[
https://issues.apache.org/jira/browse/QPID-3914?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13253279#comment-13253279
]
Michal Zerola edited comment on QPID-3914 at 4/13/12 10:59 AM:
---------------------------------------------------------------
This patch extends the Jakub's one for the missing client file based
authentication under the Windows. A client may specify new Connection options:
- ssl-cert-filename
- ssl-cert-filenamepass
- host-cert-filename
for providing the private P12 key from the file, password for accessing this
file and finally the host public certificate from the file. If specified, the
private key is loaded from the file and used for client authentication instead
of finding the certificate in the registry based store. If the host key
filename is specified, the public key from the file attempts to be added into
the Trusted Root Certification Authority store, so the host will be trusted (I
have not found other way to trust the host other than adding the public key
into the store before the handshake). Any combination of the new connection
parameters is allowed (e.g. load private key from the file and use public host
certificate from existing registry store).
This patch increases the portability of the SSL based client applications,
where certificates can be provided with the application and there is no need to
import them by hand before executing the main application.
was (Author: zer0):
This patch extends the Jakub's one for the missing client file based
authentication under the Windows. A client may specify new Connection options:
- ssl-cert-filename
- ssl-cert-filenamepass
- host-cert-filename
for providing the private P12 key from the file, password for accessing this
file and finally the host public certificate from the file. If speficied, the
private key is loaded from the file and used for client authentication instead
of finding the certificate in the registry based store. If the host key
filename is specified, the public key from the file attempts to be added into
the Trusted Root Certification Authority store, so the host will be trusted (I
have not found other way to trust the host other than adding the public key
into the store before the handshake). Any combination of the new connection
parameters is allowed (e.g. load private key from the file and use public host
certificate from existing registry store).
This patch increases the portability of the SSL based client applications,
where certificates can be provided with the application and there is no need to
import them by hand before executing the main application.
> SSL Cleint Authentication support for the Windows C++ client
> ------------------------------------------------------------
>
> Key: QPID-3914
> URL: https://issues.apache.org/jira/browse/QPID-3914
> Project: Qpid
> Issue Type: New Feature
> Components: C++ Client
> Affects Versions: 0.14, 0.16
> Environment: Windows (all versions)
> Reporter: JAkub Scholz
> Attachments: ssl-client-auth-filecert.patch,
> ssl-client-authentication.patch
>
>
> The Windows C++ client has been missing support for the SSL Client
> Authentication - authentication using SSL certificates on the client side.
> The patch attached to this JIRA implements this feature.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org
