| From: | Neil Macneale <mac4-pg(at)theory(dot)org> |
|---|---|
| To: | pgsql-jdbc(at)postgresql(dot)org |
| Subject: | Re: 8.1 Build 405 JDBC and certificate trasnfer |
| Date: | 2006-02-19 11:01:23 |
| Message-ID: | 43F85003.8080001@theory.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-jdbc |
Andrew Madu wrote:
> Hi,
> can anyone confirm with me whether this driver supports certificate
> transfer via the inclusion of root.crt in the data folder yet?
>
> regards
>
> Andrew
I sure hope it doesn't, because I am putting together a patch to fix
this:-) Attached is a patch to support client certificate
authentication, to some degree. It has a limitation that your trust
store must be the same as your key store. It is also completely
uncommented, but it's not that complicated.
The patch contains two things. First a change to MakeSSL which allows
the user specified SSLSocketFactory to be constructed with the "info"
Properties Object. I don't know if the postgresql JDBC veterans condone
this, but there are simply to many configuration options to be contained
in a simple string. (key word being simple). The second is a new class
called ValidatingFactory, which is a SSLSocketFactory implementation
which does the work required.
Also included is a simple class file with a main method to show how to
use the class.
Like I said, I'm not done with the patch, but I figured since someone
asked about it I may was well pipe up. It would be nice to get comments
anyway!
Cheers,
Neil
| Attachment | Content-Type | Size |
|---|---|---|
| Client.java | text/plain | 1.3 KB |
| patch.txt | text/plain | 4.7 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andrew Madu | 2006-02-19 11:21:36 | Re: 8.1 Build 405 JDBC and certificate trasnfer |
| Previous Message | Konstantinos Agouros | 2006-02-19 10:55:43 | ResultSet.getDate throws too long |