[Ace-users] [tao-users] ORB SSL initialization question

Douglas C. Schmidt schmidt at dre.vanderbilt.edu
Fri Feb 8 20:22:29 CST 2008 

Hi Terry,

To ensure that we have proper version/platform/compiler information,
please make sure you fill out the appropriate problem report form (PRF),
which is in

$ACE_ROOT/PROBLEM-REPORT-FORM
$TAO_ROOT/PROBLEM-REPORT-FORM

or in

$ACE_ROOT/BUG-REPORT-FORM
$TAO_ROOT/BUG-REPORT-FORM

in older versions of ACE+TAO.  Make sure to include this information
when asking any questions about ACE+TAO since otherwise we have to
"guess" what version/platform/compiler/options you've using, which is
very error-prone and slows down our responsiveness.  If you don't use
the PRF, therefore, it is less likely that someone from the core
ACE+TAO developer team will be able to answer your question.
Naturally, we encourage and appreciate other members of the ACE+TAO
user community who can respond to questions that they have the answers
to.

Thanks,

        Doug


> Now the SSL must be initialized in an ORB’s init function and there seems to have no way to switch later.
> 
> After an initialization is done, is there a way for a CORBA client’s ORB to reinitialize from SSL to non-SSL or vice versa
> (e.g. via ORB’s shutdown/destroy) so the client application doesn’t have to be restarted to turn SSL on or off for the ORB?
> 
> Steps:
> 
> 1. A CORBA client starts with SSL enabled
> 
> 2. The CORBA service to be connected is not SSL and it causes an error with the connection from the client
> 
> 3. Client turns off SSL by reinitialize the ORB (<-My question)
> 
> 4. Client reconnects to the CORBA service
> 
> I know it works if the security policy is overridden to connect in a non-SSL way if the client’s ORB is in SSL mode. But
> this needs too many changes in my project.
> 
> Another question is: is it possible to detect if the socket of an endpoint of an IOR object is listening on is SSL or
> non-SSL then the ORB can be initialized with SSL or non-SSL? In other words, given a host name and port, is it possible to
> check it is SSL socket for a CORBA end point?
> 
> Thanks for any help,
> 
> Terry
> 
> _______________________________________________
> tao-users mailing list
> tao-users at mail.cse.wustl.edu
> http://mail.cse.wustl.edu/mailman/listinfo/tao-users

More information about the Ace-users mailing list