qpid-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF subversion and git services (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (QPID-5356) Windows can provide an unspecified client certificate in SSL negotiation
Date Wed, 04 Dec 2013 22:59:35 GMT

    [ https://issues.apache.org/jira/browse/QPID-5356?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13839451#comment-13839451

ASF subversion and git services commented on QPID-5356:

Commit 1547951 from cliffjansen@apache.org in branch 'qpid/trunk'
[ https://svn.apache.org/r1547951 ]

QPID-5356: stop default search for client certificate when not specified

> Windows can provide an unspecified client certificate in SSL negotiation
> ------------------------------------------------------------------------
>                 Key: QPID-5356
>                 URL: https://issues.apache.org/jira/browse/QPID-5356
>             Project: Qpid
>          Issue Type: Bug
>          Components: C++ Client
>    Affects Versions: 0.24
>         Environment: Windows, SSL
>            Reporter: Cliff Jansen
>            Assignee: Cliff Jansen
>             Fix For: 0.27
>         Attachments: QPID-5356-0.patch
> By default, the SChannel package from Microsoft will attempt to guess an appropriate
client certificate during SSL/TLS negotiation if a client certificate is requested by the
server and none is supplied by the client in its credentials structure.  This behavior can
be changed to only work with an explicitly specified certificate (if any) by the client.
> By doing so, the behavior of clients is made more consistent across platforms and this
eliminates unexpected false positives in testing.

This message was sent by Atlassian JIRA

To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org

View raw message