[Ace-users] Re: [tao-users] Getting SSL-Certificate for object reference via SSLIOP connection

rene.lehfeld at nsn.com rene.lehfeld at nsn.com
Tue Jun 19 10:36:18 CDT 2007

Hi all.

Unfortunately the SSLIOP_Current always throws NO_CONTEXT within send_request of an client request interceptor.

Does there exists another method?


>-----Original Message-----
>From: ext Chris Cleeland [mailto:cleeland at ociweb.com] 
>Sent: Monday, 18 June, 2007 17:51
>To: Lehfeld Rene (NSN - DE/Duesseldorf)
>Cc: tao-users at cse.wustl.edu
>Subject: Re: [tao-users] Getting SSL-Certificate for object 
>reference via SSLIOP connection
>On Jun 18, 2007, at 10:27 AM, <rene.lehfeld at nsn.com> wrote:
>> Does there exists a possibility to get the SSL-Certificate for an 
>> object reference when connected via SSLIOP?
>Certificates are not associated with objects; they are 
>associated with endpoints of an SSL session.  You may already 
>realize this, but it's a significant enough distinction that I 
>wanted to point it out before you designed a system around an 
>erroneous assumption.
>Based on that clarification, then, you want to be able to 
>inspect the server-side's certificate from the client side?  
>I'm not sure that's possible from application space, and, 
>based on how TAO uses connections, I'm not quite sure how it 
>would be possible.
>> It seems the SSLIOP_Current Object can only be used within a sever 
>> object when a request come in. I need it in the "opposite" direction.
>Have you tried using a client request interceptor and 
>accessing SSLIOP_Current in the send_request() interception 
>point?  This is the only place I can think of where it might 
>work, because the ORB should have assigned a transport (i.e., 
>a connection) at that point.
>Chris Cleeland, Principal Software Engineer 
>http://www.theaceorb.com AND http://www.ociweb.com

More information about the Ace-users mailing list