[QPID-5356] Windows can provide an unspecified client certificate in SSL negotiation - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 0.24
Fix Version/s: 0.27
Component/s: C++ Client
Labels:
None
Environment:

Windows, SSL

Description

By default, the SChannel package from Microsoft will attempt to guess an appropriate client certificate during SSL/TLS negotiation if a client certificate is requested by the server and none is supplied by the client in its credentials structure. This behavior can be changed to only work with an explicitly specified certificate (if any) by the client.

By doing so, the behavior of clients is made more consistent across platforms and this eliminates unexpected false positives in testing.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

QPID-5356-0.patch
19/Nov/13 08:02
4 kB
Clifford Jansen

Activity

People

Assignee:: Clifford Jansen

Reporter:: Clifford Jansen

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 19/Nov/13 07:58

Updated:: 03/Jun/14 15:35

Resolved:: 04/Dec/13 23:04