<div dir="ltr"><div>Hi,</div><div><br></div><div>We are currently moving our CORBA server (Based on JacORB) towards an SSL-only configuration, i.e. we deactivate the regular CORBA port completely and allow only CORBA SSL (via ssliop). Our clients are based on OmniORB and we currently try to find an OmniORB configuration that works both for a CORBA server which supports (a) both plain CORBA and CORBA SSL and (b) only CORBA-SSL [To clarify: The expectation is, that the client is connecting via CORBA SSL, but should not know whether the server accepts either both CORBA SSL and plain CORBA or only CORBA SSL].</div><div><br></div><div>During my experiments I stumbled across the following issue when CORBA callbacks are involved (That is: The OmniORB client registers a callback on the
JacORB server).</div><div><br></div><div>Originally I had the following set in the OmniORB configuration:</div><div><br></div><div>clientTransportRule = * ssl,unix,tcp,bidir</div><div><br></div><div>serverTransportRule = * ssl,unix,tcp,bidir</div><div><br></div><div>endPoint = giop:ssl::<br> = giop:tcp::</div><div><br></div><div>(A) My expectation was that under these client settings of
endPoint giop:ssl::would be still preferred regardless of the server constraints, but that doesn't seem to hold. If the server is configured SSL-only, the client callback waits endlessly and is not called (without producing a CORBA connection error visible in the omniORB log file even under traceLevel=40. I found that it is required to set</div><div><br></div><div>
<div></div><div>endPoint = giop:ssl::</div><div><br></div><div>to ensure that a client callback is called regardless whether the server is configured SSL-only or not. Is this behaviour expected and my chosen configuration the right one? What is the reason for this? </div><div><br></div><div>(B) Then I tested the same scenario using unidirectional connection instead of bidirectional configuration (The POA construction was correspondingly adjusted programmatically), i.e.</div><br></div><div>
<div></div><div>clientTransportRule = * ssl,unix,tcp</div><div><br></div><div>serverTransportRule = * ssl,unix,tcp</div><div><br></div><div>endPoint = giop:ssl::</div><div><br></div><div>Under these conditions the client callback never becomes called when being connected to a server configured as SSL-only. I'm wondering now, what kind of OmniORB setting is required to make callbacks work under such unidirectional conditions?</div><div><br></div><div>Thanks for any hint,</div><div><br></div><div>- Daniel</div><div></div>
<br></div></div>