You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@mina.apache.org by "Alan D. Cabrera" <li...@toolazydogs.com> on 2008/02/09 18:40:51 UTC
[AsyncWeb] SSL server and client certs
I need this. What will it take for me to add it? It looks like it I
need to flesh out that trust factory.
Regards,
Alan
Re: [AsyncWeb] SSL server and client certs
Posted by Sangjin Lee <sj...@gmail.com>.
The way it stands now, AHC takes a javax.net.ssl.SSLContext object as a way
to configure/handle SSL. While this provides a maximum flexibility (one can
create any type of configuration and trust/key management as he/she sees
fit), perhaps one could use easier steps of providing more standard options
in trust/key management in creating SSLContext.
Thanks,
Sangjin
On Feb 9, 2008 9:58 AM, Jeff Genender <jg...@apache.org> wrote:
> Look in the Trust Factory..that is exactly where you need to look.
>
> Currently the SSL impl is based on communication and anonymous only (I
> was working on the SSL client cert but got side tracked with my new job).
>
> You probably should allow for a setter that allow you to set a
> certificate object and, to make things easy on the user, a way to pull
> one from a file and keystore (Im just thing about how to make this API
> as simple as possible).
>
> The Trust Factory is exactly the area I would recommend adding the
> enhancement.
>
> Alan...this is awesome stuff...thanks for taking such an interest!
>
> Jeff
>
> Alan D. Cabrera wrote:
> > I need this. What will it take for me to add it? It looks like it I
> > need to flesh out that trust factory.
> >
> >
> > Regards,
> > Alan
>
Re: [AsyncWeb] SSL server and client certs
Posted by Jeff Genender <jg...@apache.org>.
Look in the Trust Factory..that is exactly where you need to look.
Currently the SSL impl is based on communication and anonymous only (I
was working on the SSL client cert but got side tracked with my new job).
You probably should allow for a setter that allow you to set a
certificate object and, to make things easy on the user, a way to pull
one from a file and keystore (Im just thing about how to make this API
as simple as possible).
The Trust Factory is exactly the area I would recommend adding the
enhancement.
Alan...this is awesome stuff...thanks for taking such an interest!
Jeff
Alan D. Cabrera wrote:
> I need this. What will it take for me to add it? It looks like it I
> need to flesh out that trust factory.
>
>
> Regards,
> Alan