Story #3342
support use of dataone-trusted-CAs in libclient_java and python
100%
Description
Current implementations rely on the the system's list of trusted certificates (commercially available and standard set) for establishing trust with dataone services. However, not all institutions can provide (afford) to use commercial CAs to sign their server certificates. DataONE has an auxiliary list of CAs that it trusts but does not incorporate automatically into their truststores.
Ideally, this could be contained in d1_libclient implementations, and an easy updating mechanism put in place for deployed client software to update when needed.
as in: customer says "Morpho stopped working, won't connect to this member node" support says, "download this to here, restart Morpho and try again".
Subtasks
History
#1 Updated by Rob Nahf over 11 years ago
- Status changed from New to In Progress
#2 Updated by Chris Jones over 11 years ago
- Due date changed from 2012-10-27 to 2013-01-05
- Target version changed from Sprint-2012.41-Block.6.1 to Sprint-2012.50-Block.6.4
#3 Updated by Rob Nahf over 11 years ago
- Status changed from In Progress to Closed
de facto tested in practice and working
