CORBA::SSLIOPProfile - The interface for configuring SSL connections.
use lib "$ENV{OPALORB_ROOT}";
use CORBA;
use CORBA::Exception;
my $status = 0;
try {
CORBA::SSLIOPProfile::set_password_callback(\&get_password);
my $orb = CORBA::ORB_init(\@ARGV);
...
$orb->destroy();
}
catch CORBA::Exception with {
my $ex = shift;
...
$status = 1;
}
catch Error::Simple with {
my $ex = shift;
...
$status = 1;
};
exit($status);
This interface is used to configure OpenSSL. All functions should be called and environment variables set prior to initiating any connections.
clear_environment_variables - Call this function to ensure that
environment variables set prior to running your script are removed.
set_password_callback - This function will be called in the event that
the key is encrypted. It should return the password as a string.
The following environment variables are recognized:
SSL_KEY_FILE can be set to a full or relative path to a key file that is understood by OpenSSL. This defaults to certs/client-key.pem.
SSL_CERT_FILE can be set to a full or relative path to a certificate file that is understood by OpenSSL. This defaults to certs/client-cert.pem.
SSL_CA_FILE can be set to a full or relative path to a certificate authority file that is understood by OpenSSL. This is only necessary if certificate verification has been enabled. This defaults to certs/my-ca.pem
SSL_CIPHER_LIST determines which ciphers are used by OpenSSL. If clients get a CORBA::TRANSIENT exception attempting to connect to a server, it probably does not have any of the ciphers available to it. See http://www.openssl.org/docs/apps/ciphers.html#CIPHER_STRINGS for more information.