Configure Apache tomcat to send SSL certificate to frontend server(act as client)

1
votes

I have a soap based cxf services server deployed in server and also soap based cxf services client deployed in different server.Both the server have valid SSL certificates .Both are acting as client and server in different scenarios.Now i am calling client services through server and tomcat didn't send server certificate to client.So does it tomcat have any configuration or jvm to send ssl certificate to client.Please help me out.

More details I added JAVA_OPTS

  1. -Djavax.net.debug=ssl
  2. -Djavax.net.ssl.keyStore=[keystore_location]
  3. -Djavax.net.ssl.keyStorePassword=[password]

Below are the ssl sequence when client sends message to server

  1. Is initial handshake: true
  2. ClientHello, TLSv1
  3. ServerHello, TLSv1
  4. Certificate chain (server sends its certificate)
  5. Found trusted certificate(certificate trusted by client)
  6. CertificateRequest Cert Types: RSA, DSS(server request for client certificate)
  7. ServerHelloDone
  8. Certificate chain(This chain is empty.I think i need to add certificate here)
  9. ClientKeyExchange, RSA PreMasterSecret, TLSv1
1
javatomcatsslsoap
Please be specific about what's not working. Which machine is not presenting a certificate, and is that machine acting as client or server on the SSL connection in that case? If you can provide specific error messages and such, that would be good too.Warren Dew
Thanks for ur rep.Client send message to server.Server has configured to use client based authorization(2 way ssl).And client doesn't sending its certificate.Please go through above question again.I added more details.Mahesh

1 Answers

0
votes

I embedded client certificate in the cxf message and then send message to server.I take help of cxf sample project http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/wsdl_first_https/