How can a non SSL based communication between Secured Server and non secure Naming Service using pkcs12 certs be established?

Resolution

The examples/vbe/security/bank_ssl example is used to configure this scenario.

 Instruction to run the example is as follows:

1.Set the VisiBroker environment by running vbroker.sh or vbroker.csh or vbroker.bat (found in /bin).

2. Compile the bank_ssl example

make -f Makefile.cpp

3. Start the naming service. ns.ior is generated in the current directory, if the nameserv is started in another directory, one needs to copy the ns.ior (i.e. the naming service ior file) to current directory.

4. Start server. You will need to change the server to register the IOR in the Naming Service.

pkcs12Server -Dvbroker.security.peerAuthenticationMode=REQUEST_AND_TRUST -Dvbroker.security.requireAuthentication=true -Dvbroker.security.alwaysSecure=false -Dvbroker.orb.initRef=corbaloc:<url>

5. Start the client. You will need to change the client to use Naming Service to get the IOR.

SecureClient -Dvbroker.security.peerAuthenticationMode=REQUEST_AND_TRUST -Dvbroker.security.alwaysSecure=false -Dvbroker.orb.initRef=corbaloc:<url>

Old KB# 26371