-
Enhancement
-
Resolution: Won't Fix
-
P3
-
None
-
1.0.1
-
sparc
-
solaris_2.5.1
=============================================================================
The TLS profile supports today certificate-based principals, i.e. if the
configuration of the JMX connector server requires TLS mutual authentication
then once the handshake has finished every operation will be executed with
a subject containing an X500Principal which identifies the certificates'
subject dn.
In J2SE 1.5, JSSE has added support for Kerberos-based TLS cipher suites. In
order to support Kerberos principals a new method has been introduced in the
SSLSession class (getPeerPrincipal()). This method returns an X500Principal of
the end-entity certiticate for X509-based cipher suites, and KerberosPrincipal
for Kerberos cipher suites.
This new method should be called by our implementation when running on J2SE 1.5
instead of SSLSession.getPeerCertificateChain() which only supports certificate
based principals.
###@###.### 2004-04-23
=============================================================================
The TLS profile supports today certificate-based principals, i.e. if the
configuration of the JMX connector server requires TLS mutual authentication
then once the handshake has finished every operation will be executed with
a subject containing an X500Principal which identifies the certificates'
subject dn.
In J2SE 1.5, JSSE has added support for Kerberos-based TLS cipher suites. In
order to support Kerberos principals a new method has been introduced in the
SSLSession class (getPeerPrincipal()). This method returns an X500Principal of
the end-entity certiticate for X509-based cipher suites, and KerberosPrincipal
for Kerberos cipher suites.
This new method should be called by our implementation when running on J2SE 1.5
instead of SSLSession.getPeerCertificateChain() which only supports certificate
based principals.
###@###.### 2004-04-23
=============================================================================