marco76/gist:5895736

## gistfile1.xml
<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xmlns:sec="http://cxf.apache.org/configuration/security"
       xmlns:http="http://cxf.apache.org/transports/http/configuration"
       xmlns:jaxws="http://java.sun.com/xml/ns/jaxws"
       xsi:schemaLocation="
      http://cxf.apache.org/configuration/security
      http://cxf.apache.org/schemas/configuration/security.xsd
      http://cxf.apache.org/transports/http/configuration
      http://cxf.apache.org/schemas/configuration/http-conf.xsd
      http://www.springframework.org/schema/beans
      http://www.springframework.org/schema/beans/spring-beans-2.0.xsd">

    <http:conduit name="*.http-conduit">

        <http:tlsClientParameters>
            <sec:keyManagers keyPassword="personalKeyPassword">
                <sec:keyStore type="JKS" password="storePassword"
                              file="/Users/java/personalKeyStore.jks"
                             />
            </sec:keyManagers>
            <sec:trustManagers>
                <sec:keyStore type="JKS" password="changeit"
                              file="/Users/java/jre/bin/cacerts"/>
            </sec:trustManagers>
            <sec:cipherSuitesFilter>
                <!-- these filters ensure that a ciphersuite with
                     export-suitable or null encryption is used,
                     but exclude anonymous Diffie-Hellman key change as
                     this is vulnerable to man-in-the-middle attacks -->
                <sec:include>.*_EXPORT_.*</sec:include>
                <sec:include>.*_EXPORT1024_.*</sec:include>
                <sec:include>.*_WITH_DES_.*</sec:include>
                <sec:include>.*_WITH_AES_.*</sec:include>
                <sec:include>.*_WITH_NULL_.*</sec:include>
                <sec:exclude>.*_DH_anon_.*</sec:exclude>
            </sec:cipherSuitesFilter>
        </http:tlsClientParameters>

        <http:client AutoRedirect="true" Connection="Keep-Alive"/>

    </http:conduit>

</beans>
	<beans xmlns="http://www.springframework.org/schema/beans"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xmlns:sec="http://cxf.apache.org/configuration/security"
	xmlns:http="http://cxf.apache.org/transports/http/configuration"
	xmlns:jaxws="http://java.sun.com/xml/ns/jaxws"
	xsi:schemaLocation="
	http://cxf.apache.org/configuration/security
	http://cxf.apache.org/schemas/configuration/security.xsd
	http://cxf.apache.org/transports/http/configuration
	http://cxf.apache.org/schemas/configuration/http-conf.xsd
	http://www.springframework.org/schema/beans
	http://www.springframework.org/schema/beans/spring-beans-2.0.xsd">

	<http:conduit name="*.http-conduit">

	<http:tlsClientParameters>
	<sec:keyManagers keyPassword="personalKeyPassword">
	<sec:keyStore type="JKS" password="storePassword"
	file="/Users/java/personalKeyStore.jks"
	/>
	</sec:keyManagers>
	<sec:trustManagers>
	<sec:keyStore type="JKS" password="changeit"
	file="/Users/java/jre/bin/cacerts"/>
	</sec:trustManagers>
	<sec:cipherSuitesFilter>
	<!-- these filters ensure that a ciphersuite with
	export-suitable or null encryption is used,
	but exclude anonymous Diffie-Hellman key change as
	this is vulnerable to man-in-the-middle attacks -->
	<sec:include>._EXPORT_.</sec:include>
	<sec:include>._EXPORT1024_.</sec:include>
	<sec:include>._WITH_DES_.</sec:include>
	<sec:include>._WITH_AES_.</sec:include>
	<sec:include>._WITH_NULL_.</sec:include>
	<sec:exclude>._DH_anon_.</sec:exclude>
	</sec:cipherSuitesFilter>
	</http:tlsClientParameters>

	<http:client AutoRedirect="true" Connection="Keep-Alive"/>

	</http:conduit>

	</beans>