[Pharo-users] SSL client certificates

Norbert Hartl norbert at hartl.name
Thu Jan 14 06:12:24 EST 2016


> Am 12.01.2016 um 16:25 schrieb Sven Van Caekenberghe <sven at stfx.eu>:
> 
> Given a ZdcSecureSocketStream you can access the #sslSession. In this session object you can use #certificateName: to set the path or name of the certificate (before you #connect !). That is the general idea.
> 
> Now, I don't know if this works or not. Be prepared to look in the plugin C code! On Linux this will probably work.
> 
> And please let us know how it goes ;-)
> 
>> On 12 Jan 2016, at 16:05, Norbert Hartl <norbert at hartl.name> wrote:
>> 
>> Is there a way to make SSL connections to the outside world using client certificates from pharo?
>> 

There were some issues with certificates. I tested a lot but did an error on the way. Now I did everything again like creating certificates etc. I could establish a connection from a linux machine. At least it doesn't signal anything an tells it is connected. On Mac OS it does not work.
I think it has something to do with the certificate authority. On linux the CA of the apple server is installed system wide. The SSL plugin code only looks for the certificate and the key but not for the CA. So under linux it finds it in the system but on Mac OS I couldn't do the same. I imported the CA in the keychain but openssl does not seem to find it there. 

Norbert






More information about the Pharo-users mailing list