hi Kirill,

As far as I understand, you want to change keystore type from JKS to something like PKCS12, right ?
By default, HTTPBC is coming with JKS support.

If you want to add support for something else, you can fork and clone this repository : https://bitbucket.org/openesb/openesb-httpbc

This is the repository for latest version of HTTPBC (version 3.0.0) based on Grizzly2.

Also, please have a look to this class to provide support for other keystore type.

I will be happy to validate your pull request ;-)

PS : Don't forget to create a ticket in JIRA before going further !
PS2 : You can build components in version 3.0.0 using Maven 3.x (it's not the case for components in 2.4.x). You still have to set profil to openesb to retrieve some common artifacts.
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: SOAP over HTTPS

kernelmod3
CONTENTS DELETED
The author has deleted this message.
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: SOAP over HTTPS

David BRASSELY
Administrator
This post has NOT been accepted by the mailing list yet.
Ok,

So can you tell me how do you want to set correct keystore store and what is the value for this type ?

Regards,
Loading...