The recommended use of Openssl,linux is basically self-bringing. OpenSSL under Windows is tossing for 3 hours, giving up all kinds of DLLs.
Directly talk about the topic, WebService SSL two-way authentication.
I. Certificate-related build work
1.Key pair generation[generate private key, remember password, save this file]
Openssl> Genrsa-aes256-out PRIVATEKEY.PEM 2048
2.CSR Generation "Generate CSR certificate request File"
openssl> Req-new-sha256-key privatekey.pem-out CERTREQ.CSR
At this point you get 2 files, one is the PEM format of the private key, this file is important, must be saved, remember to set the password. One is the CSR certificate request file, and subsequent certifications will send you a PEM file.
3. Get the PEM client certificate file sent to you
4. Generate files in P12 format for JAX-ws
Openssl>pkcs12-inkey privatekey.pem-in XXXX. Cert.pem -aes256-export-out CERT.P12
The 5.JAX-WS code is set as follows:
System.setproperty ("Javax.net.debug", "Ssl,handshake");
System.setproperty ("Javax.net.ssl.keyStore", "D:\\NEW-TEST\\LAST\\CERT.P12");
System.setproperty ("Javax.net.ssl.keyStorePassword", "Your password");
System.setproperty ("Javax.net.ssl.keyStoreType", "PKCS12");
6.soapui settings: File--preferences--ssl settings--"set up good keystores
TICK: Enable SSL for mock services
can be accessed normally.
WebService SSL 3 bidirectional Authentication "OPENSSL,JAX-WS,SOAPUI Related Settings development"