Menu
▾
▴
[E-devel] [PATCH] [ecore_con_url] Add CA validation control with SSL connections
|
From: PnB <Poo...@gm...> - 2010-12-30 16:32:40
|
Hello, With the ecore_con_url module, an application can take advantage of SSL/TLS connections (using HTTPS requests for instance) in order to exchange sensitive data with a server. However, the connection will always fail if the server certificate isn't signed by a certificate authority (CA) that is trusted by the system on which the application is run. There's no way to specify a custom CA to identify a specific server, or to disable CA validation for a specific connection. Also, it's not always possible (or a good solution) to add CAs to the ones the target system trusts, because admin rights are needed to do so most of the time. The attached patch adds a method to specify custom CAs to be used for validating the server certificate of a specific SSL-based request in order to fix the above-mentioned issue. That method may also be used to completely disable CA validation for the server certificate when server identification isn't needed. The javascript binding for that method is also included at the end of the patch. Please, consider that patch for inclusion in the trunk. Regards. -- PnB |