Posts

Showing posts from June, 2009

Relaxing SSL validation for JaxWS

I've recently had the need to access a web service developed in .Net and signed with a self signed certificate. I've decided to use the JaxWS and the Metro stack to develop the client and run it on Java6. As a plus, the service was protected with username and password. The service was exposed on an IP address and I repetedly had problems in establishing a connection. In the end, thanks to this article, it was obvious that the certificate was not created with the alternative name attribute but it was not an option to change the certificate as the web service was already used by other consumers (.net clients don't suffer by this issue). So, on my quest to relax the validation, I've found out this article and code snippet, which did not compile at first (I guess package names were changed in JDK6) so I've did some trivial refactoring and now, after invoking the static methods in the client code, the SSL connection gets validated with no problems. Hope it helps and th...