You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@qpid.apache.org by "Michal Zerola (Issue Comment Edited) (JIRA)" <ji...@apache.org> on 2012/04/13 13:01:21 UTC
[jira] [Issue Comment Edited] (QPID-3914) SSL Cleint Authentication
support for the Windows C++ client
[ https://issues.apache.org/jira/browse/QPID-3914?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13253279#comment-13253279 ]
Michal Zerola edited comment on QPID-3914 at 4/13/12 10:59 AM:
---------------------------------------------------------------
This patch extends the Jakub's one for the missing client file based authentication under the Windows. A client may specify new Connection options:
- ssl-cert-filename
- ssl-cert-filenamepass
- host-cert-filename
for providing the private P12 key from the file, password for accessing this file and finally the host public certificate from the file. If specified, the private key is loaded from the file and used for client authentication instead of finding the certificate in the registry based store. If the host key filename is specified, the public key from the file attempts to be added into the Trusted Root Certification Authority store, so the host will be trusted (I have not found other way to trust the host other than adding the public key into the store before the handshake). Any combination of the new connection parameters is allowed (e.g. load private key from the file and use public host certificate from existing registry store).
This patch increases the portability of the SSL based client applications, where certificates can be provided with the application and there is no need to import them by hand before executing the main application.
was (Author: zer0):
This patch extends the Jakub's one for the missing client file based authentication under the Windows. A client may specify new Connection options:
- ssl-cert-filename
- ssl-cert-filenamepass
- host-cert-filename
for providing the private P12 key from the file, password for accessing this file and finally the host public certificate from the file. If speficied, the private key is loaded from the file and used for client authentication instead of finding the certificate in the registry based store. If the host key filename is specified, the public key from the file attempts to be added into the Trusted Root Certification Authority store, so the host will be trusted (I have not found other way to trust the host other than adding the public key into the store before the handshake). Any combination of the new connection parameters is allowed (e.g. load private key from the file and use public host certificate from existing registry store).
This patch increases the portability of the SSL based client applications, where certificates can be provided with the application and there is no need to import them by hand before executing the main application.
> SSL Cleint Authentication support for the Windows C++ client
> ------------------------------------------------------------
>
> Key: QPID-3914
> URL: https://issues.apache.org/jira/browse/QPID-3914
> Project: Qpid
> Issue Type: New Feature
> Components: C++ Client
> Affects Versions: 0.14, 0.16
> Environment: Windows (all versions)
> Reporter: JAkub Scholz
> Attachments: ssl-client-auth-filecert.patch, ssl-client-authentication.patch
>
>
> The Windows C++ client has been missing support for the SSL Client Authentication - authentication using SSL certificates on the client side. The patch attached to this JIRA implements this feature.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org