Jared Shields

Windows PKI Support

Discussion created by Jared Shields on Jul 17, 2015
Latest reply on Apr 29, 2016 by Doug

Recently the DoD converted from using DCO to using DCS for collaboration and chat services.  While both still support XMPP chat, DCS now requires PKI authentication.  Because of the way the certificates are generated, more than one certificate in a user's keystore match the server's requirements; however, only one actually works....

 

The "preferred" client for DCS is ..... terrible at best.... so I spent some time getting Spark to work with DCS.  I had to make a number of modifications to (a) add a "Windows Certificate Store" option to the PKI store type list, and (b) make minor modifications to the legacy smack library being used by Spark [I needed a certificate selection callback].  I now have Spark working "cleanly" with DCS (with minimal configuration required by users), but I wanted to offer the changes/suggestions to the community for addition to Spark.

 

Is there any interest in getting into further details?

Outcomes