msegeya/1. Spring Boot + CXF https SOAP client.md

## 1. Spring Boot + CXF https SOAP client.md

      
    Raw
  

              1. Spring Boot + CXF https SOAP client.md
            
          
    Zeroth step(There is no certificate.)

Download certification:
openssl s_client -showcerts -connect example.com:443 </dev/null 2>/dev/null|openssl x509 -outform PEM >certfile.pem
Convert PEM to DER:
openssl x509 -outform der -in certfile.pem -out certificate.der
First step

Create java keystore and add https certification.
Generate keystore:
keytool -keystore clientkeystore -genkey -alias client
Add certification to keystore
keytool -import -v -file certicate.der -keystore clientkeystore -alias alias
Second step

CXF SOAP port add java keystore(SoapClientConfig.java).

  
## SoapClientConfig.java
@Configuration
public class SoapClientConfig {

	@Bean
	public SamplePortType samplePort(
			@Value("${sample.service.address}") String serviceAddress,
			@Value("${sample.service.keyStorePath}") String keyStorePath,
			@Value("${sample.keyStorePassword}") String keyStorePassword) {
		JaxWsProxyFactoryBean jaxWsProxyFactoryBean = new JaxWsProxyFactoryBean();
		jaxWsProxyFactoryBean.setAddress(serviceAddress);
		jaxWsProxyFactoryBean.setBindingId("http://www.w3.org/2003/05/soap/bindings/HTTP/"); // SOAP 1.2
		SamplePortType samplePortType = jaxWsProxyFactoryBean.create(SamplePortType.class);
		configureSSLOnTheClient(samplePortType, keyStorePath, keyStorePassword);
		return samplePortType;
	}

	private void configureSSLOnTheClient(Object c, String keyStorePath, String keyStorePassword) {
		Client client = ClientProxy.getClient(c);
		HTTPConduit httpConduit = (HTTPConduit) client.getConduit();
		File truststore = new File(getClass().getResource(keyStorePath).getPath());
		try {
			TLSClientParameters tlsParams = new TLSClientParameters();
			tlsParams.setDisableCNCheck(true);
			KeyStore keyStore = KeyStore.getInstance("JKS");
			keyStore.load(new FileInputStream(truststore), keyStorePassword.toCharArray());
			TrustManagerFactory trustFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
			trustFactory.init(keyStore);
			TrustManager[] tm = trustFactory.getTrustManagers();
			tlsParams.setTrustManagers(tm);
			keyStore.load(new FileInputStream(truststore), keyStorePassword.toCharArray());
			KeyManagerFactory keyFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
			keyFactory.init(keyStore, keyStorePassword.toCharArray());
			KeyManager[] km = keyFactory.getKeyManagers();
			tlsParams.setKeyManagers(km);
			httpConduit.setTlsClientParameters(tlsParams);
		} catch (Exception e) {
			System.err.println(e.getMessage());
		}
	}
}
	@Configuration
	public class SoapClientConfig {

	@Bean
	public SamplePortType samplePort(
	@Value("${sample.service.address}") String serviceAddress,
	@Value("${sample.service.keyStorePath}") String keyStorePath,
	@Value("${sample.keyStorePassword}") String keyStorePassword) {
	JaxWsProxyFactoryBean jaxWsProxyFactoryBean = new JaxWsProxyFactoryBean();
	jaxWsProxyFactoryBean.setAddress(serviceAddress);
	jaxWsProxyFactoryBean.setBindingId("http://www.w3.org/2003/05/soap/bindings/HTTP/"); // SOAP 1.2
	SamplePortType samplePortType = jaxWsProxyFactoryBean.create(SamplePortType.class);
	configureSSLOnTheClient(samplePortType, keyStorePath, keyStorePassword);
	return samplePortType;
	}

	private void configureSSLOnTheClient(Object c, String keyStorePath, String keyStorePassword) {
	Client client = ClientProxy.getClient(c);
	HTTPConduit httpConduit = (HTTPConduit) client.getConduit();
	File truststore = new File(getClass().getResource(keyStorePath).getPath());
	try {
	TLSClientParameters tlsParams = new TLSClientParameters();
	tlsParams.setDisableCNCheck(true);
	KeyStore keyStore = KeyStore.getInstance("JKS");
	keyStore.load(new FileInputStream(truststore), keyStorePassword.toCharArray());
	TrustManagerFactory trustFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
	trustFactory.init(keyStore);
	TrustManager[] tm = trustFactory.getTrustManagers();
	tlsParams.setTrustManagers(tm);
	keyStore.load(new FileInputStream(truststore), keyStorePassword.toCharArray());
	KeyManagerFactory keyFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
	keyFactory.init(keyStore, keyStorePassword.toCharArray());
	KeyManager[] km = keyFactory.getKeyManagers();
	tlsParams.setKeyManagers(km);
	httpConduit.setTlsClientParameters(tlsParams);
	} catch (Exception e) {
	System.err.println(e.getMessage());
	}
	}
	}