[omniORB] Fallback from SSL to TCP on CA failure?
Peter Klotz
peter.klotz at aon.at
Thu Nov 12 21:57:32 GMT 2009
Hello Duncan
> Actually I do not want a retry in my situation. I would like to force my
> clients to use SSL although the servers have to support a plain TCP
> listen port for backward compatibility with legacy non SSL clients.
>
> Currently I am forced to also allow TCP for my clients since they
> contact omniNames without encryption.
>
> I tried running omniNames with an SSL endpoint but got this error:
>
> omniORB: ORB_init failed: unknown option (-ORBsslCAFile) in -ORB arguments
> Failed to initialise the ORB / POA: INITIALIZE_InvalidORBInitArgs
> Is omniNames already running?
>
>
> In an SSL build of omniORB omniNames does not depend on libomnisslTP4.so.
>
> Is it possible to encrypt the Naming Service communication?
Is encryption of Naming Service communication possible with omniORB?
The only other option I can think of is to use client side interceptors
that prohibit the use of plain TCP.
Regards, Peter.
More information about the omniORB-list
mailing list