This discussion is archived
3 Replies Latest reply: Feb 17, 2012 12:58 PM by wgkorb RSS

JAX-WS: How to choose from multiple client certificates on the fly?

wgkorb Newbie
Currently Being Moderated
I have a webapp that is calling a web service supplied by a vendor. The vendor requires the use of client certificates for authentication, and I have successfully called their service using the PKCS#12 keystore they gave us with JAX-WS 2.2 using code like this:
    System.setProperty("javax.net.ssl.keyStore", "myKeyStore.p12");<br />
    System.setProperty("javax.net.ssl.keyStoreType", "pkcs12");<br />
    System.setProperty("javax.net.ssl.keyStorePassword", "password");
The problem is, my webapp will be supporting multiple business units, and the vendor differentiates between our business units by issuing separate certificates for each. So I'm in a quandary: I have four PKCS#12 files, one per business unit, and my webapp will need to decide which one to use at runtime. Moreover, this webapp could be heavily used by many simultaneous users, and thus more than one of the certs may need to be used at the same time. Hence whatever the solution is, it will need to be thread safe.

I was able to combine all four certificates into a single JKS keystore using the JDK 1.6 "keytool -importkeystore" operation with each of my four PKCS#12 certs, so I now have all four in a single JKS keystore. The above code then becomes this:
    System.setProperty("javax.net.ssl.keyStore", "myKeyStore.jks");<br />
    System.setProperty("javax.net.ssl.keyStoreType", "jks");<br />
    System.setProperty("javax.net.ssl.keyStorePassword", "password");
So my challenge now is to programatically select between the four possible certs when calling the vendor's web service. How do I do that with JAX-WS RI 2.2?

Thanks,
Bill

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points