Talked with Ogail in person. We believe this is a legitimate concern about the consistency of configuration connection string across different language. Because on Windows Platform where .NET is typically running, the certificate authority is typically managed via certificate.mmc, this problem uniquely arised in cross platform language such as PHP, Java. Regardless the design of the connection string, the underlying update of the HttpClient.php should be essential and re-usable. Also, beyond service management/service bus, this may also be applicable for storage related services.
The consensus ogail and I have now is still get this checked in, at the same time, start investigation to create a configuration design that can be consistently used for SDK in different language to take certificates as a part of the configuration string.
From: Abdelrahman Elogeel
Sent: Tuesday, July 10, 2012 2:57 PM
To: Albert Cheng; Aliaksei Baturytski; Azure SDK Coders
Subject: RE: HTTPS support for PHP service bus and service management.
Thanks Al, I’ve just have concern with that point:
• How users are supposed to pass their authority in the existing service bus connection string which doesn’t allow them to do this
[Albert Cheng] If users do not pass certificate/certificate authority to the service bus, service bus will just work without validation. So that there will be no regression to the existing behavior.
[Ogail] That sounds like we are adding dead code to the code base as all **Settings classes are deleted now and replaced with connection string. I’d suggest that you sync up with Service Bus folks to check how they do enable that in the .NET SDK or if they have plans for that in general.
As mentioned in e-mail thread Azure Core recommends that we use a certificate store on any platform – e.g. not just Windows but also Mac or Linux. I think we should ultimately go in that direction. This should not warrant connection string changes, but the underlying code will have to work with cert stores.
Closing stale issues. Reactivate if it should be reconsidered.