[Ace-users] [tao-users] TAO 1.3 SSL/Name Service

Steve Totten totten_s at ociweb.com
Tue Mar 11 17:34:48 CDT 2008

Hi Harry,

Harry Harcrow wrote:
> I need to clarify the description of the problem.  I did go back and 
> issue a realclean and rebuilt the 1.3 libraries.  The issue is accessing 
> the NameService using corbaloc.  I use the following string:
> -ORBInitRef 
> NameService=corbaloc:ssliop:*/hostname/*:*/sslport/*/NameService

This should work, depending upon your specific version of TAO.
The ability to use SSLIOP corbaloc URLs was added to OCI's
TAO 1.3a release in patch level 11 (TAO 1.3a_p11).  It was added
to the DOC Group repository in TAO 1.4.3.  What specific version
of TAO are you using?  (See the VERSION or the PROBLEM-REPORT-FORM
file in ACE_wrappers/TAO.)

Look for a test of this feature in
$TAO_ROOT/orbsvcs/tests/Security/ssliop_corbaloc/.  If it is
there, then the ability to use SSLIOP corbaloc URLs should work.

> When I run my server or even the nslist utility I receive a BAD_PARAM 
> error.  If I use the following string:
> -ORBInitRef NameService=file:ssliop:*/ns.ior/*

That syntax does not look correct.  Do you mean it works if you
have the Naming Service write its IOR to a file (e.g., using the
-o <filename> option), then use:

-ORBInitRef NameService=file://path/to/file/ns.ior

If you don't have the feature mentioned above (TAO 1.3a_p11 or
later, or DOC TAO 1.4.3 or later), then the only option is to use
the file:// syntax for SSLIOP.

> Then everything works fine.
> We are planning to upgrade later in the year, but have a requirement to 
> start using SSL for our communications, so we want a quicker solution 
> and was hoping to just recompile the SSL libs and run our servers 
> basically as we did. 
> Really, my question is does the corbaloc URL method not work with SSL in 
> version 1.3?

Yes, in OCI TAO 1.3a_p11 and forward.

  Steve Totten, Principal Software Engineer and Partner
  Object Computing, Inc. (OCI), St. Louis, MO, USA
  http://www.ociweb.com/  http://www.theaceorb.com/

More information about the Ace-users mailing list