qpid-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Cliff Jansen (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (QPID-5356) Windows can provide an unspecified client certificate in SSL negotiation
Date Tue, 19 Nov 2013 08:03:22 GMT

     [ https://issues.apache.org/jira/browse/QPID-5356?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel

Cliff Jansen updated QPID-5356:

    Attachment: QPID-5356-0.patch

Patch to force usage of supplied client certificates only

> Windows can provide an unspecified client certificate in SSL negotiation
> ------------------------------------------------------------------------
>                 Key: QPID-5356
>                 URL: https://issues.apache.org/jira/browse/QPID-5356
>             Project: Qpid
>          Issue Type: Bug
>          Components: C++ Client
>    Affects Versions: 0.24
>         Environment: Windows, SSL
>            Reporter: Cliff Jansen
>            Assignee: Cliff Jansen
>             Fix For: 0.27
>         Attachments: QPID-5356-0.patch
> By default, the SChannel package from Microsoft will attempt to guess an appropriate
client certificate during SSL/TLS negotiation if a client certificate is requested by the
server and none is supplied by the client in its credentials structure.  This behavior can
be changed to only work with an explicitly specified certificate (if any) by the client.
> By doing so, the behavior of clients is made more consistent across platforms and this
eliminates unexpected false positives in testing.

This message was sent by Atlassian JIRA

To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org

View raw message