I have remote web-service which is secured with X.509 certificate.
I generated web-service client stuff (using jax-ws) but need to configure if for the certificate's usage.
How should I proceed?
I guess I should register certificate in my local trusted keystore and them set something like this:
System.setProperty("javax.net.ssl.keyStore", keyStore);
System.setProperty("javax.net.ssl.keyStoreType", "JKS");
System.setProperty("javax.net.ssl.keyStorePassword", keyStorePassword);
System.setProperty("javax.net.ssl.trustStore", trustStore);
System.setProperty("javax.net.ssl.trustStoreType", "JKS");
System.setProperty("javax.net.ssl.trustStorePassword", trustStorePassword);
But it is not clear which data should be provided as the parameters.
Please do help.
Thanks.
The keystore properties defines the certificate that identifies you to the server:
System.setProperty("javax.net.ssl.keyStore", keyStore);
This is a java keystore with your x509 certificate. You may create it using tha java program keytool.
System.setProperty("javax.net.ssl.trustStore", trustStore);
This is a java keystore with the certificate(s) that identifies the web site. This is only used by your web service software to ensure that you are really talking to the correct web site.
System.setProperty("javax.net.ssl.keyStoreType", "JKS");
System.setProperty("javax.net.ssl.trustStoreType", "JKS");
This just specifies that the format of the javax.net.ssl.keyStore and javax.net.ssl.trustStore is java keystore.
System.setProperty("javax.net.ssl.keyStorePassword", keyStorePassword);
System.setProperty("javax.net.ssl.trustStorePassword", trustStorePassword);
This is the password that was used to encrypt the java keystore when it was created.
来源:https://stackoverflow.com/questions/8091607/java-client-for-the-x-509-secured-web-service