History | Log In     View a printable version of the current page.  
   HOME       BROWSE PROJECT       FIND ISSUES   
    QUICK SEARCH:  
Issue Details (XML | Word | Printable)

Key: JRUBY-2471
Type: Bug Bug
Status: Closed Closed
Resolution: Cannot Reproduce
Priority: Major Major
Assignee: Ola Bini
Reporter: Mikko Ruohola
Votes: 0
Watchers: 1
Operations

If you were logged in you would be able to see more operations.
JRuby

Using X509 Certificate in DRb SSL Config throws an exception

Created: 29/Apr/08 09:51 AM   Updated: 14/Aug/08 04:51 AM
Component/s: OpenSSL
Affects Version/s: JRuby 1.1.1
Fix Version/s: None

Time Tracking:
Not Specified

File Attachments: 1. File cacert.pem (1 kb)
2. File cert_localhost.pem (1 kb)
3. File localhost_keypair.pem (0.9 kb)
4. File x509.trace (5 kb)
Environment:
Ubuntu Hardy Heron 64bit on Intel Core 2 Duo
JRuby 1.1.1
jruby-openssl 2.2.1


 Description  « Hide
Code below produces and error described in the attachemnt x509.trace, Removing SSLCertificate line prevents exception, but is clearly broken, because this configuration worked ok with ruby.

— Code —
config = {
:SSLVerifyMode => OpenSSL::SSL::VERIFY_PEER,
:SSLCACertificateFile => "ssl/CA/cacert.pem",
:SSLPrivateKey =>
OpenSSL::PKey::RSA.new(File.read(File.join(File.dirname(_FILE_),"../config/ssl/polarfox/polarfox_keypair.pem"))),
:SSLCertificate =>
OpenSSL::X509::Certificate.new(File.read(File.join(File.dirname(_FILE_),"../config/ssl/polarfox/cert_polarfox.pem"))),
}
DRb.start_service(nil, nil, config)

 All   Comments   Work Log   Change History      Sort Order: Ascending order - Click to sort in descending order
[ Permlink | « Hide ]
Charles Oliver Nutter - 29/Apr/08 10:55 AM
I attached three bogus cert files from Mikko that can be used to reproduce. I have not yet tried myself.

[ Permlink | « Hide ]
Ola Bini - 12/Aug/08 09:29 AM
The keypair file sadly is protected by a password, and as such cannot really be handled correctly. I would love to be able to test this myself, since the stack trace is sufficiently out of date to not tell much of anything... =/

[ Permlink | « Hide ]
Ola Bini - 13/Aug/08 12:56 PM
This is basically the only outstanding OpenSSL thing now. I would like to look at it, but I can't at the moment. I guess I'll just close this and wait for a new report.


Powered by a free Atlassian JIRA open source license for Codehaus. Try JIRA - bug tracking software for your team.
Atlassian JIRA the Professional Issue Tracker. (Enterprise Edition, Version: 3.12.2-#300) - Bug/feature request - Atlassian news - Contact Administrators