How to configure SSL for Axis2/C clients

This page demonstrates how to configure a working Axis2/C SSL environment, then tests the setup by using the getVersion service of an Axis2/Tomcat installation.

Links

The page is based on:

Install OpenSSL:

wget http://www.openssl.org/source/openssl-0.9.8j.tar.gz
tar -zxf  openssl-0.9.8j.tar.gz
mkdir openssl
export OPENSSL_HOME=$PWD/openssl
export PATH=$OPENSSL_HOME/bin:$PATH
pushd openssl-0.9.8j
./config --prefix=$OPENSSL_HOME
make
make install
popd

Self-signed certificates for quick testing

Here, we create self-signed certificates to test if the Axis2/C client is capable to handle communication over SSL.

Set up a test certificate authority

mkdir myCA
pushd myCA
cp $OPENSSL_HOME/ssl/misc/CA.pl .
cp $OPENSSL_HOME/openssl.cnf .
./CA.pl -newca

Press ENTER to all the questions to accept the defaults except:

Enter PEM pass phrase: use changeit Common Name (eg, YOUR name) []: type a name (whatever)

When it asks for passphrase, use always "changeit" from this point.

Create and sign test certificates

popd
openssl genrsa -out client.key 1024
openssl req -new -key client.key -out newreq.pem

Press ENTER to all the questions to accept the defaults. For challenge password, use changeit.

cp newreq.pem myCA
pushd myCA
./CA.pl -sign

Pass phrase: changeit.

Caution: check which openssl.conf file is used (the first line of the command printout tells it). Check if the

unique_subject  = no

line is present and uncommented, otherwise you may get the following error:

failed to update database
TXT_DB error number 2

Then continue:

popd
cat myCA/newcert.pem client.key > client.pem

Set up the Axis2 environment

Execute the steps in the page Axis2SetUp. For Axis2/Java, use method 1.

Set up Tomcat

Follow the instructions in InstallAxis2Java, until the end of the section "Install and deploy Axis2". Then:

$JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA -keystore tomcat_keystore

  • The password should be changeit
  • Accept the defaultts to the questions
  • Answer "yes" to the "Is .... correct?" question
  • Press RETURN to the "Enter key password for..." question.

$CATALINA_HOME/bin/catalina.sh stop
$CATALINA_HOME/bin/catalina.sh start

Build the example Axis2/C client

wget ...
tar -zxf client.tgz
pushd client
g++ *.c -o client -I$AXIS2C_HOME/include/axis2-1.5.0/ -L$AXIS2C_HOME/lib -laxutil -laxis2_engine -laxis2_axiom

-- ZsoltMolnar - 02 Mar 2009

Edit | Attach | Watch | Print version | History: r3 < r2 < r1 | Backlinks | Raw View | WYSIWYG | More topic actions
Topic revision: r3 - 2009-03-02 - ZsoltMolnar
 
    • Cern Search Icon Cern Search
    • TWiki Search Icon TWiki Search
    • Google Search Icon Google Search

    EGEE All webs login

This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright & by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Ask a support question or Send feedback