No matter which option you try, there is no way to turn off verifying
service's certficate in a client. In other words, you have to go to the
cacerts and add the service's certificate to the jre's trust store.
# IIOP/SSL parameters (numbers are hex values, without the leading "0x"):
# NoProtection = 1
# EstablishTrustInClient = 40
# EstablishTrustInTarget = 20
# mutual authentication = 60
# please see the programming guide for more explanation
A workaround is to use this setting with a no trust check :
BTW, the NoProtection = 1 ( I think it means no authentication for both client/
server) cannot work at all because checkSSL method will check if the minimum
option masked with it is 0 then SSL is not selected at all.
This bug needs bug 820 to fix first since the configuration properties are read
incorrectly as non-hex.
I think this is fixed in CVS - please retest and reopen if required.
Using NoProtection = 1 still doesn't work on the client. There is an handshake exception:
org.omg.CORBA.COMM_FAILURE: IOException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: No trusted certificate found vmcid: 0x0 minor code: 0 completed: No
This workaround is still needed:
Jacorb 3.3 stable release
Can you please supply the configuration you are using (ideally a test case) ?