You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@qpid.apache.org by "Cliff Jansen (JIRA)" <ji...@apache.org> on 2013/11/19 09:03:22 UTC

[jira] [Updated] (QPID-5356) Windows can provide an unspecified client certificate in SSL negotiation

     [ https://issues.apache.org/jira/browse/QPID-5356?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Cliff Jansen updated QPID-5356:
-------------------------------

    Attachment: QPID-5356-0.patch

Patch to force usage of supplied client certificates only

> Windows can provide an unspecified client certificate in SSL negotiation
> ------------------------------------------------------------------------
>
>                 Key: QPID-5356
>                 URL: https://issues.apache.org/jira/browse/QPID-5356
>             Project: Qpid
>          Issue Type: Bug
>          Components: C++ Client
>    Affects Versions: 0.24
>         Environment: Windows, SSL
>            Reporter: Cliff Jansen
>            Assignee: Cliff Jansen
>             Fix For: 0.27
>
>         Attachments: QPID-5356-0.patch
>
>
> By default, the SChannel package from Microsoft will attempt to guess an appropriate client certificate during SSL/TLS negotiation if a client certificate is requested by the server and none is supplied by the client in its credentials structure.  This behavior can be changed to only work with an explicitly specified certificate (if any) by the client.
> By doing so, the behavior of clients is made more consistent across platforms and this eliminates unexpected false positives in testing.



--
This message was sent by Atlassian JIRA
(v6.1#6144)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org