To access the Web Service with SSL protocol, specify the values for the properties supported in JDK and set up the information about the SSL protocol. The following table describes the properties for connection by SSL protocol and the specified contents.

Table 10-15 Properties for connection by SSL protocol

Specify these properties as and when required. If trust store is not specified, the default value such as JDK-installation-directory/lib/security/jssecacerts is used.

For the JDK properties, see the JDK documentation.

To enable the value specified for a property, specify the properties in the system property. How to set up a property differs depending on the execution of the Web Service client.

• When executing the Web Service client using commands
  When you execute the Web Service client using the command (cjclstartap), set up the properties of JavaVM in the user property file for Java applications (usrconf.properties).
  
• When executing the Web Service client on J2EE servers
  When you execute the Web Service client on J2EE servers, set up the properties of JavaVM in the user property file for J2EE server (usrconf.properties).
  

The following is an example of setting the properties:

javax.net.ssl.trustStore=trust-store
javax.net.ssl.trustStorePassword=trust-store-password

There is no fixed location for adding the settings of the properties.

When connecting from a Web Service client to a Web Service supporting the SSL protocol, validate whether the host name to be included in the end point address matches with the host name in the certificate. The HostnameVerifier to be used is the default implementation of JDK. For the operation of the default HostnameVerifier of JDK, see the JDK documentation.

You can skip the host name validation by configuring the settings in the action definition file or message context. The following table describes the properties and the specified content for skipping the host name validation.

Table 10-16 Properties for skipping host name validation

Legend:

O: Indicates that the property is to be specified as and when required.

Notes on skipping the host name validation

• The specification to a message context is enabled only when calling Web Service and the specification is not enabled when acquiring the meta data (WSDL) generated when creating the javax.xml.ws.Service class before calling Web Service.
  For setting whether to verify a host name when acquiring the meta data, either code in a common definition file or a process wise definition file, or download and use a separate WSDL on the local machine (If you use a WSDL existing on the local machine, connection to a remote machine is not established when you acquire the meta data). If a WSDL to be imported separately from a WSDL already exists, also download the WSDL to be imported on the local machine.
  
• If the application of the host name validation differs among the multiple Web Service clients operating in a process, do not include the properties in a process wise definition file or a common definition file. Include the properties only in the message context.
  Similarly, if the application of the host name validation differs among multiple processes operating on a system, do not include the properties in a common definition file. Include the properties only in a process wise definition file or in the message context.
  

For details on how to set up the properties in an action definition file, see 10.1.2 Settings for a common definition file. For details on how to set up the properties in the message context, see 19.2.5 Using the message context.