[ http://issues.apache.org/jira/browse/GERONIMO-2002?page=comments#action_12383187 ]
Rick McGuire commented on GERONIMO-2002: ---------------------------------------- Ok, another question as I drill a little deeper into this. The server side of the CORBA connection requires creating an SSLServerSocketFactory instance (which KeystoreManager handles). The client side requires creating an SSLSocketFactory instance (which is not currently handled by the KeystoreManager API, but I'll add that). The client and server ends do not necessarily need to be configured with the same truststore and keystore values (but they can be). Which approach should be used here: 1) Single set of properties used to configure both the client-side and server-side connections. Note that an ORB may require both types since it can be acting as both a server and a client to access remote references. 2) Different properties for the client and server. 3) Some other approach I've not considered? > OpenEJB CORBA SSL should use Keystore GBean > ------------------------------------------- > > Key: GERONIMO-2002 > URL: http://issues.apache.org/jira/browse/GERONIMO-2002 > Project: Geronimo > Type: Improvement > Security: public(Regular issues) > Components: security, CORBA > Versions: 1.1 > Reporter: Aaron Mulder > Fix For: 1.1 > > OpenEJB initializes CORBA using a plain SSL socket factory and therefore only > sees SSL keystore/trust store settings configured as system properties. We > should change this to use the KeystoreManager API instead. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira
