The sample described above includes a client, AddClient.java located in the JavaClassClient/client subdirectory. This section describes how to modify this sample and import a test certificate into a keystore so that you can run the tutorial using HTTPS.
To run the test client using HTTPS, you must have Java Secure Socket Extension (JSSE) installed and configured on the client. See Chapter 5, “Using SSL in Java Clients”, in the EAServer Security Administration and Programming Guide for more information.
You must export the Jaguar Test CA using Security Manager. See the EAServer Security Administration and Programming Guide for information about starting and using Security Manager.
From Security Manager, select the CA Certificates folder.
Highlight the Sybase Jaguar User Test CA.
Select File | Export Certificate.
From the Export Certificate wizard, select the format type for the exported certificate. For the Test CA, select Binary Encode X509 Certificate. Click Next.
Select Save to File and enter the full path name to a file that will contain the test CA. Use EASTestCA as the certificate name.
Do not add any extension to the file name. A .crt extension is automatically added to the exported certificate by Security Manager.
Click Finish to export the certificate to the EASTestCA.crt.
Create a Java Keystore containing the Sybase Jaguar
test CA and mark the certificate trusted.
This procedure uses the Java keytool command to create a keystore, import the EASTestCA.crt certificate, and mark it trusted.
From the command line, go to the $JAGUAR/sample/wst_samples directory.
Enter this command to create the keystore named EASTestCA.jks and install EASTestCA.crt, mark it trusted, and protect the keystore with the password “changeit”:
<path_to_JDK_1.3>/bin/keytool -import -v -trustcacerts -alias eastestca -file EASTestCA.crt -keypass changeit -keystore EASTestCA.jks
The Java keytool command requires you to answer two questions. Here are the questions, answers you should provide, and output:
Enter keystore password: changeit
Owner: L=Sybase Jaguar User Test Locality, O=Sybase Jaguar User Test, CN=Sybase Jaguar User Test CA (TEST USE ONLY) Issuer: L=Sybase Jaguar User Test Locality, O=Sybase Jaguar User Test, CN=Sybase Jaguar User Test CA (TEST USE ONLY) Serial number: 1 Valid from: Fri Oct 16 11:02:16 PDT 1998 until: Thu Oct 16 11:02:16 PDT 2003 Certificate fingerprints: MD5: 5B:66:65:6A:4F:11:41:7C:B4:9B:17:CF:30:61:26:5F SHA1: B5:38:55:36:E2:FF:F2:28:5E:45:80:94:BF:54:20:96:28:5B:CC:F8
Trust this certificate? [no]: yes
Certificate was added to keystore [Saving EASTestCA.jks]
Make these changes to the AddClient.java file. When you run the program, the client will connect to the listener at port 8081. This tutorial assumes that you are running the client on the same machine as your EAServer installation.
modify AddClient.java as follows:
import java.net.URL;
import java.net.MalformedURLException;
import java.security.Security;
import java.io.File;
public class AddClient
{
public static void main(String[] args)
{
...
String jksStore=
".." + File.separator + ".." + File.separator +
"EASTestCA.jks";
System.setProperty("javax.net.ssl.trustStore", jksStore);
System.out.println("Set system property " +
javax.net.ssl.trustStore to " + jksStore);
// Dynamically register the JSSE provider
Security.addProvider(new
com.sun.net.ssl.internal.ssl.Provider());
context = new AddNumbers_ServiceLocator();
URL newURL = null;
try
{
newURL =
new URL("https://localhost:8081/AddSample/services/AddNumbers");
}
catch(MalformedURLException me)
{
me.printStackTrace();
return;
}
System.out.println("Connecting to: " + newURL.toString());
client = context.getAddNumbers(newURL);
Change to the JavaClassClient/client subdirectory and compile and run the test client. For example:
$JAGUAR/bin/wstant compile run -Dnum1=5 -Dnum2=8
