[omniORB] ssl initialization
Norrie Quinn
norrie.quinn@tumbleweed.com
Tue, 14 May 2002 17:40:41 -0700
Thanks David,
> Firstly, I found if you include <omniORB4/sslContext.h> then you MUST
> initialise the sslContext static members
> sslContext::certificate_authority_file
> sslContext::key_file
> sslContext::key_file_password
> and they must be valid and correct, otherwise omniORB will raise and
> exception.
Provided that these are initialized and correct, everything works as
expected (tcp or ssl or both). My problem is that these now *must* be
initialized and correct even if a particular application is tcp only and
does not include sslContext.h.
> I admit it is a pain especially because of the exception on
> exit, which you
> can't seem to catch anywhere??
I havn't seen an exception on exit (at least not due to ssl).
> Do you mean that nthere is no SSL support on the current build? (I'm
> currently using a December 2001 build and have been thinking
> of refreshing
> the build but if there is no SSL support, I'm in trouble)
No SSL support has not been removed :)
What I meant was just about every configuration option can now be specified
in either omniORB.cfg (or the registry), the environment or the command
line. These three ssl configs cannot be set in the cfg must be initialized
in the app? Is there any reason why I should try to add them?
Norrie
> -----Original Message-----
> From: David Bellette [mailto:david.bellette@nec.com.au]
> Sent: Tuesday, May 14, 2002 5:19 PM
> To: Norrie Quinn; omniorb-list@omniorb.org
> Subject: Re: [omniORB] ssl initialization
>
>
> Hi Norrie,
>
> Yes, I managed to work around this problem.
>
> Firstly, I found if you include <omniORB4/sslContext.h> then you MUST
> initialise the sslContext static members
> sslContext::certificate_authority_file
> sslContext::key_file
> sslContext::key_file_password
> and they must be valid and correct, otherwise omniORB will raise and
> exception.
>
> If you DO want SSL support, use "-ORBendPoint giop:ssl::" on
> the command
> line
> If you DON'T use -ORBendPoint giop:tcp::"
>
> I admit it is a pain especially because of the exception on
> exit, which you
> can't seem to catch anywhere??
>
> If anyone else has any input, I'd be glad to look at it.
>
> > Also, is there any reason why these configurations were
> ommitted from the
> > new omniORB4 configuration options?
> > sslContext::certificate_authority_file
> > sslContext::key_file
> > sslContext::key_file_password
>
> Do you mean that nthere is no SSL support on the current build? (I'm
> currently using a December 2001 build and have been thinking
> of refreshing
> the build but if there is no SSL support, I'm in trouble)
>
> Regards
> David
>
>
>
>
> ----- Original Message -----
> From: "Norrie Quinn" <norrie.quinn@tumbleweed.com>
> To: <omniorb-list@omniorb.org>
> Sent: Wednesday, May 15, 2002 8:31 AM
> Subject: [omniORB] ssl initialization
>
>
> > Hi,
> >
> > I'm trying to optionally use the ssl transport in omniORB4
> and have built
> > the ORB with ssl support. The ssl transport works fine,
> but it seems that
> > if I don't configure valid certificates (i.e. when an
> application does
> not
> > plan to use the ssl transport), ORB_init will throw. Does
> anyone know if
> it
> > is possible (without modifiying the source) to only use the
> tcp transport
> > and not have to configure valid certificates with an ssl
> enabled build?
> >
> > Also, is there any reason why these configurations were
> ommitted from the
> > new omniORB4 configuration options?
> > sslContext::certificate_authority_file
> > sslContext::key_file
> > sslContext::key_file_password
> >
> > Thanks
> > Norrie
> > _______________________________________________________________
> > Norrie Quinn 650 216 2533
> > Tumbleweed Communications Corp. norrie.quinn@tumbleweed.com
> >
> >
> >
>
>