Thanks for your response.
I have another question to ask you. The SSL site for which we want to
establish a session with, wanted to do a client authentication. How do we
generate a client certificate for Delegate? And how do we instruct Delegate
to send this certificate to the SSL server during authentication?
On 3/10/07, Yutaka Sato <email@example.com> wrote:
> In message <_A3646@delegate-en.ML_> on
> you "Kwis Angelo" <firstname.lastname@example.org> wrote:
> |I just downloaded Delegate 9.5.1 source and compiled it on Suse Linux 8.
> |I then ran Delegate with the following command:
> |./delegated -v -P8081 SERVER=http FSV=sslway MOUNT="/* https://host/*"
> |The process started properly and after some tests, I can confirm that
> |protocol conversion between HTTP and HTTPS is actually being performed
> |I have however some questions:
> |1.) From the SSL-related article "http://www.delegate.org/delegate/ssl/",
> |says there that to use sslway, one must do a "make -f Makefile.gosslway"
> |at filters/ directory, and then put the sslway executable in
> |I didn't actually do this -- I straight out ran Delegate with the command
> |stated above. I thought that not having sslway would somehow cause SSL
> |to work. But it did work fine. Can you please calrify?
> As written in the top of page, the document is obsoleted and you should
> DeleGate after 9.0.1 does not need sslway as a external command but it
> uses the
> built-in version by default, and has a default certificate built into it
> |2.) How do I instruct Delegate not to establish sessions with HTTPS sites
> |not having a trusted Root CA?
> For example, put the CA's certicicate at DGROOT/etc/pems/cacert.pem and
> it for verification as follows:
> FSV="sslway -Vrfy -CAfile pems/cacert.pem"
> 9 9 Yutaka Sato <email@example.com> http://delegate.org/y.sato/
> ( ~ ) National Institute of Advanced Industrial Science and Technology
> _< >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
> Do the more with the less -- B. Fuller