[omniORB] SSL security concerns with omniORB

Mike Harris mike_harris@harrisnetworks.com
Thu Oct 17 00:07:01 2002


I'm concerned about the client side certificate required for use of SSL 
with omniORB.

We'd like to use SSL with omniORB with server side certificates.  I 
understand that omniORB requires a client side certificate.  Is this 
certificate used in the establishment of a secure connection?  I would 
like to use a compromised, common client certificate (only because 
omniORB requires client side certificates) and then do my own client 
authentication to the server process over the secure session.

We do not wish to do client side certificates because of the 
operational challenges associated with it.

Mike Harris