My requirement is to configure Axis2 to listen to HTTPS calls. I am using Tomcat as my servlet container. So the question is how to configure Axis2 for HTTPS within Tomcat.
Let TOMCAT_HOME = {Location where you installed Tomcat}
2. Download latest Axis2 version
3. Install Tomcat 7
4. Drop Axis2 WAR distribution to $TOMCAT_HOME/webapps.
5. Unzip Axis2 WAR distribution
Now start Tomcat server.
- Go to $TOMCAT_HOME/bin
- Type > sh startup.sh ;tail -f ../logs/catalina.out (Assuming you are in Unix)
Try accessing http://localhost:8080/axis2
You should see Axis2 home page. There you will see links to list services, validate installation and to administer installation.
Now try to access HTTPS URL - https://localhost:8080/axis2 Oops !! This will say the secure connection failed. In FireFox you will get an error code "ssl_error_rx_record_too_long".
Inherently you cannot have a single port for HTTPS and HTTP. In above we were trying to access HTTPS URL from HTTP port. Server does not have a valid certificate to provide in that URL. Therefore browser truncates the connection, saying "ssl error"
So what is the port which HTTPS runs ? This we havent configured yet.
Configuring SSL for Tomcat
Step 1 - Creating self signed certificates and keystores
Type following in a command line
> keytool -genkey -alias tomcat -keyalg RSA -keystore tomcat.jks -keysize 2048
Answer the questions prompted.
Step 2 - Making configuration changes
1. Go to Tomcat configuration directory (E.g :- ~/development/Tools/webservers/apache-tomcat-7.0.23/conf)
2. Open server.xml
3. Uncomment following configurations,
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" />
4. Specify above created Keystore files
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
keystoreFile="/home/amila/development/apache/rampart-v2-tests/jks/tomcat-jks/tomcat.jks" keystorePass="tomcat" keyPass="password"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" />
Now we configured SSL for Tomcat on port 8443. Lets try accessing https://localhost:8443. You should see Tomcat page. Now try accessing https://localhost:8443/axis2/. You will also see Axis2 home page. OK, so far so good. Now try to list services in Axis2 - https://localhost:8443/axis2/services/listServices.
Hmm... Strangely you will not see any services. List services page may depict an "Internal Server Error".
The reason for this behavior is we have not configured HTTPS transport in Axis2 level. We only configured Tomcat. Inorder for Axis2 to be fully functional on HTTPS we also need to configure HTTPS transport in axis2.
Configuring HTTPS in Axis2
Steps
1. Go to $TOMCAT_HOME/webapps/axis2/WEB-INF/conf
2. Open axis2.xml
3. Locate transportReceiver - By default you will see only HTTP transport receiver
4. Configure HTTPS transport receiver and ports
i.e. Modify HTTP transport receiver with port parameter and add HTTPS transport receiver, as follows;
<transportReceiver name="http"
class="org.apache.axis2.transport.http.AxisServletListener">
<parameter name="port">8080</parameter>
</transportReceiver>
<transportReceiver name="https"
class="org.apache.axis2.transport.http.AxisServletListener">
<parameter name="port">8443</parameter>
</transportReceiver>
Now you should be able to list services through - https://localhost:8443/axis2/services/listServices.
More Reading
[1] Java Keystores - http://www.sslshopper.com/article-most-common-java-keytool-keystore-commands.html
[2] Apache Axis2 - http://axis.apache.org/axis2/java/core/
[3] Tomcat - http://tomcat.apache.org/
Let TOMCAT_HOME = {Location where you installed Tomcat}
Installation
1. Download Tomcat 72. Download latest Axis2 version
3. Install Tomcat 7
4. Drop Axis2 WAR distribution to $TOMCAT_HOME/webapps.
5. Unzip Axis2 WAR distribution
Now start Tomcat server.
- Go to $TOMCAT_HOME/bin
- Type > sh startup.sh ;tail -f ../logs/catalina.out (Assuming you are in Unix)
Try accessing http://localhost:8080/axis2
You should see Axis2 home page. There you will see links to list services, validate installation and to administer installation.
Now try to access HTTPS URL - https://localhost:8080/axis2 Oops !! This will say the secure connection failed. In FireFox you will get an error code "ssl_error_rx_record_too_long".
Inherently you cannot have a single port for HTTPS and HTTP. In above we were trying to access HTTPS URL from HTTP port. Server does not have a valid certificate to provide in that URL. Therefore browser truncates the connection, saying "ssl error"
So what is the port which HTTPS runs ? This we havent configured yet.
Configuring SSL for Tomcat
Step 1 - Creating self signed certificates and keystores
Type following in a command line
> keytool -genkey -alias tomcat -keyalg RSA -keystore tomcat.jks -keysize 2048
Answer the questions prompted.
Step 2 - Making configuration changes
1. Go to Tomcat configuration directory (E.g :- ~/development/Tools/webservers/apache-tomcat-7.0.23/conf)
2. Open server.xml
3. Uncomment following configurations,
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" />
4. Specify above created Keystore files
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
keystoreFile="/home/amila/development/apache/rampart-v2-tests/jks/tomcat-jks/tomcat.jks" keystorePass="tomcat" keyPass="password"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" />
Now we configured SSL for Tomcat on port 8443. Lets try accessing https://localhost:8443. You should see Tomcat page. Now try accessing https://localhost:8443/axis2/. You will also see Axis2 home page. OK, so far so good. Now try to list services in Axis2 - https://localhost:8443/axis2/services/listServices.
Hmm... Strangely you will not see any services. List services page may depict an "Internal Server Error".
The reason for this behavior is we have not configured HTTPS transport in Axis2 level. We only configured Tomcat. Inorder for Axis2 to be fully functional on HTTPS we also need to configure HTTPS transport in axis2.
Configuring HTTPS in Axis2
Steps
1. Go to $TOMCAT_HOME/webapps/axis2/WEB-INF/conf
2. Open axis2.xml
3. Locate transportReceiver - By default you will see only HTTP transport receiver
4. Configure HTTPS transport receiver and ports
i.e. Modify HTTP transport receiver with port parameter and add HTTPS transport receiver, as follows;
<transportReceiver name="http"
class="org.apache.axis2.transport.http.AxisServletListener">
<parameter name="port">8080</parameter>
</transportReceiver>
<transportReceiver name="https"
class="org.apache.axis2.transport.http.AxisServletListener">
<parameter name="port">8443</parameter>
</transportReceiver>
Now you should be able to list services through - https://localhost:8443/axis2/services/listServices.
More Reading
[1] Java Keystores - http://www.sslshopper.com/article-most-common-java-keytool-keystore-commands.html
[2] Apache Axis2 - http://axis.apache.org/axis2/java/core/
[3] Tomcat - http://tomcat.apache.org/
No comments:
Post a Comment