Article delegate-en/3661 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
[Reference:<_A3647@delegate-en.ML_>]
Newsgroups: mail-lists.delegate-en

[DeleGate-En] Re: Questions about SSLway
18 Mar 2007 05:57:41 GMT "Kwis Angelo" <phyhabdyi-ecr676v4so5r.ml@ml.delegate.org>


Hi Yutaka,

Thanks for your response.

I have another question to ask you.  The SSL site for which we want to
establish a session with, wanted to do a client authentication.  How do we
generate a client certificate for Delegate?  And how do we instruct Delegate
to send this certificate to the SSL server during authentication?

Thanks again!
Chris


On 3/10/07, Yutaka Sato <feedback@delegate.org> wrote:
>
> Hi,
>
> In message <_A3646@delegate-en.ML_> on
> 03/09/07(18:40:30)
> you "Kwis Angelo" <phyhabdyi-ecr676v4so5r.ml@ml.delegate.org> wrote:
> |I just downloaded Delegate 9.5.1 source and compiled it on Suse Linux 8.
> |
> |I then ran Delegate with the following command:
> |
> |./delegated -v -P8081 SERVER=http FSV=sslway MOUNT="/* https://host/*"
> |
> |The process started properly and after some tests, I can confirm that
> |protocol conversion between HTTP and HTTPS is actually being performed
> fine
> |:-)
> |
> |I have however some questions:
> |
> |1.) From the SSL-related article "http://www.delegate.org/delegate/ssl/",
> it
> |says there that to use sslway, one must do a  "make -f Makefile.gosslway"
> |at filters/ directory, and then put the sslway executable in
> "DGROOT/lib".
> |I didn't actually do this -- I straight out ran Delegate with the command
> I
> |stated above.  I thought that not having sslway would somehow cause SSL
> not
> |to work.  But it did work fine.  Can you please calrify?
>
> As written in the top of page, the document is obsoleted and you should
> read
> <URL:http://www.delegate.org/delegate/tls/>
> DeleGate after 9.0.1 does not need sslway as a external command but it
> uses the
> built-in version by default, and has a default certificate built into it
> too.
>
> |2.) How do I instruct Delegate not to establish sessions with HTTPS sites
> |not having a trusted Root CA?
>
> For example, put the CA's certicicate at DGROOT/etc/pems/cacert.pem and
> use
> it for verification as follows:
>
>   FSV="sslway -Vrfy -CAfile pems/cacert.pem"
>
> Cheers,
> Yutaka
> --
>   9 9   Yutaka Sato <y.sato@delegate.org> http://delegate.org/y.sato/
> ( ~ )  National Institute of Advanced Industrial Science and Technology
> _<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
> Do the more with the less -- B. Fuller
>


  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V