In this tutorial I will show how to use SSL/TSL or https in JAX-WS webservice. For using SSL with jax-ws webservice we need one keystore file. Please have a look at deploy jax-ws webservice before reading this tutorial.

First generate the keystore file using the below command from the command prompt. D:\keystore is the target location where the keystore file will be generated.

%JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA -keystore D:\keystore

 

You will be prompted for below options. So put the values.

Enter keystore password:
Re-enter new password:
What is your first and last name?
  [Unknown]:  roytuts.com
What is the name of your organizational unit?
  [Unknown]:  development
What is the name of your organization?
  [Unknown]:  roytuts.com
What is the name of your City or Locality?
  [Unknown]:  kolkata
What is the name of your State or Province?
  [Unknown]:  west bengal
What is the two-letter country code for this unit?
  [Unknown]:  IN
Is CN=roytuts.com, OU=development, O=roytuts.com, L=kolkata, ST=west bengal, C=IN correct?
  [no]:  yes

Enter key password for <tomcat>
        (RETURN if same as keystore password):

You may also like to read the similar example on:

SOAP over https with client certificate authentication

Configure Tomcat server to support for SSL

Open <tocat home directory>\conf\server.xml file and search for “<Connector port=”8443″ protocol=”HTTP/1.1″ SSLEnabled=”true” …/>”

Uncomment the above line and modify as shown below

<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" SSLEnabled="true"
               maxThreads="150" scheme="https" secure="true"
               keystoreFile="D:\sworkspace\keystore"
               keystorePass="kolkata"
               clientAuth="false" sslProtocol="TLS" />

 

For more information on SSL configuration you can have a look at the URL http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html

Now start the Tomcat Server and verify whether SSL connection gets established using https://localhost:8443/ in the browser.

Now test the service

package com.roytuts.service.test;

import com.roytuts.service.Hello;

import java.net.URL;

import javax.xml.namespace.QName;
import javax.xml.ws.Service;

public class HelloSSLClient {

    public static void main(String[] args) throws Exception {
        URL url = new URL("https://localhost:8443/jax-ws-ssl/hello?wsdl");
        QName qname = new QName("http://service.roytuts.com/",
                "HelloImplService");
        Service service = Service.create(url, qname);
        Hello hello = service.getPort(Hello.class);
        System.out.println(hello.sayHello("Soumitra"));
    }

}

 

You will get below exceptions in localhost so click on the below exception links to resolve the issues.

java.security.cert.CertificateException: No name matching localhost found
SunCertPathBuilderException: unable to find valid certification path to requested target

Thanks for your reading. Please leave a comment if you have any query.

Tags:

I am a professional Web developer, Enterprise Application developer, Software Engineer and Blogger. Connect me on Roy Tutorials | TwitterFacebook Google PlusLinkedin | Reddit

Leave a Reply

Your email address will not be published. Required fields are marked *