Hi, For a project, we'd like to provide Web services (servicemix-http) over an SSL connection that authenticates client certificates against an LDAP server. I've been looking at the code, and I see file-based trust- and keystores, only. What I have planned so far is the following: The JSSE reference guide proposes an implementation of the X509TrustManager interface in order to customize the SSL-remote-side authentication. My idea would be to specify a new algorithm and set that on SslParameters. Then, in theory, classes using SslParameters should ask a TrustManagerFactory for the new algorithm - and get my custom implementation. My question is: would this be a feasible way of providing the outlined functionality given the 3.1.1 code as a basis? Is there a more elegant solution that I am not aware of? And - did I overlook something? Thanks in advance for any comments, Ciao, Philipp
This e-mail and any attachments may contain confidential or privileged information. Any unauthorised copying, use or distribution of this information is strictly prohibited.
