Matei Florescu
Matei Florescu

Reputation: 1195

Force AXIS client to use TLS

How can I force a SOAP Axis client to use TLS instead of SSL? I have this code:

        SOAPMessage soapMessage = MessageFactory.newInstance()
                .createMessage();
        SOAPPart soapPart = soapMessage.getSOAPPart();
        javax.xml.soap.SOAPEnvelope soapEnvelope = soapPart.getEnvelope();

        Service service = new Service();
        Call call = (Call) service.createCall();
        call.setTargetEndpointAddress(new java.net.URL(endpoint));
        call.setOperationStyle(org.apache.axis.constants.Style.DOCUMENT);
        call.setSOAPActionURI("urn:processDocument");
        call.setUsername(user);
        call.setPassword(password);
        call.setTimeout(10000);
        call.invoke(new Message(soapEnvelope.toString()));

The error on execution is:

javax.net.ssl.SSLException: Received fatal alert: unexpected_message
    at org.apache.axis.AxisFault.makeFault(AxisFault.java:101)
    at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:154)
    at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
    at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
    at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
    at org.apache.axis.client.AxisClient.invoke(AxisClient.java:165)
    at org.apache.axis.client.Call.invokeEngine(Call.java:2784)
    at org.apache.axis.client.Call.invoke(Call.java:2767)
    at org.apache.axis.client.Call.invoke(Call.java:1870)
    at TestTLSConnect.main(TestTLSConnect.java:100)

Also I activated SSL logging and I can see this:

main, WRITE: SSLv3 Handshake, length = 79
main, READ: TLSv1 Alert, length = 2
main, RECV TLSv1 ALERT:  fatal, unexpected_message

I tried setting the protocol with System.setProperty("https.protocols", "TLSv1");, but I get the same error and the same log message.

Upvotes: 5

Views: 7554

Answers (1)

Haresh Godhani
Haresh Godhani

Reputation: 261

try {
        SSLContext ctx = SSLContext.getInstance("TLSv1.2");
        ctx.init(null, null, null);
        SSLContext.setDefault(ctx);
    } catch (Exception e) {
            System.out.println(e.getMessage());
    }

You can use this code the set the default protocol for SSL to TLS 1.2 and then write your other statements.

Upvotes: 2

Related Questions