0

I am using axis on java to consume a webservice. The web service is in https, and I want to avoid the the check for certificate. I found in this forum a solution that tell to put this on my code : 

AxisProperties.setProperty("axis.socketSecureFactory","org.apache.axis.components.net.SunFakeTrustSocketFactory");

I tried it but with no success. I have enabled : System.setProperty("javax.net.debug", "all"); and I see this in the begining of the log: 

trigger seeding of SecureRandom
done seeding SecureRandom
%% No cached client session
*** ClientHello, TLSv1 ......

And in the end it gives an error :

main, handling exception: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake

Am I missing something?

tshepang
  • 12,111
  • 21
  • 91
  • 136
edi843
  • 35
  • 2
  • 6
  • I don't know if it's the same thing, but have u tried `System.setProperty()` instead of `AxisProperties.setProperty()`? – tshepang Jan 31 '12 at 16:30
  • Yes, i have tried it also, the same thing – edi843 Feb 01 '12 at 09:35
  • 22
    Are you aware that your use of SSL has been highlighted in a [research paper](http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf) (Section 10)? – Basic Nov 22 '12 at 13:44

1 Answers1

-1

For disable-ing the the protocol is necessary to build a class that implements :SecureSocketFactory and in the method create to do this : ((SSLSocket)sslSocket).setEnabledProtocols(new String[] {"SSLv3", "TLSv1"}); A good start for this maybe, you can use the implemetation done from : JSSESocketFactory. The solution for this was based in this question : link

Community
  • 1
  • 1
edi843
  • 35
  • 2
  • 6