Apache CXF Exception in SSL communication: SocketTimeOut

Question

So here\'s the deal. I have a web service WSDL that I need to make SOAP calls to outside my corporate network. The webservice is HTTPS SOAP, and requires a client certificate.

Answer 1

OMG! I figured it out.

So I went traipsing through the interwebs and found this little gem:

How to configure SoapUI with client certificate authentication

And it references a very important note from Oracle/Sun:

Transport Layer Security (TLS) Renegotiation Issue Readme

Applications that receive a renegotiation request from the peer will respond according to the type of connection in place:

TLSv1: A warning Alert message of type "no_renegotiation(100)" will be sent to the peer and the connection will remain open.

then, further down:

Renegotiations can be re-enabled for those applications that need it by setting the new system property sun.security.ssl.allowUnsafeRenegotiation to true before the JSSE library is initialized. There are several ways to set this property:

1. Command Line:

   % java -Dsun.security.ssl.allowUnsafeRenegotiation=true Main

2. Java Control Panel (Java Plug-in / Java Web Start) - Runtime Environment.

3. Within the application:

   java.lang.System.setProperty("sun.security.ssl.allowUnsafeRenegotiation", true);

Note that TLS/SSL renegotiation will not occur unless both client and server have enabled renegotiations.

So the long and short of it? System.setProperty("sun.security.ssl.allowUnsafeRenegotiation", "true");

And things. Just. Work.