qpid-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Michal Zerola <michal.zer...@gmail.com>
Subject Re: SSL Client Authentication support for C++ on Windows
Date Fri, 13 Apr 2012 11:32:17 GMT
Hello, I have extended the Jakub's patch for file based certificate client
authentication.

It is attached to the same  https://issues.apache.org/jira/browse/QPID-3914
JIRA issue .

This patch extends the Jakub's one for the missing client file based
authentication under the Windows. A client may specify new Connection
options:

■ssl-cert-filename
■ssl-cert-filenamepass
■host-cert-filename
for providing the private P12 key from the file, password for accessing this
file and finally the host public certificate from the file. If specified,
the private key is loaded from the file and used for client authentication
instead of finding the certificate in the registry based store. If the host
key filename is specified, the public key from the file attempts to be added
into the Trusted Root Certification Authority store, so the host will be
trusted (I have not found other way to trust the host other than adding the
public key into the store before the handshake). Any combination of the new
connection parameters is allowed (e.g. load private key from the file and
use public host certificate from existing registry store).
This patch increases the portability of the SSL based client applications,
where certificates can be provided with the application and there is no need
to import them by hand before executing the main application.

--
View this message in context: http://qpid.2158936.n2.nabble.com/SSL-Client-Authentication-support-for-C-on-Windows-tp7350387p7462400.html
Sent from the Apache Qpid users mailing list archive at Nabble.com.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@qpid.apache.org
For additional commands, e-mail: users-help@qpid.apache.org


Mime
View raw message