Wednesday, February 12, 2003

Soap over SSL without signed certs

After wasting an hour on a supposedly trivial configuration - I got axis1.0 to connect with the SSL server without the stupid certificate signature that is required by the Java SSL client.



First step is to set "axis.socketSecureFactory" system property to "org.apache.axis.components.net.FakeTrustSocketFactory".



Second step - it's a workaround. The code that creates the SSL socket has an if()

that will use the fake TrustFactory only if an attribute is set. So you need to define

a handler with a dummy attribute, and set the transport to that handler. Something like:





<handler name="httpHandler" type="java:org.apache.axis.transport.http.HTTPSender">

<option name="dummy" value="foo"/>

</handler>

<ransport name="http" pivot="httpHandler" />





I couldn't find this on any search engine - very strange, you would expect this to be used more...

No comments: