You can use Secure Sockets Layer (SSL) to encrypt HTTP
traffic between the Java API
for XML Registries (JAXR) provider for UDDI and the UDDI registry.
About this task
To use SSL, set the JAXR client program as follows:
Procedure
- For the javax.xml.registry.queryManagerURL and javax.xml.registry.lifeCycleManagerURL
connection properties, specify a URL with the protocol https and the
appropriate port to use SSL to access the UDDI registry. The
default port of the UDDI registry for HTTPS is 9443. Often, only the
lifeCycleManager URL, that is, the UDDI Publish API URL, requires
SSL.
- Add a new security provider to the java.security.Security
object, according to the Java Secure
Sockets Extension (JSSE) implementation that is used. If
running under the JVM provided in WebSphere® Application
Server, the JSSE that is provided by IBM® is
on the classpath automatically. Use the following code to add the IBM security provider:
java.security.Security.addProvider(new com.ibm.jsse.JSSEProvider());
- Set the javax.net.ssl.trustStore system property to the
file name of the client trust store file. The client trust
store file is a Java key store
(.jks) file and must contain the server certificate of the UDDI registry.
To manage key store files, you can use the iKeyman tool.
- Set the javax.net.ssl.trustStorePassword system property.
This property is the password used to open the client trust
store file.
- Optional: If you use a JVM version that is
earlier than the version that is provided with WebSphere Application Server, you might
need to set the java.protocol.handler.pkgs system property to com.ibm.net.ssl.internal.www.protocol.
What to do next
For more information about SSL and the iKeyman tool, see
the topic about secure communications using SSL.