SSL client certificate in Maven
I use the "maven-jaxb22-plugin" to generate classes so I can call a web service written in .Net. Usually it works fine but this time, I can only access the WSDL using a client certificate through HTTPS (not available through HTTP).
I was able to make it work with SoapUI. I added the client certificate into a JKS keystore and added it to the SoapUI preferences. Then I created a new project by specifying the URL which looks like this: https://server.com/Service?wsdl. SoapUI generated the request template. I was easily able to query the web service and get a response. So this prove that the WSDL is available and the web service is working.
Now, in my pom file, I am using this plugin:
<build>
<finalName>MyService</finalName>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.1</version>
<configuration>
<source>1.7</source>
<target>1.7</target>
</configuration>
</plugin>
<plugin>
<groupId>org.jvnet.jaxb2.maven2</groupId>
<artifactId>maven-jaxb22-plugin</artifactId>
<version>0.8.3</version>
<configuration>
<extension>true</extension>
<removeOldOutput>true</removeOldOutput>
<schemaLanguage>WSDL</schemaLanguage>
<verbose>true</verbose>
<schemaIncludes>
<includeSchema>https://server.com/Service?wsdl</includeSchema>
</schemaIncludes>
</configuration>
<executions>
<execution>
<goals>
<goal>generate</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
</build>
How can I tell Maven where my client certificate is?
Thanks
You could use the Maven properties plugin or use a JVM property to provide the trust store location.
In your POM build/plugins section, add a new plugin entry, where the keystore would be YourKeyStore.jks for this example:
..
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>properties-maven-plugin</artifactId>
<version>1.0-alpha-2</version>
<executions>
<execution>
<goals>
<goal>set-system-properties</goal>
</goals>
<configuration>
<properties>
<property>
<name>javax.net.ssl.trustStore</name>
<value>${basedir}/src/test/jmeter/jmeterTrustedKeystore.jks</value>
</property>
<property>
<name>javax.net.ssl.keyStorePassword</name>
<value>changeit</value>
</property>
</properties>
</configuration>
</execution>
</executions>
</plugin>
...
You could use maven propety configuration to setup Java System properties. Be careful to set "keyStore" not "trustStore".
Also, if you are using a certificate that it's not from a valid CA you have to configure maven.wagon.http.ssl.insecure=true and maven.wagon.http.ssl.allowall=true
In your case use:
..
<executions>
<execution>
<goals>
<goal>generate</goal>
</goals>
<configuration>
<properties>
<property>
<name>javax.net.ssl.keyStore</name>
<value>yourks.jks</value>
</property>
<property>
<name>javax.net.ssl.keyStoreType</name>
<value>jks</value>
</property>
<property>
<name>javax.net.ssl.keyStorePassword</name>
<value>changeit</value>
</property>
<property>
<name>maven.wagon.http.ssl.insecure</name>
<value>true</value>
</property>
<property>
<name>maven.wagon.http.ssl.allowall</name>
<value>true</value>
</property>
</properties>
</configuration>
</execution>
</executions>
..