使用CXF Spring配置的SSL安全Web服务客户端

Question

我需要使用CXF Spring配置创建SSL安全Web服务客户端，我想知道如何告诉CXF使用我密钥库中的客户端证书？是否需要在WEB-INF下创建cxf.xml文件？如果是，我应该在那里包括什么？

我只需要客户端，因为服务器端是一个第三方供应商即时通讯连接。

我的pom中确实有以下依赖项

​

 <groupId>org.apache.cxf</groupId>
        <artifactId>cxf-rt-frontend-jaxws</artifactId>
        <version>${cxf.version}</version>
    </dependency>
    <dependency>
        <groupId>org.apache.cxf</groupId>
        <artifactId>cxf-rt-transports-http</artifactId>
        <version>${cxf.version}</version>
    </dependency>

谢谢!

Answer 1

我也有同样的问题，没有找到一个spring的方法来配置它。所以我做了this。

Answer 2

http://cxf.apache.org/docs/client-http-transport-including-ssl-support.html#ClientHTTPTransport%28includingSSLsupport%29-ConfiguringSSLSupport怎么样？

<http:conduit name="{http://apache.org/hello_world}HelloWorld.http-conduit">
<http:tlsClientParameters>
  <sec:keyManagers keyPassword="password">
    <sec:keyStore type="JKS" password="password"
                  file="my/file/dir/Morpit.jks"/>
  </sec:keyManagers>
  <sec:trustManagers>
    <sec:keyStore type="JKS" password="password"
                  file="my/file/dir/Truststore.jks"/>
  </sec:trustManagers>
  <sec:cipherSuitesFilter>
    <!-- these filters ensure that a ciphersuite with export-suitable or null encryption is used, but exclude anonymous Diffie-Hellman key change as
         this is vulnerable to man-in-the-middle attacks -->
    <sec:include>.*_EXPORT_.*</sec:include>
    <sec:include>.*_EXPORT1024_.*</sec:include>
    <sec:include>.*_WITH_DES_.*</sec:include>
    <sec:include>.*_WITH_AES_.*</sec:include>
    <sec:include>.*_WITH_NULL_.*</sec:include>
    <sec:exclude>.*_DH_anon_.*</sec:exclude>
  </sec:cipherSuitesFilter>
</http:tlsClientParameters>
<http:authorization>
  <sec:UserName>Betty</sec:UserName>
  <sec:Password>password</sec:Password>
</http:authorization>
<http:client AutoRedirect="true" Connection="Keep-Alive"/>
</http:conduit>