Members/nobuyasu/tightVNCProxy: apache-xmlrpc-3.1.3/docs/ssl.html annotate

annotate apache-xmlrpc-3.1.3/docs/ssl.html @ 191:b2f0cd0cff6c default tip

Added tag Version-1.0 for changeset 79046b4e5990

author	Yu Taninari <you@cr.ie.u-ryukyu.ac.jp>
date	Tue, 29 Nov 2011 15:52:44 +0900
parents	db5f735fd2b4
children

rev	line source
151 db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	1 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	2
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	3
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	4
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	5
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	6
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	7
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	8
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	9
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	10
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	11
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	12
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	13 <html xmlns="http://www.w3.org/1999/xhtml">
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	14 <head>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	15 <title>ws-xmlrpc - Using SSL</title>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	16 <style type="text/css" media="all">
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	17 @import url("./css/maven-base.css");
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	18 @import url("./css/maven-theme.css");
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	19 @import url("./css/site.css");
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	20 </style>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	21 <link rel="stylesheet" href="./css/print.css" type="text/css" media="print" />
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	22 <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	23 </head>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	24 <body class="composite">
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	25 <div id="banner">
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	26 <a href="" id="bannerLeft">
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	27
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	28 <img src="images/xmlrpc-logo.gif" alt="" />
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	29
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	30 </a>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	31 <div class="clear">
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	32 <hr/>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	33 </div>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	34 </div>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	35 <div id="breadcrumbs">
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	36
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	37
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	38
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	39
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	40
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	41
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	42
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	43
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	44 <div class="xleft">
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	45 Last Published: 2010-02-06
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	46 </div>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	47 <div class="xright"> <a href="http://www.apache.org/" class="externalLink">Apache</a>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	48 \|
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	49 <a href="../">Webservices</a>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	50 \|
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	51 <a href="">XML-RPC</a>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	52
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	53
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	54
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	55
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	56
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	57
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	58
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	59
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	60 </div>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	61 <div class="clear">
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	62 <hr/>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	63 </div>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	64 </div>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	65 <div id="leftColumn">
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	66 <div id="navcolumn">
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	67
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	68
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	69
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	70
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	71
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	72
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	73
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	74
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	75 <h5>XML-RPC</h5>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	76 <ul>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	77
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	78 <li class="none">
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	79 <a href="index.html">Overview</a>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	80 </li>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	81
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	82 <li class="none">
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	83 <a href="download.html">Download</a>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	84 </li>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	85
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	86 <li class="none">
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	87 <a href="changes-report.html">Changes</a>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	88 </li>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	89
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	90 <li class="none">
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	91 <a href="mail-lists.html">Mailing Lists</a>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	92 </li>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	93
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	94 <li class="none">
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	95 <a href="contributing.html">Contributing</a>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	96 </li>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	97
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	98 <li class="none">
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	99 <a href="xmlrpc2">XML-RPC 2</a>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	100 </li>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	101
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	102 <li class="none">
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	103 <a href="links.html">Links</a>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	104 </li>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	105 </ul>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	106 <h5>Documentation</h5>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	107 <ul>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	108
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	109 <li class="none">
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	110 <a href="client.html">Client Classes</a>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	111 </li>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	112
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	113 <li class="none">
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	114 <a href="server.html">Server Side XML-RPC</a>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	115 </li>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	116
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	117 <li class="none">
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	118 <a href="extensions.html">Vendor Extensions</a>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	119 </li>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	120
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	121 <li class="none">
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	122 <strong>SSL</strong>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	123 </li>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	124
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	125 <li class="none">
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	126 <a href="introspection.html">Introspection</a>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	127 </li>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	128
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	129 <li class="none">
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	130 <a href="advanced.html">Advanced Techniques</a>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	131 </li>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	132
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	133 <li class="none">
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	134 <a href="types.html">XML-RPC Types</a>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	135 </li>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	136
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	137 <li class="none">
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	138 <a href="faq.html">FAQ</a>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	139 </li>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	140
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	141 <li class="none">
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	142 <a href="apidocs/index.html">Javadocs</a>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	143 </li>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	144 </ul>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	145 <h5>Project Documentation</h5>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	146 <ul>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	147
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	148
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	149
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	150
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	151
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	152
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	153
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	154
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	155
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	156
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	157
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	158
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	159
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	160
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	161
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	162
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	163
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	164
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	165
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	166
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	167
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	168
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	169
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	170
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	171
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	172
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	173
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	174 <li class="collapsed">
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	175 <a href="project-info.html">Project Information</a>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	176 </li>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	177
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	178
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	179
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	180
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	181
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	182
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	183
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	184
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	185
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	186 <li class="collapsed">
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	187 <a href="project-reports.html">Project Reports</a>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	188 </li>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	189 </ul>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	190 <a href="http://maven.apache.org/" title="Built by Maven" class="poweredBy">
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	191 <img alt="Built by Maven" src="./images/logos/maven-feather.png"></img>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	192 </a>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	193
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	194
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	195
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	196
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	197
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	198
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	199
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	200
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	201 </div>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	202 </div>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	203 <div id="bodyColumn">
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	204 <div id="contentBox">
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	205 <p>This page describes how to configure a client for using SSL (aka https). Server configuration is out of this documents scope, because it clearly depends on the webserver. We refer, for example, to the <a href="http://tomcat.apache.org/tomcat-5.5-doc/ssl-howto.html" class="externalLink"> Tomcat SSL HowTo</a> or to the FAQ entry on <a href="http://docs.codehaus.org/display/JETTY/How+to+configure+SSL" class="externalLink"> SSL with Jetty</a>.</p>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	206 <div class="section"><h2>Background</h2>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	207 <p>Client configuration for SSL is not as simple as one might expect. This is surprising, because using SSL with a browser is as simple as typing in an https URL into the browsers input field.</p>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	208 <p>Thus, the first thing to keep in mind: Never start with Apache XML-RPC as a client. It is much better to create a simple static page and point your browser to the static pages URL. If you get this working, then you may assume that all remaining problems rest with the client.</p>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	209 <p>If you did that, you may have noticed, that the browser brings up a warning, that your web server is "not trusted". This is typically the case, if you did not buy a certificate: For the case of simplicity, developers are typically creating a so-called "self-signed certificate".</p>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	210 <p>And that's exactly your most likely problem: Like pressing the browsers button to "Accept the certificate" (temporarily or permanently), you've got to tell your Java client, that you want to accept the certificate.</p>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	211 </div>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	212 <div class="section"><h2>Choose the right URL</h2>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	213 <p>Typically, your server may be accessible with multiple URL's. For example, on my machine the following URL's will all reach the same servlet:</p>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	214 <p>https://mcjwi.eur.ad.sag/xmlrpc https://localhost/xmlrpc https://127.0.0.1/xmlrpc</p>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	215 <p>Unfortunately, at most one will work in the most cases. The question is: How do I choose the right one?</p>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	216 <p>The answer is given by the certificate field CN. For example, my self certified key looks like this:</p>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	217 <p>Owner: CN=mcjwi.eur.ad.sag, OU=-, O=-, L=-, ST=-, C=- Issuer: CN=mcjwi.eur.ad.sag, OU=-, O=-, L=-, ST=-, C=-</p>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	218 <p>Note, that you've got to pick a proper CN when generating the certificate! If you are self-certifying the key and the keytool asks you for your own name: Ignore it. In your case the proper reply is the host name.</p>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	219 </div>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	220 <div class="section"><h2>The quick and dirty solution</h2>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	221 <p>Yes, there is a quick and dirty solution: Just tell your client, that you want to accept any certificate, regardless of issuer and host. This can be done by installing a custom TrustManager and a HostnameVerifier. Add the following code to your clients initialization:</p>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	222 <div class="source"><pre> import java.security.cert.X509Certificate;
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	223
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	224 import javax.net.ssl.HostnameVerifier;
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	225 import javax.net.ssl.HttpsURLConnection;
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	226 import javax.net.ssl.SSLContext;
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	227 import javax.net.ssl.SSLSession;
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	228 import javax.net.ssl.TrustManager;
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	229 import javax.net.ssl.X509TrustManager;
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	230
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	231 // Create a trust manager that does not validate certificate chains
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	232 TrustManager[] trustAllCerts = new TrustManager[] {
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	233 new X509TrustManager() {
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	234 public X509Certificate[] getAcceptedIssuers() {
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	235 return null;
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	236 }
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	237
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	238 public void checkClientTrusted(X509Certificate[] certs, String authType) {
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	239 // Trust always
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	240 }
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	241
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	242 public void checkServerTrusted(X509Certificate[] certs, String authType) {
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	243 // Trust always
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	244 }
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	245 }
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	246 };
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	247
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	248 // Install the all-trusting trust manager
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	249 SSLContext sc = SSLContext.getInstance("SSL");
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	250 // Create empty HostnameVerifier
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	251 HostnameVerifier hv = new HostnameVerifier() {
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	252 public boolean verify(String arg0, SSLSession arg1) {
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	253 return true;
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	254 }
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	255 };
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	256
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	257 sc.init(null, trustAllCerts, new java.security.SecureRandom());
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	258 HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	259 HttpsURLConnection.setDefaultHostnameVerifier(hv); </pre>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	260 </div>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	261 </div>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	262 <div class="section"><h2>The recommended solution</h2>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	263 <p>Needless to say, the quick and dirty solution may is insecure, because it can your requests can be intercepted by a man-in-the-middle attack. Fortunately, there is also a clean solution: Import the servers public key into your truststore.</p>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	264 <p>As a first step, you've got to obtain the servers public key. Assuming, that the key is in your keystore, you may export it by running</p>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	265 <div class="source"><pre> keytool -export -alias tomcat -rfc -file tomcat.crt </pre>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	266 </div>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	267 <p>This example would export the public key named "tomcat" (which is used by Tomcat) into the file "tomcat.crt". The key would be read from your default keystore, which is the file .keystore in your home directory (something like "c:\Documents and Settings\jwi\.keystore" on windows or "/home/jwi/.keystore" on Linux/Unix).</p>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	268 <p>Obviously, this first step must be done on the server. The second step would be to create a truststore on your client by importing the file "tomcat.crt":</p>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	269 <div class="source"><pre> keytool -import -alias servercert -file tomcat.crt -keystore truststore </pre>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	270 </div>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	271 <p>The option "-keystore truststore" specifies a file name. Of course, this may as well be an absolute path.</p>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	272 </div>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	273
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	274 </div>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	275 </div>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	276 <div class="clear">
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	277 <hr/>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	278 </div>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	279 <div id="footer">
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	280 <div class="xright">©
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	281 2001-2010
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	282
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	283 The Apache Software Foundation
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	284
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	285
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	286
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	287
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	288
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	289
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	290
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	291
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	292 </div>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	293 <div class="clear">
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	294 <hr/>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	295 </div>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	296 </div>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	297 </body>
db5f735fd2b4 add xml-rpc.jar e085711 parents: diff changeset	298 </html>

Mercurial > hg > Members > nobuyasu > tightVNCProxy

annotate apache-xmlrpc-3.1.3/docs/ssl.html @ 191:b2f0cd0cff6c default tip