Great Isuru
On Mon, Apr 1, 2013 at 9:16 AM, Isuru Haththotuwa <[email protected]> wrote: > Managed to find the issue and fixed it. In the earlier implementation, it > was still checking whether the certificate is signed by an accepted CA. I > changed the implementation so that it will not check CA validity. In > addition, the host name verification is skipped as well. > > > On Fri, Mar 29, 2013 at 9:30 PM, Tharindu Mathew <[email protected]>wrote: > >> Yes, you are correct. We cannot use a separate cert for this. >> >> But, if it works for a self signed cert that you generated, it should >> work. Maybe, a security expert can help you. >> >> >> On Fri, Mar 29, 2013 at 11:38 AM, Tharindu Mathew <[email protected]>wrote: >> >>> Hi, >>> >>> There is no sensitive customer info here. Please post this to dev@ >>> >>> >>> On Fri, Mar 29, 2013 at 11:30 AM, Isuru Haththotuwa <[email protected]>wrote: >>> >>>> Hi Tharindu, >>>> >>>> Thank you for the input. >>>> >>>> On Fri, Mar 29, 2013 at 7:33 PM, Tharindu Mathew <[email protected]>wrote: >>>> >>>>> I remember Rajika having an issue with C++ bindings and thrift. I >>>>> believe we need to look into this in detail. We modified so that self >>>>> signed certificates work with Java/ Thrift. We do the same for Carbon for >>>>> the SSL verification. >>>>> >>>>> You will need to handle this from C++ side and plugin your own >>>>> verification mechanism that will just allow self signed certs. >>>>> >>>> >>>> I have already handled this from the C++ data publisher side. When I >>>> use a self signed key pair generated by myself (using openssl) other than >>>> the default key pair is in the wso2carbon.jks, it is working fine. >>>> >>>> However IMHO we can't use a separate key pair for this since then we >>>> will need to put the public certificate of this new key pair to all other >>>> carbon servers which will communicate with this BAM to publish data. That >>>> is why I tried to use the default public certificate of the BAM since then >>>> there will be no such issue. But I'm getting this validation failure when >>>> I'm trying to use the default public certificate that comes with BAM. >>>> >>>>> >>>>> On Fri, Mar 29, 2013 at 7:22 AM, Isuru Haththotuwa <[email protected]>wrote: >>>>> >>>>>> Hi, >>>>>> >>>>>> Any idea on this? We should be able to export the certificate and use >>>>>> it AFAIK. If there is any issue with this approach please let me know. >>>>>> >>>>>> >>>>>> On Fri, Mar 29, 2013 at 12:02 AM, Isuru Haththotuwa >>>>>> <[email protected]>wrote: >>>>>> >>>>>>> Hi, >>>>>>> >>>>>>> I'm getting SSL verification error with the BAM 2.2.0 public >>>>>>> certificate when I'm trying to publish data to the BAM using a C++ app. >>>>>>> I >>>>>>> exported the BAM public cert from the browser, and when I verify the >>>>>>> certificate with openssl verify command, I get the following error: >>>>>>> >>>>>>> wso2carbon.crt: C = US, ST = CA, L = Mountain View, O = WSO2, CN = >>>>>>> localhost >>>>>>> error 20 at 0 depth lookup:unable to get local issuer certificate >>>>>>> >>>>>>> Hence the SSL communication is unsuccessful between the BAM and the >>>>>>> client. Any idea on what the issue here is? >>>>>>> >>>>>>> -- >>>>>>> Thanks and Regards, >>>>>>> >>>>>>> Isuru H. >>>>>>> >>>>>>> >>>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> Thanks and Regards, >>>>>> >>>>>> Isuru H. >>>>>> >>>>>> >>>>>> >>>>>> _______________________________________________ >>>>>> Dev mailing list >>>>>> [email protected] >>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>>> >>>>>> >>>>> >>>>> >>>>> -- >>>>> Regards, >>>>> >>>>> Tharindu Mathew >>>>> >>>>> Associate Technical Lead, WSO2 BAM >>>>> Member - Data Mgmt. Committee >>>>> >>>>> blog: http://tharindumathew.com/ >>>>> M: +94777759908 >>>>> >>>> >>>> >>>> >>>> -- >>>> Thanks and Regards, >>>> >>>> Isuru H. >>>> >>>> >>>> >>> >>> >>> -- >>> Regards, >>> >>> Tharindu Mathew >>> >>> Associate Technical Lead, WSO2 BAM >>> Member - Data Mgmt. Committee >>> >>> blog: http://tharindumathew.com/ >>> M: +94777759908 >>> >> >> >> >> -- >> Regards, >> >> Tharindu Mathew >> >> Associate Technical Lead, WSO2 BAM >> Member - Data Mgmt. Committee >> >> blog: http://tharindumathew.com/ >> M: +94777759908 >> > > > > -- > Thanks and Regards, > > Isuru H. > > > -- Lakmal Warusawithana Software Architect; WSO2 Inc. Mobile : +94714289692
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
