Hello, I have extended the Jakub's patch for file based certificate client authentication.
It is attached to the same https://issues.apache.org/jira/browse/QPID-3914 JIRA issue . This patch extends the Jakub's one for the missing client file based authentication under the Windows. A client may specify new Connection options: ■ssl-cert-filename ■ssl-cert-filenamepass ■host-cert-filename for providing the private P12 key from the file, password for accessing this file and finally the host public certificate from the file. If specified, the private key is loaded from the file and used for client authentication instead of finding the certificate in the registry based store. If the host key filename is specified, the public key from the file attempts to be added into the Trusted Root Certification Authority store, so the host will be trusted (I have not found other way to trust the host other than adding the public key into the store before the handshake). Any combination of the new connection parameters is allowed (e.g. load private key from the file and use public host certificate from existing registry store). This patch increases the portability of the SSL based client applications, where certificates can be provided with the application and there is no need to import them by hand before executing the main application. -- View this message in context: http://qpid.2158936.n2.nabble.com/SSL-Client-Authentication-support-for-C-on-Windows-tp7350387p7462400.html Sent from the Apache Qpid users mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
