| To: | PCP Mailing List <pcp@xxxxxxxxxxx> |
|---|---|
| Subject: | Secure sockets - unnecessary client certificate initialization issue |
| From: | Ken McDonell <kenj@xxxxxxxxxxxxxxxx> |
| Date: | Tue, 16 Apr 2013 17:24:20 +1000 |
| Delivered-to: | pcp@xxxxxxxxxxx |
| User-agent: | Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130329 Thunderbird/17.0.5 |
The current code tries to load certificates for any client even those
that have no interest in using secure sockets.
This causes an empty $HOME/.pki/nssdb to be created, which is at the root of my earlier "security" issue. We should not be doing anything on the client side unless $PCP_SECURE_SOCKETS is set to something interesting in the environment. |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Secure sockets - sql method issue, Ken McDonell |
|---|---|
| Next by Date: | Secure sockets - failure with manual client certificate installation issue, Ken McDonell |
| Previous by Thread: | Secure sockets - sql method issue, Ken McDonell |
| Next by Thread: | Re: [pcp] Secure sockets - unnecessary client certificate initialization issue, Nathan Scott |
| Indexes: | [Date] [Thread] [Top] [All Lists] |