[ace-users] using different SSL certificates for different CORBA client connections in one programm

NEUHOFER Bernhard bneuhofer at EUROFUNK.COM
Thu Mar 24 08:45:30 CDT 2016 

Hi, everyone


TAO VERSION: 2.0.8
ACE VERSION: 6.0.8

HOST/TARGET MASCHINE:
SUSE Enterprise Linux 11 SP3

COMPILER NAME AND VERSION:
 g++ (SUSE Linux) 4.7.2 20130108 [gcc-4_7-branch revision 195014]
ace/config-linux.h

default.features
acexml        = 0
ace_for_tao   = 0
ssl           = 1
repo          = 0
minimum_corba = 0
java          = 0
zlib          = 0
zzip          = 0
ipv6          = 0
rpc           = 0
sctp          = 0
dummy_label   = 0
cidl          = 0
boost         = 0
wince         = 0
uses_wchar    = 0
ziparchive    = 0
negotiate_codesets  = 0
versioned_namespace = 0
vcl           = 0
wxWindows     = 0
motif         = 0
athena        = 0
x11           = 1
xt            = 0
tk            = 0
fl            = 0
qt            = 0
gl              = 1
ace_qtreactor   = 1
ace_xtreactor   = 1
ace_tkreactor   = 1
ace_flreactor   = 1
tao_qtresource  = 1
tao_xtresource  = 1
tao_tkresource  = 1
tao_flresource  = 1
ZIP_Wrapper     = 0
interceptors =1

SYNOPSIS:
Is there a way to register different service objects (or configurations) with different SSL Keys for different client connections within one process?

DESCRIPTION:
I want to connect with one client program simultaneously to multiple CORBA servers (with the same interface specification). All Servers use SSLIOP as transport protocol, but each server has a different SSL client/server certificate.

What I've tried so far:

* generate distinct CORBA ORBs for each client connection but the SSL configuration parameters are only loaded the first time I initialize the orb with ORB_init();
* initialize the ORB with -ORBGestalt Local
* initialize the ORB with -ORBCollocation no
* First create an ORB with no Configuration and then ORBs for each client connection (with a different ORB_init configuration for each connection)

Only one connection with the correct SSL Keys works, but all others are failing because the keys are invalid.
Is there a way to specify a SSL certificate for a specific client connection?

Thanks!




Bernhard Neuhofer
eurofunk Kappacher GmbH
Web: <www.eurofunk.com>
Eurofunk-Straße 1 - 6
A-5600 St. Johann/Pg.
Österreich

More information about the ace-users mailing list