[jacorb-developer] jacorb dynamic loading of keys in keystore without restarting jacorb

[Wagner, Marcus (Marcus)]

Hi,

Don't know if it may work, just an idea.

I once need to place the keystore in the applications jar file. I wrote my own ssl socket factory. Within this factory you can provide an own implementation of a TrustManager and so on. This manager is use to check certificates. Perhaps you can implement your dynamic loading code and hook it in the socket factory.

Finally you say jacorb to use this socket factory using the properties:
jacorb.ssl.socket_factory
jacorb.ssl.server_socket_factory

This may help with the implementation:
http://www.obsidianscheduler.com/blog/ignoring-self-signed-certificates-in-java/

regards


 

-----Ursprüngliche Nachricht-----
Von: jacorb-developer-bounces~marcus.wagner=comergo.com at lists.spline.inf.fu-berlin.de [mailto:jacorb-developer-bounces~marcus.wagner=comergo.com at lists.spline.inf.fu-berlin.de] Im Auftrag von Radha
Gesendet: Mittwoch, 10. September 2014 10:31
An: jacorb-developer at lists.spline.inf.fu-berlin.de
Betreff: [jacorb-developer] jacorb dynamic loading of keys in keystore without restarting jacorb

Hi All,

     I have a requirement in my project where client certificates will get added/removed. So, each time jacorb has to be restarted for the taking the new keys in keystore. so, other clients connected with my client also lose the connection. Is there a way to dynamically load keys without restarting jacorb?

    In jacorb.properties file, "jacorb.security.jsse.trustees_from_ks"' if turned off, is it possible for jacrob to pickup certificates from directory at runtime?  If yes, please let me know the option related to that?

   Your help is highly appreciated.

Regards,
Radha.
_______________________________________________
jacorb-developer maillist  -  jacorb-developer at lists.spline.inf.fu-berlin.de
https://lists.spline.inf.fu-berlin.de/mailman/listinfo/jacorb-developer