QuickFIX initiator certificates do not require SSL to acceptor

Question

QuickFIX initiator certificates do not require SSL to acceptor

I am working on a client API using QuickFIX, and I plan to use SSL and certificate based authentication. I created self-signed certificates for the acceptor and initiator as follows:

1) Generate and export server / acceptor certificate:

keytool -genkeypair -keyalg RSA -keysize 2048 -alias server -keystore server.jks
keytool -export -alias server -file server.cer -keystore server.jks

2) Generate and export client / initiator certificate:

keytool -genkeypair -keyalg RSA -keysize 2048 -alias client -keystore client.jks
keytool -export -alias client -file client.cer -keystore client.jks

3) Import the server / acceptor certificate into the client key store:

keytool -import -v -trustcacerts -alias server -file server.cer -keystore client.jks

4) Import the client / initiator certificate into the server / acceptor key store:

keytool -import -v -trustcacerts -alias client -file client.cer -keystore server.jks

Receiver Configuration:

SocketUseSSL=Y
SocketKeyStore=server.jks
SocketKeyStorePassword=password

Initiator Configuration:

SocketUseSSL=Y
SocketKeyStore=client.jks
SocketKeyStorePassword=password

, . , client.jks , QuickFIX, : "client.jks: keystore , ". , FIX. , , . - ?

+4

ssl quickfix

Dr Boom 02 . '15 9:35

1

Jiayun Zhou · Answer 1 · 2017-11-23T06:25:19+0000

, : NeedClientAuth = Y

QuickFIX initiator certificates do not require SSL to acceptor

More articles: