Versions Compared

Old Version 118

changes.mady.by.user Jacques Le Roux

Saved on

compared with

New Version 119

changes.mady.by.user Jacques Le Roux

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • How to use SOAP
    • A tutorial from Vincenzo Di Lorenzo, see Attachements
    • A tutorial from Opentaps documentation (version 0.9v5), see Attachements
      You could also be interested by these links
      Complex types
      Arrays
      Another approach

SSL

Translation

...

  1. REUSE REUSE REUSE. (If you don't change it, you don't have to maintain it, so don't change things just to change them)
  2. Only change copies of the OFBIZ files that are in your custom application

A David Jones's tip

Anchor
HowToSetSSL
HowToSetSSL

Configuring SSL

There are two main techniques in configuring SSL, through Apache (recommended), and through the JVM directly.

Apache

Configuring SSL through Apache is probably the preferred method, and is well documented.

JVM

It's also possible to have the SSL certificate in your JVM environment.
ALERT: TO THE BEST OF MY KNOWLEDGE, THIS CURRENTLY ISN'T WORKING. See 2 April 2004 email: Users - The problem about SSL in ofbiz3.0. Andy Zeneski writes: The HttpClient is being run from that JSP to parse a template. Since the SSL certificate is not trusted, it doesn't like the connection... When we finally get around to changing these to FTL files it willcorrect this problem.
The certificate is usually found in the $JAVA_HOME/jre/lib/security directory.

The default file that ships with OFBiz is called cacerts.

You will need to use the Java keytool utility to add certificates from other SSL sites (e.g. www.mywebsite.com) . Here is a pretty good tutorial on getting your SSL certificate setup:

http://java.sun.com/j2ee/1.4/docs/tutorial/doc/Security6.htmlImage Added

The basic steps are:

  1. Generate the server certificate. <JAVA_HOME>\bin\keytool -genkey -alias localhost -keyalg RSA -keypass changeit -storepass changeit -keystore ofbizssl.jks
  2. Export the generated server certificate in keystore.jks into the file server.cer. <JAVA_HOME>\bin\keytool -export -alias localhost -storepass changeit -file server.cer -keystore ofbizssl.jks
  3. To create the trust-store file ofbiztrust.jks <JAVA_HOME>\bin\keytool -import -v -trustcacerts -alias localhost -file server.cer -keystore ofbiztrust.jks -keypass changeit -storepass changeit

Getting an SSL Certificate

Here are some Certificate vendors (this list is from 2005)

  • Verisign
  • Thawte - Thawte Certificate ~ $350 / 2 yrs
  • Comodo
  • GeoTrust
  • FreeSSL - Professional (Not actually Free by the way)
  • CACert.org
    Budget Plans
  • FreeSSL - StarterSSL ~ 39 per year
  • Comodo - InstantSSL (Second Tier requiring multiple Certs be installed)