eBase v 4.5.1 - web service resource call using client authentication

Post any questions you have about using the Verj.io Studio, including client and server-side programming with Javascript or FPL, and integration with databases, web services etc.

Moderators: Ian, Dave, jcoulson, Jon, Wai

User avatar
Jez
Ebase User
Posts: 24
Joined: Thu Aug 21, 2008 11:03 am
Location: Hampshire County Council

eBase v 4.5.1 - web service resource call using client authentication

#1

Postby Jez » Wed Sep 11, 2019 7:50 am

Hi

I am trying to make an eBase web service resource call to a server that requires the client certificate to be sent in order to authenticate the client (using TLS v1.2).

The certificates have been added to the Java CACERTS but when I attempt the call I get the following error

SocketException invoking https://xxxxxx : Software caused connection abort: recv failed

For further information I then turned on debugging using -Djavax.net.debug=all and found the following error in the log

Warning: no suitable certificate found - continuing without client authentication

The Java CACERTS is the correct one as the keystore information has been set using the -Djavax.net.ssl Java options in the Tomcat startup

Is there any more configuration needed to get an eBase form/web service resource to make a call to a server using client authentication?

Thanks
0 x
--------------------------------------
Jez Hollinshead - Hampshire CC

Steve
Moderator
Moderator
Posts: 333
Joined: Fri Sep 07, 2007 3:44 pm
Location: Sandy, UK
Contact:

Re: eBase v 4.5.1 - web service resource call using client authentication

#2

Postby Steve » Wed Sep 11, 2019 9:56 am

Hi Jez,

For client communications (outbound form the server) you need to configure the "truststore" and not the "keystore". The keystore is used if you are acting as a server and you store your certificates in here.

You need to configure the the system property:

-Djavax.net.ssl.trustStore=<path-to-truststore>
-Djavax.net.ssl.trustStorePassword=<password-for-trustore>

You could also put the certificate into Java's default trustore location:

<Ebase-Install-Dir>/jre/lib/security/cacerts


Here is some useful information:

https://stackoverflow.com/questions/587 ... t-keystore

Kind regards

Steve Upton
0 x


Who is online

Users browsing this forum: No registered users and 5 guests