How to configure SSL for Axis2/C clients
This page demonstrates how to configure a working Axis2/C SSL environment, then tests the setup by using the getVersion service of an Axis2/Tomcat installation.Links
The page is based on:- OpenSSL Tutorial for Apache Rampart/C
: to create an own CA
- Configure Axis2/C for SSL
- Configure SSL in Tomcat
Install OpenSSL:
wget http://www.openssl.org/source/openssl-0.9.8j.tar.gz tar -zxf openssl-0.9.8j.tar.gz mkdir openssl export OPENSSL_HOME=$PWD/openssl export PATH=$OPENSSL_HOME/bin:$PATH pushd openssl-0.9.8j ./config --prefix=$OPENSSL_HOME make make install popd
Self-signed certificates for quick testing
Here, we create self-signed certificates to test if the Axis2/C client is capable to handle communication over SSL.Set up a test certificate authority
mkdir myCA pushd myCA cp $OPENSSL_HOME/ssl/misc/CA.pl . cp $OPENSSL_HOME/openssl.cnf . ./CA.pl -newcaPress ENTER to all the questions to accept the defaults except: Enter PEM pass phrase: use changeit Common Name (eg, YOUR name) []: type a name (whatever) When it asks for passphrase, use always "changeit" from this point.
Create and sign test certificates
popd openssl genrsa -out client.key 1024 openssl req -new -key client.key -out newreq.pemPress ENTER to all the questions to accept the defaults. For challenge password, use changeit.
cp newreq.pem myCA pushd myCA ./CA.pl -signPass phrase: changeit. Caution: check which openssl.conf file is used (the first line of the command printout tells it). Check if the
unique_subject = noline is present and uncommented, otherwise you may get the following error:
failed to update database TXT_DB error number 2Then continue:
popd cat myCA/newcert.pem client.key > client.pem
Set up the Axis2 environment
Execute the steps in the page Axis2SetUp. For Axis2/Java, use method 1.Set up Tomcat
Follow the instructions in InstallAxis2Java, until the end of the section "Install and deploy Axis2". Then:$JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA -keystore tomcat_keystore
- The password should be changeit
- Accept the defaultts to the questions
- Answer "yes" to the "Is .... correct?" question
- Press RETURN to the "Enter key password for..." question.
$CATALINA_HOME/bin/catalina.sh stop $CATALINA_HOME/bin/catalina.sh start
Build the example Axis2/C client
wget ... tar -zxf client.tgz pushd client g++ *.c -o client -I$AXIS2C_HOME/include/axis2-1.5.0/ -L$AXIS2C_HOME/lib -laxutil -laxis2_engine -laxis2_axiom-- ZsoltMolnar - 02 Mar 2009
Topic revision: r3 - 2009-03-02 - ZsoltMolnar
- EGEE Web
- EGEE Web Home
- gLite
- ProductTeams
- SA3
- JRA1
- TMB
- EMT
- SA1
- SA2
- NA2
- NA4
- EGEE-UIG
- List of registered projects
- List of EGEE-RP interactions
- Changes
- Index
- Search
Main.WebList
 |
|
Copyright &© by the contributing authors. All material on this collaboration platform is the property of the contributing authors. Ideas, requests, problems regarding TWiki? Ask a support question or Send feedback