users@glassfish.java.net

Re: SSL connection client certificate?

From: <glassfish_at_javadesktop.org>
Date: Mon, 28 Jan 2008 07:37:34 PST

For SSL Scenarios You do not have to configure any thing inside the Security Option that NB has. Please remember that WSIT/Metro configuration files are used to configure WS-* (which are at the SOAP Layer).

SSL has to do with the Transport layer and so to configure your client for SSL you need to follow different set of instructions.

 Is your client a J2SE Client or a WebClient running on GF ?.

For a J2SE client you will have set these properties before invoking the service

System.setProperty("javax.net.ssl.trustStore", "<client.truststore.location>");
System.setProperty("javax.net.ssl.trustStorePassword", "<password>");
System.setProperty("javax.net.ssl.keyStore", "<client.keystore.location>");
System.setProperty("javax.net.ssl.keyStorePassword", "<password>");


If you are not using Mutual Authentication, then all you need to set is the Truststore location and password above and the Truststore need only contain the CA certificate of the Server Certificate Issuer.

If you are looking for Mutual Authentication then you need to set the keystore props as well.

Where did you get the client certificates from ?. It should not just be a certificate but should be a pair.

See the JDK6 Keytool it supports various options for importing certs into the keystore.
[Message sent by forum member 'kumarjayanti' (kumarjayanti)]

http://forums.java.net/jive/thread.jspa?messageID=256123