In this article, we show you how to deploy a JAX-WS web service on Tomcat with TLS / SSL or https secure connection enabled. Actually, the answer is quite simple, just deploys it as a normal web service and configured SSL connection on your Tomcat server properly :)
This article is just a combination of my last few posts on developing web service in SSL connection environment.
1. Configure Tomcat + SSL
For detail, see this guide – Make Tomcat to support SSL or https connection.
Basically, just buy a certificate from trusted certificate provider, or use JDK’s
keytool command to generate a dummy certificate for localhost testing. And put following portion into your Tomcat
File : $Tomcat\conf\server.xml
//... <!-- Define a SSL HTTP/1.1 Connector on port 8443 This connector uses the JSSE configuration, when using APR, the connector should be using the OpenSSL style configuration described in the APR documentation --> <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keystoreFile="c:\your keystore file" keystorePass="your keystore password" /> //...
Restart Tomcat, and now, your Tomcat is supported SSL connection, e.g https://localhost:8443
2. Deploy Web Service
Deploy it like a normal web service, see this guide – Deploy JAX-WS web services on Tomcat servlet container.
3. Test It
The configuration is done; you can access the deployed web service in SSL connection by using a normal web service client.
URL url = new URL("https://localhost:8443/HelloWorld/hello?wsdl"); QName qname = new QName("http://ws.mkyong.com/", "HelloWorldImplService"); Service service = Service.create(url, qname); HelloWorld hello = service.getPort(HelloWorld.class); System.out.println(hello.getHelloWorldAsString());
For localhost SSL testing environment, the client will hit following exceptions, please read the problem and solution below :
Your web service is in SSL protection, rather simple, no changes on the web service site; just configure your Tomcat to support SSL connection only.