Details
-
Bug
-
Status: Closed
-
Minor
-
Resolution: Fixed
-
3.2.5
-
None
-
None
-
Unknown
Description
Automatic ssl configuration using javax.net.ssl.. broken (since cxf 3.2.5)
This is workaround to configure http-conf from system properies
<http-conf:conduit name="*.http-conduit">
<http-conf:tlsClientParameters>
<sec:keyManagers keyPassword="${javax.net.ssl.keyStorePassword}">
<sec:keyStore
type="${javax.net.ssl.keyStoreType:JKS}"
password="${javax.net.ssl.keyStorePassword}"
file="${javax.net.ssl.keyStore}"/>
</sec:keyManagers>
<sec:trustManagers>
<sec:keyStore type="${javax.net.ssl.trustStoreType:JKS}" file="${javax.net.ssl.trustStore}" /> <!-- password="${javax.net.ssl.trustStorePassword:#{null}}" -->
</sec:trustManagers>
</http-conf:tlsClientParameters>
</http-conf:conduit>
Run JVM with
-Djavax.net.ssl.trustStore=/path/to/trusted.cacerts -Djavax.net.ssl.keyStore=/path/to/trusted.clientcerts -Djavax.net.ssl.keyStorePassword=clientcertpass
and try jax-rs client proxy to ssl secured endpoint