You are viewing a plain text version of this content. The canonical link for it is here.

Posted to proton@qpid.apache.org by "Ken Giusti (JIRA)" <ji...@apache.org> on 2012/10/18 14:58:04 UTC

[jira] [Created] (PROTON-90) SSL: provide access to the certificate provided by the peer.

Ken Giusti created PROTON-90:
--------------------------------

             Summary: SSL: provide access to the certificate provided by the peer.
                 Key: PROTON-90
                 URL: https://issues.apache.org/jira/browse/PROTON-90
             Project: Qpid Proton
          Issue Type: New Feature
          Components: proton-c
            Reporter: Ken Giusti


Currently, the SSL implementation merely verifies that the certificate supplied by the remote is signed by the configured CA.  There is no way to extract information from that certificate - such as the CN, subject, etc.

It would be useful to provide an accessor api to get at the contents of the certificate.  This could be used by the application to, for example, verify the CN and decide whether or not to close the connection.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

[jira] [Commented] (PROTON-90) SSL: provide access to the certificate provided by the peer.

Posted by "Philip Harvey (JIRA)" <ji...@apache.org>.

    [ https://issues.apache.org/jira/browse/PROTON-90?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13504526#comment-13504526 ] 

Philip Harvey commented on PROTON-90:
-------------------------------------

Hi, do you have a view on how the api should be modified to achieve this?  The reason I ask is so PROTON-165 can expose it in a similar way.
                
> SSL: provide access to the certificate provided by the peer.
> ------------------------------------------------------------
>
>                 Key: PROTON-90
>                 URL: https://issues.apache.org/jira/browse/PROTON-90
>             Project: Qpid Proton
>          Issue Type: New Feature
>          Components: proton-c
>            Reporter: Ken Giusti
>
> Currently, the SSL implementation merely verifies that the certificate supplied by the remote is signed by the configured CA.  There is no way to extract information from that certificate - such as the CN, subject, etc.
> It would be useful to provide an accessor api to get at the contents of the certificate.  This could be used by the application to, for example, verify the CN and decide whether or not to close the connection.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira