Merge pull request #1678 from jwillemsen/jwi-ssl2

ACE SSL minor changes

3 files changed, 11 insertions, 8 deletions

diff --git a/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_Factory.cpp b/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_Factory.cpp
index 9f42eb0efb2..13a3d95679a 100644
--- a/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_Factory.cpp
+++ b/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_Factory.cpp
@@ -658,7 +658,7 @@ TAO::SSLIOP::Protocol_Factory::init (int argc, ACE_TCHAR* argv[])
               // a dh parameter file and we were unable to actually find it
               // and load from it.
               ORBSVCS_ERROR ((LM_ERROR,
-                              ACE_TEXT ("(%P|%t) - SSLIOP_Factory: ")
+                              ACE_TEXT ("TAO (%P|%t) - SSLIOP_Factory: ")
                               ACE_TEXT ("unable to set ")
                               ACE_TEXT ("DH parameters <%C>\n"),
                               dhparams_path.in () ));
@@ -668,7 +668,7 @@ TAO::SSLIOP::Protocol_Factory::init (int argc, ACE_TCHAR* argv[])
             {
               if (TAO_debug_level > 0)
                 ORBSVCS_DEBUG ((LM_INFO,
-                                ACE_TEXT ("(%P|%t) - SSLIOP_Factory: ")
+                                ACE_TEXT ("TAO (%P|%t) - SSLIOP_Factory: ")
                                 ACE_TEXT ("No DH parameters found in ")
                                 ACE_TEXT ("certificate <%C>; either none ")
                                 ACE_TEXT ("are needed (RSA) or problems ")
@@ -680,7 +680,7 @@ TAO::SSLIOP::Protocol_Factory::init (int argc, ACE_TCHAR* argv[])
         {
           if (TAO_debug_level > 0)
             ORBSVCS_DEBUG ((LM_INFO,
-                            ACE_TEXT ("(%P|%t) - SSLIOP loaded ")
+                            ACE_TEXT ("TAO (%P|%t) - SSLIOP loaded ")
                             ACE_TEXT ("Diffie-Hellman params ")
                             ACE_TEXT ("from %C\n"),
                             dhparams_path.in ()));
@@ -693,8 +693,7 @@ TAO::SSLIOP::Protocol_Factory::init (int argc, ACE_TCHAR* argv[])
   // in the underlying SSL_CTX.
   if (certificate_path.in() != 0)
     {
-      if (ssl_ctx->certificate (certificate_path.in(),
-                                certificate_type) != 0)
+      if (ssl_ctx->certificate (certificate_path.in(), certificate_type) != 0)
         {
           ORBSVCS_ERROR ((LM_ERROR,
                           ACE_TEXT ("TAO (%P|%t) - Unable to set ")
diff --git a/TAO/orbsvcs/tests/Security/BiDirectional/README b/TAO/orbsvcs/tests/Security/BiDirectional/README
index a547f6dc903..1de6290032e 100644
--- a/TAO/orbsvcs/tests/Security/BiDirectional/README
+++ b/TAO/orbsvcs/tests/Security/BiDirectional/README
@@ -1,7 +1,7 @@
 This is a test that exercises the birectional GIOP connection
 implementation in TAO over SSLIOP connection.
 
-Basicaly, the test is a copy of the $TAO_ROOT/tests/BiDirectional with
+Basically, the test is a copy of the $TAO_ROOT/tests/BiDirectional with
 added support for SSLIOP
 
 Start the server like this
diff --git a/TAO/orbsvcs/tests/Security/cert/README b/TAO/orbsvcs/tests/Security/cert/README
index e865cbcfa5a..85674d33678 100644
--- a/TAO/orbsvcs/tests/Security/cert/README
+++ b/TAO/orbsvcs/tests/Security/cert/README
@@ -2,6 +2,10 @@ This is a CA used for signing keys in the security tests.  The password for the
 
 The following steps were used to generate the cert used to test the checkhost and password features:
 
-openssl req -new -key pwTestPass_key.pem -days 9999 -out san.csr -subj "/C=US/ST=Missouri/L=St. Louis/O=Object Computing, Inc./CN=*.ociweb.com" -passin file:passwd
+openssl req -new -key pwTestPass_key.pem -out san.csr -subj "/C=US/ST=Missouri/L=St. Louis/O=Object Computing, Inc./CN=*.ociweb.com" -passin file:passwd
 
-openssl x509 -in san.csr -req -extfile x509v3conf.txt -extensions alts -out san.pem -signkey pwTestPass_key.pem -passin file:passwd
+openssl x509 -in san.csr -req -extfile x509v3conf.txt -days 9999 -extensions alts -out san.pem -signkey pwTestPass_key.pem -passin file:passwd
+
+The CA can be checked using the following commands
+
+openssl x509 -noout -text -in cacert.pem