IIOP.NET under SSL with SSL accelerator card
viguera79 Apr 19, 2005 6:45 AMHello everybody!!
I have an EJB application running on my server. It goes under iiop+ssl and all work. My client side uses IIOP.NET and it works too.
After that, I installed a SSL accelerator card to encrypt and desencrypt the ssl traffic. So, my server is liberated. The SSL card makes that SSL traffic be transparent to the server. Then, I configure Jboss like if the traffic is not under SSL. When I run my application the following error message appear in my client side:
excepcion System.Runtime.Remoting.RemotingException: No se puede crear un receptor de canal para conectarse a la dirección URL IOR:00000000
0000003A524D493A6F72672E6A626F73732E646F63732E696E7465726573742E496E746572657374486F6D653A3030303030303030303030303030303000000000000002000
00000000000C4000102000000000E3139322E3136382E382E323236000DC80000001D4A426F73732F454A42486F6D652625496E7465726573742FACED000570000000000000
050000000000000008000000004A414300000000010000001C00000000000100010000000105010001000101090000000105010001000000190000002F00000000000000276
87474703A2F2F73736C7072756562613A383038332F576562434C5B496E7465726573745D2F00000000002000000004000000000000001F0000000400000003000000010000
00580000000000000003000000190000002F0000000000000027687474703A2F2F73736C7072756562613A383038332F576562434C5B496E7465726573745D2F00000000002
000000004000000000000001F0000000400000003. Es posible que no se haya registrado un canal correcto.
That IOR is the same that appear in Jboss when I deploy the server side of the EJB.
I contacted technical support of IIOP.NET and they said me the following:
"The problem is, that your the profiles in your IOR don't contain the SSL tagged component (TAG_SSL_SEC_TRANS). This component inside an IOR profile specifies, what's the SSL policy supported by the server, e.g. client authentication required or not.
If this component is missing, IIOP.NET is not able to connect to the server with the SSL transport. (Other Corba IIOP clients would throw a NO_PERMISSION exception in this case).
As a workaround, you could possibly try to add an IOR interceptor on the server side (install it in jacorb) to add this component.
I'm not sure, how this problem is solved in the CORBA field. Are there possibly some CORBA aware SSL cards? "
Does anybody know how add this IOR interceptor?
Any help will be useful.
Thanks and best regards
Javier