Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [jetty-users] Issue with calling secured service from web socket service

Oh.

Then add
--exec
to your start.ini, before your your -D... lines.

This will cause the Jetty server startup to fork a new JVM with those arguments set as JVM properties.


Joakim Erdfelt / joakim@xxxxxxxxxxx

On Wed, Feb 10, 2016 at 6:40 AM, Mohan Kumar G <mohan.gundappa@xxxxxxxxx> wrote:
Thanks for the response. I am not talking about scuring web socket service. calling another secured service inside web socket service.


   Client ------------>  Web socket service ---------(inside the service code calling another SOAP service) ----------> Soap service

On Wed, Feb 10, 2016 at 7:22 AM, Joakim Erdfelt <joakim@xxxxxxxxxxx> wrote:
If you are using javax.websocket, then you have no options.
The ability to setup / configure the SSL for the javax.websocket client just does not exist in the javax.websocket API.
Perhaps a future version of the javax.websocket spec will have that available (including setting up proxies for websocket clients)

If you are using Jetty's WebSocketClient API (has nothing to do with javax.websocket), then you can configure a SslContextFactory and pass it into the constructor of the WebSocketClient to configure the SSL/TLS that will be used (including things like the keystore, truststore, cipher selection, protocol selection, etc..)

Joakim Erdfelt / joakim@xxxxxxxxxxx

On Tue, Feb 9, 2016 at 7:10 PM, Mohan Kumar G <mohan.gundappa@xxxxxxxxx> wrote:
Hello,

Here is my scenario. We have websocket service deployed on Jetty 9.2.x

This web socket service is trying to call a service which is mutually authenticated.

I have store created (.pfx file) which has both private and public keys.

I have kept "mystore" file under etc under jetty base.

Added the below commands to server.ini file under my jetty base.

-Djavax.net.ssl.keyStore=etc\mystore
-Djavax.net.ssl.keyStorePassword=mypassword
-Djavax.net.ssl.trustStore=etc\mystore
-Djavax.net.ssl.trustStorePassword=mypassword

When my web socket service tryies to call service which requires mutual authentication it's giving the below error.

Can you please helps to resolve this issue?


javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target




_______________________________________________
jetty-users mailing list
jetty-users@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/jetty-users


_______________________________________________
jetty-users mailing list
jetty-users@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/jetty-users


_______________________________________________
jetty-users mailing list
jetty-users@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/jetty-users


Back to the top