An SSL callback class must implement the CtsSecurity.SSLCallback interface (described in the Interface Repository Documentation at http://hostname:portnumber/ir/CtsSecurity__SSLCallback.html, where hostname is the host on which EAServer is running, and portnumber is the HTTP listener number (8000 for example). The ORB invokes callback methods when required SSL settings have not been configured or a setting has an incorrect value. To install the callback, call SSLServiceProvider.setGlobalProperty to set the callbackImpl property, as in the example below:
sslprov.setGlobalProperty("callbackImpl",
"Sample.ClientSSL.SSLCallbackExample.SSLCallbackExampleImpl");
The SSLCallback method is trustVerify, which is called when the correct PIN for the certificate database has not been set, or if the server has presented a questionable certificate. The callback response determines whether the connection is allowed and, optionally, whether the certificate should be added to the local EAServer client certificate database.
You must implement this method in your class. If your implementation of a method does not process the request, throw an org.omg.CORBA.NO_IMPLEMENT exception so that the ORB uses the default response.
For more information about the callback method, see the documentation for the CtsSecurity::SSLCallback interface in the generated Interface Repository documentation.
