|
|
| Re: Remote Services + https ? [message #27173 is a reply to message #27134] |
Wed, 24 June 2009 07:30  |
Eclipse User |
|
|
|
Hi Elias,
Currently we only support server certificates.
You can configure your ssl configuration with the
"org.eclipse.riena.communication.core.ssl" extension point.
This may look like this:
<extension
id="org.eclipse.riena.communication.core.ssl.test"
<sslconfig protocol="TLSv1" keystore="#jre-cacerts#"
password="changeit"/>
</extension>
This special value of the key-store attribute means take the certificate
of the running JRE.
The key-store may define the certificate as a file, a resource local to
the contributing bundle or a URL.
HTH,
Stefan
Christian Campo wrote:
> Elias Volanakis schrieb:
>> Hi,
>>
>> just curious: is it possible to use Riena Remote Services with https
>> out of the box?
>>
>> I'm looking for something like this:
>> https://localhost:8080/hessian/PingPongWS
>> ^
>>
>> Elias.
> Yes you can. You just need to setup your server with HTTPs and use an
> SSL certificate. There is even in o.e.r.communication.core a class
> SSLConfiguration which allows you to configure cacerts for clients. That
> is a certifacte server with servers you trust as a client.
>
> I guess Stefan could shed some more light on the SSLConfiguraation
> thing. I am not sure if also allows client certificates (that is a
> client has a certificate that a server has to trust) but client
> certificates are not that common. (browsers for example allways only use
> server certifacats).
>
> But that server certifact use case should work out of the box.
>
> christian
|
|
|
| Re: Remote Services + https ? [message #582890 is a reply to message #27095] |
Sun, 21 June 2009 06:50 |
| Eclipse User |
|
|
|
Elias Volanakis schrieb:
> Hi,
>
> just curious: is it possible to use Riena Remote Services with https out
> of the box?
>
> I'm looking for something like this:
> https://localhost:8080/hessian/PingPongWS
> ^
>
> Elias.
Yes you can. You just need to setup your server with HTTPs and use an SSL certificate. There is even in
o.e.r.communication.core a class SSLConfiguration which allows you to configure cacerts for clients. That is a
certifacte server with servers you trust as a client.
I guess Stefan could shed some more light on the SSLConfiguraation thing. I am not sure if also allows client
certificates (that is a client has a certificate that a server has to trust) but client certificates are not that
common. (browsers for example allways only use server certifacats).
But that server certifact use case should work out of the box.
christian
|
|
|
| Re: Remote Services + https ? [message #582901 is a reply to message #27134] |
Wed, 24 June 2009 07:30 |
| Eclipse User |
|
|
|
Hi Elias,
Currently we only support server certificates.
You can configure your ssl configuration with the
"org.eclipse.riena.communication.core.ssl" extension point.
This may look like this:
<extension
id="org.eclipse.riena.communication.core.ssl.test"
<sslconfig protocol="TLSv1" keystore="#jre-cacerts#"
password="changeit"/>
</extension>
This special value of the key-store attribute means take the certificate
of the running JRE.
The key-store may define the certificate as a file, a resource local to
the contributing bundle or a URL.
HTH,
Stefan
Christian Campo wrote:
> Elias Volanakis schrieb:
>> Hi,
>>
>> just curious: is it possible to use Riena Remote Services with https
>> out of the box?
>>
>> I'm looking for something like this:
>> https://localhost:8080/hessian/PingPongWS
>> ^
>>
>> Elias.
> Yes you can. You just need to setup your server with HTTPs and use an
> SSL certificate. There is even in o.e.r.communication.core a class
> SSLConfiguration which allows you to configure cacerts for clients. That
> is a certifacte server with servers you trust as a client.
>
> I guess Stefan could shed some more light on the SSLConfiguraation
> thing. I am not sure if also allows client certificates (that is a
> client has a certificate that a server has to trust) but client
> certificates are not that common. (browsers for example allways only use
> server certifacats).
>
> But that server certifact use case should work out of the box.
>
> christian
|
|
|
Powered by
FUDForum. Page generated in 0.02914 seconds
Home