Before using SSL, you must ensure that GSKit is configured, either from within the axiscpp.conf file or within your web service client application.
You must ensure that GSKit is configured before using SSL, otherwise runtime exceptions are thrown. If the configuration settings are within the axiscpp.conf file, then the client application can override these settings. The order of the configuration information is identical, regardless of its location.
To configure GSKit within the axiscpp.conf file, use the SecureInfo tag in the axiscpp.conf file to initialize the secure properties.
SecureInfo:keyRingFile, keyRingPasswordOrStash, keyRingLabel, v2CipherSpec, v3CipherSpec, tlsCipherSpec, useFIPS
Use the SetSecure method when initializing the service stub object, if you have specified a secure endpoint URL (that is, an endpoint beginning with https) as described in Securing web service communications.
void SetSecure( char * pszKeyRingFile, char * pszKeyRingPasswordOrStash, char * pszKeyRingLabel, char * pszV2CipherSpec, char * pszV3CipherSpec, char * pszTLSCipherSpec, bool bUseFIPS)
Parameter | Expected values | Description |
---|---|---|
keyRingFile | Any valid string | Full path and filename for the key ring database. |
keyRingPasswordOrStash | Any valid string | Key ring database password. |
keyRingLabel | Any valid string | Key ring database password. |
v2CipherSpec | Any valid string with the values: "01", "02" "03", "04" "06" or "07" | See note below. |
v3CipherSpec | Any valid string with the values: "00", "01" "02", "03" "04", "05" "06", "09" "35", "62" "64", "0A" "2F" or "35" | See note below. |
tlsCipherSpec | Any valid string with the values: "NONE" or "DFLT" | See note below. |
useFIPS | true or false | See note below. |
A description of these values can be found in the SSL for C Programmer’s Guide. For further information, see the SSL documentation available from the IBM Publications Center.