Home | About | Sematext search-lucene.com search-hadoop.com
 Search Hadoop and all its subprojects:

Switch to Plain View
Avro >> mail # user >> Getting the SSL Client DN


+
Pritchard, Charles X. -ND... 2013-10-08, 18:26
+
Pritchard, Charles X. -ND... 2013-10-17, 17:11
Copy link to this message
-
Re: Getting the SSL Client DN
Hi Charles,

I am trying to work on an implementation that uses Netty + TLS - I
managed to have my code to set it up and there are several methods you
have to override in your implementation for the class that implements
the X509TrustManager interface, in particular:

  * public void checkClientTrusted(X509Certificate[] certs, String s);
  * public void checkServerTrusted(X509Certificate[] certs, String s);
  * public X509Certificate[] getAcceptedIssuers();

Is that what you were looking for ?

BTW, did you manage to successfully setup a TLS channel ? I can not find
working examples for that. I sent a message to the list this morning
about this (with some sample code), but I don't see it in the list, yet
(Subject: Re: AVRO and SSL/TLS IPC calls).

Cheers,
Max

On 10/08/2013 02:26 PM, Pritchard, Charles X. -ND wrote:
> Avro RPC has a nice example of using Netty ChannelPipeline with an SSL handler. Are there any examples of actually pulling data from that interaction?
>
> I'd like to be able to access the client certificate. It seems like this would be somewhere around addRPCPlugin but I just don't quite see how I'd get the client SSL context.
--
Best Regards,
Dr. Massimiliano Pala
Senior Security Research Scientist
DataFASCIA

+
Pritchard, Charles X. -ND... 2013-10-17, 21:28
+
Dr. Massimiliano Pala 2013-10-17, 23:16