Menu
▾
▴
Re: [Wbemservices-development] Wbemservices-development Digest, Vol 4, Issue 7
|
From: erich <er...@su...> - 2006-09-29 08:54:03
|
Dear Damien, Thank you for the information. After searching the internet, I fond 2 articles about using SSL in Java program: 1. SECURE COMMUNICATION WITH JSSE http://java.sun.com/developer/JDCTechTips/2004/tt0817.html#1 2. SSL SERVERS http://java.sun.com/developer/JDCTechTips/2004/tt0914.html#2 I tried to make the SSL support in wbemservices project to work and finally found that the SSL support works find in wbemservices v1.0.2 if you have a certificate in the WBEM server (CIMOM). (I check the README file and it says nothing about it.) A roughly procedure to make the SSL to work: 1. Download the wbemservices v1.0.2. 2. Get a certificate. (If you do not have one, you could use keytool utility of JDK to create one. Please ref. http://java.sun.com/developer/JDCTechTips/2004/tt0914.html#2 for an example.) 3. Run the WBEM server (CIMOM) with the "javax.net.ssl.keyStore" and "javax.net.ssl.keyStorePassword" system properties. You could have it in "cimom\bin\start_cimom.bat". For example: %JAVA% %CLASSPATH% -Xmx128m -Djava.security.manager -Djavax.net.ssl.keyStore="C:\.keystore" -Djavax.net.ssl.keyStorePassword=keystorepassword -Djava.security.policy=%CIMOMBIN%\cimom.policy -DBaseDir=%WBSERHOME% -Dpropdir=%CIMOMBIN% -Dlogdir=%WBLOGDIR% %CIMOMSERVER% %WBSERFILE% 4. Run workshop and use "https://...." in the "Host URL" field as well as any "User Name" and "Passowrd" when you log in the WBEM server. Note: If you run the workshop in another computer, you also need the certificate(at least the public key) in that computer as well as the "javax.net.ssl.keyStore" and "javax.net.ssl.keyStorePassword" system properties when you run the workshop Java program. This is not the scenario we use a browser to connect to an https web site. When I use a browser to visit an https web site, the browser gets some information about the certificate and shows it in another window and asks me to confirm if I accept that certificate when the certificate is not recognized and saved in the browser. Hope next version has this mechanism. Then the client side, i.e. the workshop, does not need to keep the public key of the certificate. Regards, Eric Hsu -----Original Message----- From: wbe...@li... [mailto:wbe...@li...] On Behalf Of Keehn, Damien Sent: Thursday, September 28, 2006 11:29 PM To: wbe...@li... Subject: Re: [Wbemservices-development] Wbemservices-development Digest,Vol 4, Issue 7 Dear Eric, SSL does not work in the available source. Development on the available source has stopped as far as I can see. WBEM Solutions members (Jim Davis, Carl Chan...) claim to be working on a new updated release (2.0), but I have not heard anything is quite a while. Carl, Jim what's going on? Damien Keehn ------------------------------------------------------------------------ Today's Topics: 1. Did anyone any ever try the SSL support in wbemservices? (erich) ---------------------------------------------------------------------- Message: 1 Date: Thu, 28 Sep 2006 02:35:56 +0800 From: "erich" <er...@su...> Subject: [Wbemservices-development] Did anyone any ever try the SSL support in wbemservices? To: <wbe...@li...> Message-ID: <200...@ms...> Content-Type: text/plain; charset="us-ascii" Dear Carl, Jack and all other people, I try to enable the SSL support in wbem server (the CIMOM) in wbemservices v1.0.2 by changing the port from 5988 to 5989 of the instance of WBEMServices_CIMXMLObjectManagerClientProtocolAdapter from the workshop and restart the CIMOM. I restart the workshop and try to log in with the "https://.... <https://..../> " in the "Host Url" field in the login dialog, but get an error message after a wait of several minutes. I check the source codes of v1.0.2 as well as the latest source codes from the CVS and find that the codes for the SSL support are not complete. Then, I check the email archive and find some messages about discussion about the SSL support in wbemservices: http://sourceforge.net/mailarchive/message.php?msg_id=3628948 http://sourceforge.net/mailarchive/message.php?msg_id=9623229 Is anyone still keeping those test codes of SSL support and could give them to me? Thanks for your time and kindly help in advance. Eric Hsu -------------- next part -------------- An HTML attachment was scrubbed... URL: http://sourceforge.net/mailarchive/forum.php?forum=wbemservices-developm ent/attachments/20060928/cd3867ae/attachment.html ------------------------------ ------------------------------------------------------------------------ - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys -- and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDE V ------------------------------ _______________________________________________ Wbemservices-development mailing list Wbe...@li... https://lists.sourceforge.net/lists/listinfo/wbemservices-development End of Wbemservices-development Digest, Vol 4, Issue 7 ****************************************************** ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys -- and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Wbemservices-development mailing list Wbe...@li... https://lists.sourceforge.net/lists/listinfo/wbemservices-development |
