That’s good news, Marco!
All I remember was that I updated the Java keystore with certificates in the part in order to be able to use the https protocol. The IGNORECERT option can be disabled to ignore certificates.
Looking forward to your »success story«, Christian
On Mon, Dec 11, 2017 at 9:37 PM, Marco Lettere m.lettere@gmail.com wrote:
Hi again, your words put me on the right way. My doubt was how to pass the information to the http module send-request functon. After some investigation I've found out that it may be done by setting some env variables through -D in the startup scripts pointing to server and client certificates put in proper keystore and truststore. At this point http:send-request will transparently use the mutual certificate exchange without any fiddling with Java code! That's absolutely great!
Now I'm very close to the final solution and just need to relax the default hostname verifier. Anyone already did this with basex?
Thanks again for everything. Marco.
[1] java -cp "$CP" -Djavax.net.ssl.keyStore=/path/to/keystore.p12 -Djavax.net.ssl.keyStorePassword=thepass -Djavax.net.ssl.keyStoreType=PKCS12 -Djavax.net.ssl.trustStore=/path/to/trustsotre.jks -Djavax.net.ssl.trustStorePassword=thepass $BASEX_JVM org.basex.BaseXGUI "$@"
On 07/12/2017 22:02, Christian Grün wrote:
Ciao Marco.
Just wanted to be sure that there isn't a way to do everything in XQuery. Is it?
I think the HTTP Module could be used for that. What have you tried so far?
Saluti Christian