How to configure SSLv2Hello with CXF webClient?

Question

I'm using CXF to develop REST web services. I have an apache who accept SSL connection using certificate.

I want to test my code with org.apache.cxf.jaxrs.client.WebClient class, but I can't communicate with apache because of:

javax.net.ssl.SSLException: java.lang.IllegalArgumentException:
SSLv2Hello   cannot be enabled unless at least one other supported
version is also enabled.

I tried to configure HttpConduit like this:

TLSClientParameters tlsParams = new TLSClientParameters();
KeyStore trustStore = KeyStore.getInstance(KEYSTORE_TYPE);
InputStream inputStream = WesRctAbstractTestcase.class.getClassLoader().getResourceAsStream(KEYSTORE_PATH);
trustStore.load(inputStream, KEYSTORE_PASSWORD.toCharArray());
TrustManagerFactory trustFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustFactory.init(trustStore);
TrustManager[] tms = trustFactory.getTrustManagers();
tlsParams.setTrustManagers(tms);
tlsParams.setSecureSocketProtocol("SSL");
tlsParams.setDisableCNCheck(true);
httpConduit.setTlsClientParameters(tlsParams);

I don't understand what is missing.

Maybe this post can help you, http://stackoverflow.com/questions/21308369/ssl-connection-with-specific-protocol-version Have you tried to remove the line tlsParams.setSecureSocketProtocol("SSL"); ? — soilworker, May 27 '15 at 08:38
Don't use quote formatting for text that isn't quoted, and do use code formatting for text that is code. — user207421, May 27 '15 at 09:24
I have tried to remove it. I get new error : "PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target". I will try http://stackoverflow.com/questions/20554567/cxf-client-unable-to-find-valid-certification-path-to-requested-target and your link next, thanks. — Couturier Boris, May 28 '15 at 07:39

How to configure SSLv2Hello with CXF webClient?

0 Answers0