synapse-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Asankha C. Perera" <asan...@apache.org>
Subject Re: Supporting Multiple SSL Configurations at Sender
Date Mon, 20 Jul 2009 18:31:05 GMT
Andreas
> Indika,
>
> What do you mean exactly by "enable to represent multiple identities
> by synapse itself"?
>   
Typically Customer A may give Synapse a certificate signed by itself,
and ask Synapse to use it when talking to it. Similarly Customer B could
do that. This means, that depending on the endpoint Synapse talks to, it
needs to use a 'selected' identity certifcate when doing 2-way SSL. I
have seen this usually happen as sometimes, large organizations have
their own CA etc.. and wants parties talking to them to use 'specific'
client certificates.

Indika is also mentioning another - slightly different scenario, where
Synapse needs to present multiple server certificates to its clients -
however, this requires listening on multiple ports - and I do not think
there is any other possibility at all to get around it. But this could
be achieved fairly easily by allowing multiple https listeners on
multiple sockets

cheers
asankha

-- 
Asankha C. Perera
AdroitLogic, http://adroitlogic.org

http://esbmagic.blogspot.com





---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@synapse.apache.org
For additional commands, e-mail: dev-help@synapse.apache.org


Mime
View raw message