83 files changed, 2629 insertions, 3392 deletions

diff --git a/cpp/test/IceSSL/Makefile b/cpp/test/IceSSL/Makefile
index c9c7567b377..5633e6ef15c 100644
--- a/cpp/test/IceSSL/Makefile
+++ b/cpp/test/IceSSL/Makefile
@@ -11,11 +11,7 @@ top_srcdir	= ../..
 
 include $(top_srcdir)/config/Make.rules
 
-SUBDIRS		= configuration \
-		  loadPEM \
-		  certificateAndKeyParsing \
-		  certificateVerifier \
-		  certificateVerification 
+SUBDIRS		= configuration
 
 $(EVERYTHING)::
 	@for subdir in $(SUBDIRS); \
diff --git a/cpp/test/IceSSL/certificateAndKeyParsing/.depend b/cpp/test/IceSSL/certificateAndKeyParsing/.depend
deleted file mode 100644
index 6ef71444871..00000000000
--- a/cpp/test/IceSSL/certificateAndKeyParsing/.depend
+++ /dev/null
@@ -1 +0,0 @@
-CertificateAndKeyParsing.o: CertificateAndKeyParsing.cpp ../../../include/Ice/Ice.h ../../../include/Ice/GCRecMutex.h ../../../include/IceUtil/RecMutex.h ../../../include/IceUtil/Config.h ../../../include/IceUtil/Lock.h ../../../include/IceUtil/ThreadException.h ../../../include/IceUtil/Exception.h ../../../include/Ice/Config.h ../../../include/Ice/GCShared.h ../../../include/Ice/GC.h ../../../include/IceUtil/Thread.h ../../../include/IceUtil/Shared.h ../../../include/IceUtil/Handle.h ../../../include/IceUtil/Mutex.h ../../../include/IceUtil/Monitor.h ../../../include/IceUtil/Cond.h ../../../include/IceUtil/Time.h ../../../include/Ice/Initialize.h ../../../include/Ice/CommunicatorF.h ../../../include/Ice/LocalObjectF.h ../../../include/Ice/Handle.h ../../../include/Ice/ProxyF.h ../../../include/Ice/ProxyHandle.h ../../../include/Ice/ObjectF.h ../../../include/Ice/Exception.h ../../../include/Ice/LocalObject.h ../../../include/Ice/UndefSysMacros.h ../../../include/Ice/PropertiesF.h ../../../include/Ice/InstanceF.h ../../../include/Ice/BuiltinSequences.h ../../../include/Ice/Proxy.h ../../../include/Ice/ProxyFactoryF.h ../../../include/Ice/ConnectionIF.h ../../../include/Ice/EndpointIF.h ../../../include/Ice/Endpoint.h ../../../include/Ice/ObjectAdapterF.h ../../../include/Ice/ReferenceF.h ../../../include/Ice/OutgoingAsyncF.h ../../../include/Ice/Current.h ../../../include/Ice/ConnectionF.h ../../../include/Ice/Identity.h ../../../include/Ice/StreamF.h ../../../include/Ice/LocalException.h ../../../include/Ice/Properties.h ../../../include/Ice/Logger.h ../../../include/Ice/LoggerUtil.h ../../../include/Ice/LoggerF.h ../../../include/Ice/Stats.h ../../../include/Ice/Communicator.h ../../../include/Ice/StatsF.h ../../../include/Ice/ObjectFactoryF.h ../../../include/Ice/RouterF.h ../../../include/Ice/LocatorF.h ../../../include/Ice/PluginF.h ../../../include/Ice/ObjectFactory.h ../../../include/Ice/ObjectAdapter.h ../../../include/Ice/ServantLocatorF.h ../../../include/Ice/FacetMap.h ../../../include/Ice/ServantLocator.h ../../../include/Ice/Object.h ../../../include/Ice/IncomingAsyncF.h ../../../include/Ice/IdentityUtil.h ../../../include/Ice/OutgoingAsync.h ../../../include/Ice/IncomingAsync.h ../../../include/Ice/Incoming.h ../../../include/Ice/ServantManagerF.h ../../../include/Ice/BasicStream.h ../../../include/Ice/Buffer.h ../../../include/Ice/Process.h ../../../include/Ice/Outgoing.h ../../../include/Ice/Direct.h ../../../include/Ice/Application.h ../../../include/Ice/Connection.h ../../../include/Ice/Functional.h ../../../include/IceUtil/Functional.h ../../../include/Ice/Stream.h ../../include/TestCommon.h ../../../include/IceSSL/Exception.h ../../../include/IceSSL/RSAKeyPair.h ../../../include/IceSSL/RSAKeyPairF.h ../../../include/IceSSL/Config.h ../../../include/IceSSL/RSACertificateGenF.h ../../../include/IceSSL/RSAPrivateKeyF.h ../../../include/IceSSL/RSAPublicKeyF.h ../../../include/IceSSL/RSACertificateGen.h ../../../include/IceSSL/Plugin.h ../../../include/Ice/Plugin.h ../../../include/IceSSL/CertificateVerifierF.h ../../../include/IceUtil/Base64.h
diff --git a/cpp/test/IceSSL/certificateAndKeyParsing/CertificateAndKeyParsing.cpp b/cpp/test/IceSSL/certificateAndKeyParsing/CertificateAndKeyParsing.cpp
deleted file mode 100644
index 7189c09defc..00000000000
--- a/cpp/test/IceSSL/certificateAndKeyParsing/CertificateAndKeyParsing.cpp
+++ /dev/null
@@ -1,770 +0,0 @@
-// **********************************************************************
-//
-// Copyright (c) 2003-2006 ZeroC, Inc. All rights reserved.
-//
-// This copy of Ice is licensed to you under the terms described in the
-// ICE_LICENSE file included in this distribution.
-//
-// **********************************************************************
-
-#include <Ice/Ice.h>
-#include <TestCommon.h>
-#include <IceSSL/Exception.h>
-#include <IceSSL/RSAKeyPair.h>
-#include <IceSSL/RSACertificateGen.h>
-#include <IceSSL/Plugin.h>
-#include <IceUtil/Base64.h>
-
-#include <fstream>
-
-using namespace std;
-using namespace Ice;
-
-void
-testExpectCertificateAndPrivateKeyParseException(const IceSSL::PluginPtr& plugin,
-                                                 const string& key,
-                                                 const string& cert)
-{
-    try
-    {
-        plugin->setRSAKeysBase64(IceSSL::Client, key, cert);
-        test(false);
-    }
-    catch(const IceSSL::CertificateParseException&)
-    {
-    }
-    catch(const IceSSL::PrivateKeyParseException&)
-    {
-    }
-    catch(const Ice::LocalException&)
-    {
-        //
-        // Any other exception is bad.
-        //
-
-        test(false);
-    }
-    catch(...)
-    {
-        //
-        // Unknown exceptions are always bad.
-        //
-
-        test(false);
-    }
-
-    cout << "ok" << endl;
-}
-
-void
-testExpectCertificateAndPrivateKeyParseException(const IceSSL::PluginPtr& plugin,
-                                                 const Ice::ByteSeq& key,
-                                                 const Ice::ByteSeq& cert)
-{
-    try
-    {
-        plugin->setRSAKeys(IceSSL::Client, key, cert);
-        test(false);
-    }
-    catch(const IceSSL::CertificateParseException&)
-    {
-    }
-    catch(const IceSSL::PrivateKeyParseException&)
-    {
-    }
-    catch(const Ice::LocalException&)
-    {
-        //
-        // Any other exception is bad.
-        //
-
-        test(false);
-    }
-    catch(...)
-    {
-        //
-        // Unknown exceptions are always bad.
-        //
-
-        test(false);
-    }
-
-    cout << "ok" << endl;
-}
-
-void
-testExpectPrivateKeyParseException(const IceSSL::PluginPtr& plugin, const string& key, const string& cert)
-{
-    try
-    {
-        plugin->setRSAKeysBase64(IceSSL::Client, key, cert);
-        test(false);
-    }
-    catch(const IceSSL::PrivateKeyParseException&)
-    {
-    }
-    catch(const Ice::LocalException&)
-    {
-        //
-        // Any other exception is bad.
-        //
-
-        test(false);
-    }
-    catch(...)
-    {
-        //
-        // Unknown exceptions are always bad.
-        //
-
-        test(false);
-    }
-
-    cout << "ok" << endl;
-}
-
-void
-testExpectPrivateKeyParseException(const IceSSL::PluginPtr& plugin, const Ice::ByteSeq& key, const Ice::ByteSeq& cert)
-{
-    try
-    {
-        plugin->setRSAKeys(IceSSL::Client, key, cert);
-        test(false);
-    }
-    catch(const IceSSL::PrivateKeyParseException&)
-    {
-    }
-    catch(const Ice::LocalException&)
-    {
-        //
-        // Any other exception is bad.
-        //
-
-        test(false);
-    }
-    catch(...)
-    {
-        //
-        // Unknown exceptions are always bad.
-        //
-
-        test(false);
-    }
-
-    cout << "ok" << endl;
-}
-
-void
-testExpectCertificateParseException(const IceSSL::PluginPtr& plugin, const string& key, const string& cert)
-{
-    try
-    {
-        plugin->setRSAKeysBase64(IceSSL::Client, key, cert);
-        test(false);
-    }
-    catch(const IceSSL::CertificateParseException&)
-    {
-    }
-    catch(const Ice::LocalException&)
-    {
-        //
-        // Any other exception is bad.
-        //
-
-        test(false);
-    }
-    catch(...)
-    {
-        //
-        // Unknown exceptions are always bad.
-        //
-
-        test(false);
-    }
-
-    cout << "ok" << endl;
-}
-
-void
-testExpectCertificateParseException(const IceSSL::PluginPtr& plugin, const Ice::ByteSeq& key, const Ice::ByteSeq& cert)
-{
-    try
-    {
-        plugin->setRSAKeys(IceSSL::Client, key, cert);
-        test(false);
-    }
-    catch(const IceSSL::CertificateParseException&)
-    {
-    }
-    catch(const Ice::LocalException&)
-    {
-        //
-        // Any other exception is bad.
-        //
-
-        test(false);
-    }
-    catch(...)
-    {
-        //
-        // Unknown exceptions are always bad.
-        //
-
-        test(false);
-    }
-
-    cout << "ok" << endl;
-}
-
-void
-testExpectCertificateParseException(const IceSSL::PluginPtr& plugin, const string& cert)
-{
-    try
-    {
-        plugin->addTrustedCertificateBase64(IceSSL::Client, cert);
-        test(false);
-    }
-    catch(const IceSSL::CertificateParseException&)
-    {
-    }
-    catch(const Ice::LocalException&)
-    {
-        //
-        // Any other exception is bad.
-        //
-
-        test(false);
-    }
-    catch(...)
-    {
-        //
-        // Unknown exceptions are always bad.
-        //
-
-        test(false);
-    }
-
-    cout << "ok" << endl;
-}
-
-void
-testExpectCertificateParseException(const IceSSL::PluginPtr& plugin, const Ice::ByteSeq& cert)
-{
-    try
-    {
-        plugin->addTrustedCertificate(IceSSL::Client, cert);
-        test(false);
-    }
-    catch(const IceSSL::CertificateParseException&)
-    {
-    }
-    catch(const Ice::LocalException&)
-    {
-        //
-        // Any other exception is bad.
-        //
-
-        test(false);
-    }
-    catch(...)
-    {
-        //
-        // Unknown exceptions are always bad.
-        //
-
-        test(false);
-    }
-
-    cout << "ok" << endl;
-}
-
-void
-testExpectContextNotConfiguredException(const IceSSL::PluginPtr& plugin,
-                                        const string& key,
-                                        const string& cert)
-{
-    try
-    {
-        plugin->setRSAKeysBase64(IceSSL::Client, key, cert);
-        test(false);
-    }
-    catch(const IceSSL::ContextNotConfiguredException&)
-    {
-    }
-    catch(const Ice::LocalException&)
-    {
-        //
-        // Any other exception is bad.
-        //
-
-        test(false);
-    }
-    catch(...)
-    {
-        //
-        // Unknown exceptions are always bad.
-        //
-
-        test(false);
-    }
-
-    cout << "ok" << endl;
-}
-
-void
-testExpectContextNotConfiguredException(const IceSSL::PluginPtr& plugin,
-                                        const Ice::ByteSeq& key,
-                                        const Ice::ByteSeq& cert)
-{
-    try
-    {
-        plugin->setRSAKeys(IceSSL::Client, key, cert);
-        test(false);
-    }
-    catch(const IceSSL::ContextNotConfiguredException&)
-    {
-    }
-    catch(const Ice::LocalException&)
-    {
-        //
-        // Any other exception is bad.
-        //
-
-        test(false);
-    }
-    catch(...)
-    {
-        //
-        // Unknown exceptions are always bad.
-        //
-
-        test(false);
-    }
-
-    cout << "ok" << endl;
-}
-
-void
-testExpectContextNotConfiguredException(const IceSSL::PluginPtr& plugin, const string& cert)
-{
-    try
-    {
-        plugin->addTrustedCertificateBase64(IceSSL::Client, cert);
-        test(false);
-    }
-    catch(const IceSSL::ContextNotConfiguredException&)
-    {
-    }
-    catch(const Ice::LocalException&)
-    {
-        //
-        // Any other exception is bad.
-        //
-
-        test(false);
-    }
-    catch(...)
-    {
-        //
-        // Unknown exceptions are always bad.
-        //
-
-        test(false);
-    }
-
-    cout << "ok" << endl;
-}
-
-void
-testExpectContextNotConfiguredException(const IceSSL::PluginPtr& plugin, const Ice::ByteSeq& cert)
-{
-    try
-    {
-        plugin->addTrustedCertificate(IceSSL::Client, cert);
-        test(false);
-    }
-    catch(const IceSSL::ContextNotConfiguredException&)
-    {
-    }
-    catch(const Ice::LocalException&)
-    {
-        //
-        // Any other exception is bad.
-        //
-
-        test(false);
-    }
-    catch(...)
-    {
-        //
-        // Unknown exceptions are always bad.
-        //
-
-        test(false);
-    }
-
-    cout << "ok" << endl;
-}
-
-void
-testExpectCertificateKeyMatchException(const IceSSL::PluginPtr& plugin,
-                                       const string& key,
-                                       const string& cert)
-{
-    try
-    {
-        plugin->setRSAKeysBase64(IceSSL::Client, key, cert);
-        test(false);
-    }
-    catch(const IceSSL::CertificateKeyMatchException&)
-    {
-    }
-    catch(const Ice::LocalException&)
-    {
-        //
-        // Any other exception is bad.
-        //
-
-        test(false);
-    }
-    catch(...)
-    {
-        //
-        // Unknown exceptions are always bad.
-        //
-
-        test(false);
-    }
-
-    cout << "ok" << endl;
-}
-
-void
-testExpectCertificateKeyMatchException(const IceSSL::PluginPtr& plugin,
-                                       const Ice::ByteSeq& key,
-                                       const Ice::ByteSeq& cert)
-{
-    try
-    {
-        plugin->setRSAKeys(IceSSL::Client, key, cert);
-        test(false);
-    }
-    catch(const IceSSL::CertificateKeyMatchException&)
-    {
-    }
-    catch(const Ice::LocalException&)
-    {
-        //
-        // Any other exception is bad.
-        //
-
-        test(false);
-    }
-    catch(...)
-    {
-        //
-        // Unknown exceptions are always bad.
-        //
-
-        test(false);
-    }
-
-    cout << "ok" << endl;
-}
-
-void
-testNoException(const IceSSL::PluginPtr& plugin, const string& key, const string& cert)
-{
-    try
-    {
-        plugin->setRSAKeysBase64(IceSSL::Client, key, cert);
-    }
-    catch(const Ice::LocalException&)
-    {
-        //
-        // Any other exception is bad.
-        //
-
-        test(false);
-    }
-    catch(...)
-    {
-        //
-        // Unknown exceptions are always bad.
-        //
-
-        test(false);
-    }
-
-    cout << "ok" << endl;
-}
-
-void
-testNoException(const IceSSL::PluginPtr& plugin, const Ice::ByteSeq& key, const Ice::ByteSeq& cert)
-{
-    try
-    {
-        plugin->setRSAKeys(IceSSL::Client, key, cert);
-    }
-    catch(const Ice::LocalException&)
-    {
-        //
-        // Any other exception is bad.
-        //
-
-        test(false);
-    }
-    catch(...)
-    {
-        //
-        // Unknown exceptions are always bad.
-        //
-
-        test(false);
-    }
-
-    cout << "ok" << endl;
-}
-
-void
-testNoException(const IceSSL::PluginPtr& plugin, const string& cert)
-{
-    try
-    {
-        plugin->addTrustedCertificateBase64(IceSSL::Client, cert);
-    }
-    catch(const Ice::LocalException&)
-    {
-        //
-        // Any other exception is bad.
-        //
-
-        test(false);
-    }
-    catch(...)
-    {
-        //
-        // Unknown exceptions are always bad.
-        //
-
-        test(false);
-    }
-
-    cout << "ok" << endl;
-}
-
-void
-testNoException(const IceSSL::PluginPtr& plugin, const Ice::ByteSeq& cert)
-{
-    try
-    {
-        plugin->addTrustedCertificate(IceSSL::Client, cert);
-    }
-    catch(const Ice::LocalException&)
-    {
-        //
-        // Any other exception is bad.
-        //
-
-        test(false);
-    }
-    catch(...)
-    {
-        //
-        // Unknown exceptions are always bad.
-        //
-
-        test(false);
-    }
-
-    cout << "ok" << endl;
-}
-
-int
-run(int argc, char* argv[], const Ice::CommunicatorPtr& communicator)
-{
-    PropertiesPtr properties = communicator->getProperties();
-
-    Ice::PluginPtr plugin = communicator->getPluginManager()->getPlugin("IceSSL");
-    IceSSL::PluginPtr sslPlugin = IceSSL::PluginPtr::dynamicCast(plugin);
-
-    string clientTestCertPath = properties->getProperty("IceSSL.Client.CertPath.Test");
-
-    IceSSL::RSACertificateGen certGen;
-
-    IceSSL::RSAKeyPairPtr goodKeyPair1;
-    IceSSL::RSAKeyPairPtr goodKeyPair2;
-
-    string goodKey1File = clientTestCertPath + "/goodKey_1.pem";
-    string goodCert1File = clientTestCertPath + "/goodCert_1.pem";
-    string goodKey2File = clientTestCertPath + "/goodKey_2.pem";
-    string goodCert2File = clientTestCertPath + "/goodCert_2.pem";
-
-    goodKeyPair1 = certGen.loadKeyPair(goodKey1File, goodCert1File);
-    goodKeyPair2 = certGen.loadKeyPair(goodKey2File, goodCert2File);
-
-    Ice::ByteSeq gcert1;
-    Ice::ByteSeq gkey1;
-    string gcert1b64;
-    string gkey1b64;
-
-    Ice::ByteSeq gcert2;
-    Ice::ByteSeq gkey2;
-    string gcert2b64;
-    string gkey2b64;
-
-    Ice::ByteSeq badCert;
-    Ice::ByteSeq badKey;
-    string badCertb64;
-    string badKeyb64;
-
-    goodKeyPair1->certToByteSeq(gcert1);
-    goodKeyPair1->keyToByteSeq(gkey1);
-    goodKeyPair1->certToBase64(gcert1b64);
-    goodKeyPair1->keyToBase64(gkey1b64);
-
-    goodKeyPair2->certToByteSeq(gcert2);
-    goodKeyPair2->keyToByteSeq(gkey2);
-    goodKeyPair2->certToBase64(gcert2b64);
-    goodKeyPair2->keyToBase64(gkey2b64);
-
-    string badKeyFile = clientTestCertPath + "/badKey.b64"; 
-    string badCertFile = clientTestCertPath + "/badCert.b64";
-
-    ifstream keyStream(badKeyFile.c_str());
-    ifstream certStream(badCertFile.c_str());
-
-    keyStream >> badKeyb64;
-    certStream >> badCertb64;
-
-    keyStream.close();
-    certStream.close();
-
-    badKey = IceUtil::Base64::decode(badKeyb64);
-    badCert = IceUtil::Base64::decode(badCertb64);
-
-    cout << "testing certificate and key parsing failures." << endl;
-
-    cout << "bad private key and certificate (Base64)... " << flush;
-    testExpectCertificateAndPrivateKeyParseException(sslPlugin, badKeyb64, badCertb64);
-
-    cout << "bad private key and certificate... " << flush;
-    testExpectCertificateAndPrivateKeyParseException(sslPlugin, badKey, badCert);
-
-    cout << "bad private key and good certificate (Base64)... " << flush;
-    testExpectPrivateKeyParseException(sslPlugin, badKeyb64, gcert1b64);
-
-    cout << "bad private key and good certificate... " << flush;
-    testExpectPrivateKeyParseException(sslPlugin, badKey, gcert1);
-
-    cout << "good private key and bad certificate (Base64)... " << flush;
-    testExpectCertificateParseException(sslPlugin, gkey1b64, badCertb64);
-
-    cout << "good private key and bad certificate... " << flush;
-    testExpectCertificateParseException(sslPlugin, gkey1, badCert);
-
-    cout << "bad certificate as a trusted certificate... " << flush;
-    testExpectCertificateParseException(sslPlugin, badCert);
-    
-    cout << "bad certificate as a trusted certificate (Base64)... " << flush;
-    testExpectCertificateParseException(sslPlugin, badCertb64);
-    
-    cout << "testing setting good certificates and keys on a unconfigured context." << endl;
-
-    cout << "good private key and certificate... " << flush;
-    testExpectContextNotConfiguredException(sslPlugin, gkey1, gcert1);
-    
-    cout << "good private key and certificate (Base64)... " << flush;
-    testExpectContextNotConfiguredException(sslPlugin, gkey1b64, gcert1b64);
-
-    cout << "good private key and certificate (again)... " << flush;
-    testExpectContextNotConfiguredException(sslPlugin, gkey2, gcert2);
-    
-    cout << "good private key and certificate (Base64) (again)... " << flush;
-    testExpectContextNotConfiguredException(sslPlugin, gkey2b64, gcert2b64);
-
-    cout << "good certificate as a trusted certificate... " << flush;
-    testExpectContextNotConfiguredException(sslPlugin, gcert1);
-    
-    cout << "good certificate as a trusted certificate (Base64)... " << flush;
-    testExpectContextNotConfiguredException(sslPlugin, gcert1b64);
-
-    properties->setProperty("IceSSL.Client.CertPath", clientTestCertPath);
-    properties->setProperty("IceSSL.Client.Config", "sslconfig_6.xml");
-    sslPlugin->configure(IceSSL::Client);
-
-#if !defined(_AIX) || defined(ICE_32)
-    //
-    // TODO: On AIX 64 bit with OpenSSL 0.9.7d, OpenSSL reports an
-    // error but does not put an error code on the error queue.
-    // This needs more investigation!
-    //
-
-    cout << "testing mismatched certificates and keys failures on a configured context." << endl;
-
-    cout << "good private key and certificate, mismatched (Base64)... " << flush;
-    testExpectCertificateKeyMatchException(sslPlugin, gkey1b64, gcert2b64);
-
-    cout << "good private key and certificate, mismatched (again)... " << flush;
-    testExpectCertificateKeyMatchException(sslPlugin, gkey2, gcert1);
-    
-    cout << "good private key and certificate, mismatched (Base64) (again)... " << flush;
-    testExpectCertificateKeyMatchException(sslPlugin, gkey2b64, gcert1b64);
-
-#endif
-
-    cout << "testing setting good certificates and keys on a configured context." << endl;
-
-    cout << "good private key and certificate... " << flush;
-    testNoException(sslPlugin, gkey1, gcert1);
-    
-    cout << "good private key and certificate (Base64)... " << flush;
-    testNoException(sslPlugin, gkey1b64, gcert1b64);
-
-    cout << "good private key and certificate (again)... " << flush;
-    testNoException(sslPlugin, gkey2, gcert2);
-    
-    cout << "good private key and certificate (Base64) (again)... " << flush;
-    testNoException(sslPlugin, gkey2b64, gcert2b64);
-
-    cout << "good certificate as trusted certificate... " << flush;
-    testNoException(sslPlugin, gcert1);
-    
-    cout << "good certificate as trusted certificate (Base64)... " << flush;
-    testNoException(sslPlugin, gcert2b64);
-
-    return EXIT_SUCCESS;
-}
-
-int
-main(int argc, char* argv[])
-{
-    int status;
-    Ice::CommunicatorPtr communicator;
-
-    try
-    {
-	communicator = Ice::initialize(argc, argv);
-	status = run(argc, argv, communicator);
-    }
-    catch(const Ice::Exception& ex)
-    {
-        cerr << ex << endl;
-	status = EXIT_FAILURE;
-    }
-
-    if(communicator)
-    {
-	try
-	{
-	    communicator->destroy();
-	}
-	catch(const Ice::Exception& ex)
-	{
-            cerr << ex << endl;
-	    status = EXIT_FAILURE;
-	}
-    }
-
-    return status;
-}
diff --git a/cpp/test/IceSSL/certificateAndKeyParsing/Makefile b/cpp/test/IceSSL/certificateAndKeyParsing/Makefile
deleted file mode 100644
index ee30964ff4a..00000000000
--- a/cpp/test/IceSSL/certificateAndKeyParsing/Makefile
+++ /dev/null
@@ -1,28 +0,0 @@
-# **********************************************************************
-#
-# Copyright (c) 2003-2006 ZeroC, Inc. All rights reserved.
-#
-# This copy of Ice is licensed to you under the terms described in the
-# ICE_LICENSE file included in this distribution.
-#
-# **********************************************************************
-
-top_srcdir	= ../../..
-
-CLIENT		= certificateAndKeyParsing
-
-TARGETS		= $(CLIENT)
-
-OBJS		= CertificateAndKeyParsing.o
-
-SRCS		= $(OBJS:.o=.cpp)
-
-include $(top_srcdir)/config/Make.rules
-
-CPPFLAGS	:= -I. -I../../include $(OPENSSL_FLAGS) $(CPPFLAGS)
-
-$(CLIENT): $(OBJS)
-	rm -f $@
-	$(CXX) $(LDFLAGS) -o $@ $(OBJS) $(OPENSSL_RPATH_LINK) -lIceSSL $(EXPAT_RPATH_LINK) -lIceXML $(LIBS) $(OPENSSL_LIBS)
-
-include .depend
diff --git a/cpp/test/IceSSL/certificateAndKeyParsing/certificateandkeyparsing.dsp b/cpp/test/IceSSL/certificateAndKeyParsing/certificateandkeyparsing.dsp
deleted file mode 100644
index 604ebe2e090..00000000000
--- a/cpp/test/IceSSL/certificateAndKeyParsing/certificateandkeyparsing.dsp
+++ /dev/null
@@ -1,106 +0,0 @@
-# Microsoft Developer Studio Project File - Name="certificateandkeyparsing" - Package Owner=<4>

-# Microsoft Developer Studio Generated Build File, Format Version 6.00

-# ** DO NOT EDIT **

-

-# TARGTYPE "Win32 (x86) Console Application" 0x0103

-

-CFG=certificateandkeyparsing - Win32 Debug

-!MESSAGE This is not a valid makefile. To build this project using NMAKE,

-!MESSAGE use the Export Makefile command and run

-!MESSAGE 

-!MESSAGE NMAKE /f "certificateandkeyparsing.mak".

-!MESSAGE 

-!MESSAGE You can specify a configuration when running NMAKE

-!MESSAGE by defining the macro CFG on the command line. For example:

-!MESSAGE 

-!MESSAGE NMAKE /f "certificateandkeyparsing.mak" CFG="certificateandkeyparsing - Win32 Debug"

-!MESSAGE 

-!MESSAGE Possible choices for configuration are:

-!MESSAGE 

-!MESSAGE "certificateandkeyparsing - Win32 Release" (based on "Win32 (x86) Console Application")

-!MESSAGE "certificateandkeyparsing - Win32 Debug" (based on "Win32 (x86) Console Application")

-!MESSAGE 

-

-# Begin Project

-# PROP AllowPerConfigDependencies 0

-# PROP Scc_ProjName ""

-# PROP Scc_LocalPath ""

-CPP=cl.exe

-RSC=rc.exe

-

-!IF  "$(CFG)" == "certificateandkeyparsing - Win32 Release"

-

-# PROP BASE Use_MFC 0

-# PROP BASE Use_Debug_Libraries 0

-# PROP BASE Output_Dir "Release"

-# PROP BASE Intermediate_Dir "Release"

-# PROP BASE Target_Dir ""

-# PROP Use_MFC 0

-# PROP Use_Debug_Libraries 0

-# PROP Output_Dir "Release"

-# PROP Intermediate_Dir "Release"

-# PROP Ignore_Export_Lib 0

-# PROP Target_Dir ""

-# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /Yu"stdafx.h" /FD /c

-# ADD CPP /nologo /MD /W3 /WX /GR /GX /O2 /I "." /I "../../../include" /I "../../include" /D "_CONSOLE" /D "NDEBUG" /D "WIN32_LEAN_AND_MEAN" /FD /c

-# SUBTRACT CPP /Z<none> /YX

-# ADD BASE RSC /l 0x409 /d "NDEBUG"

-# ADD RSC /l 0x409 /d "NDEBUG"

-BSC32=bscmake.exe

-# ADD BASE BSC32 /nologo

-# ADD BSC32 /nologo

-LINK32=link.exe

-# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386

-# ADD LINK32 /nologo /subsystem:console /pdb:none /machine:I386 /out:"certificateandkeyparsing.exe" /libpath:"../../../lib" /FIXED:no

-# SUBTRACT LINK32 /debug

-

-!ELSEIF  "$(CFG)" == "certificateandkeyparsing - Win32 Debug"

-

-# PROP BASE Use_MFC 0

-# PROP BASE Use_Debug_Libraries 1

-# PROP BASE Output_Dir "Debug"

-# PROP BASE Intermediate_Dir "Debug"

-# PROP BASE Target_Dir ""

-# PROP Use_MFC 0

-# PROP Use_Debug_Libraries 1

-# PROP Output_Dir "Debug"

-# PROP Intermediate_Dir "Debug"

-# PROP Ignore_Export_Lib 0

-# PROP Target_Dir ""

-# ADD BASE CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /Yu"stdafx.h" /FD /GZ /c

-# ADD CPP /nologo /MDd /W3 /WX /Gm /GR /GX /Zi /Od /I "." /I "../../../include" /I "../../include" /D "_CONSOLE" /D "_DEBUG" /D "WIN32_LEAN_AND_MEAN" /FD /GZ /c

-# SUBTRACT CPP /YX

-# ADD BASE RSC /l 0x409 /d "_DEBUG"

-# ADD RSC /l 0x409 /d "_DEBUG"

-BSC32=bscmake.exe

-# ADD BASE BSC32 /nologo

-# ADD BSC32 /nologo

-LINK32=link.exe

-# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept

-# ADD LINK32 /nologo /subsystem:console /debug /machine:I386 /out:"certificateandkeyparsing.exe" /pdbtype:sept /libpath:"../../../lib" /FIXED:no

-# SUBTRACT LINK32 /pdb:none

-

-!ENDIF 

-

-# Begin Target

-

-# Name "certificateandkeyparsing - Win32 Release"

-# Name "certificateandkeyparsing - Win32 Debug"

-# Begin Group "Source Files"

-

-# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat"

-# Begin Source File

-

-SOURCE=.\certificateandkeyparsing.cpp

-# End Source File

-# End Group

-# Begin Group "Header Files"

-

-# PROP Default_Filter "h;hpp;hxx;hm;inl"

-# End Group

-# Begin Group "Resource Files"

-

-# PROP Default_Filter "ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe"

-# End Group

-# End Target

-# End Project

diff --git a/cpp/test/IceSSL/certificateAndKeyParsing/run.py b/cpp/test/IceSSL/certificateAndKeyParsing/run.py
deleted file mode 100755
index 1617c444edf..00000000000
--- a/cpp/test/IceSSL/certificateAndKeyParsing/run.py
+++ /dev/null
@@ -1,50 +0,0 @@
-#!/usr/bin/env python
-# **********************************************************************
-#
-# Copyright (c) 2003-2006 ZeroC, Inc. All rights reserved.
-#
-# This copy of Ice is licensed to you under the terms described in the
-# ICE_LICENSE file included in this distribution.
-#
-# **********************************************************************
-
-import os, sys
-
-for toplevel in [".", "..", "../..", "../../..", "../../../.."]:
-    toplevel = os.path.normpath(toplevel)
-    if os.path.exists(os.path.join(toplevel, "config", "TestUtil.py")):
-        break
-else:
-    raise "can't find toplevel directory!"
-
-sys.path.append(os.path.join(toplevel, "config"))
-import TestUtil
-
-if TestUtil.protocol != "ssl" :
-    print "This test may only be run with SSL enabled."
-    sys.exit(0)
-
-testOptions = " --IceSSL.Client.CertPath.Test=" + os.path.join(toplevel, "test", "IceSSL", "certs") + \
-              " --IceSSL.Client.CertPath=" + os.path.join(toplevel, "test", "IceSSL", "certs") + \
-              " --IceSSL.Client.Config= " + \
-              " --IceSSL.Server.CertPath=" + os.path.join(toplevel, "test", "IceSSL", "certs") + \
-              " --IceSSL.Server.Config= "
-
-name = os.path.join("IceSSL", "certificateAndKeyParsing")
-testdir = os.path.join(toplevel, "test", name)
-
-client = os.path.join(testdir, "certificateAndKeyParsing")
-
-localClientOptions = TestUtil.clientServerProtocol + TestUtil.defaultHost
-print "starting certificateAndKeyParsing...",
-clientPipe = os.popen(client + localClientOptions + testOptions + " 2>&1")
-print "ok"
-
-TestUtil.printOutputFromPipe(clientPipe)
-    
-clientStatus = TestUtil.closePipe(clientPipe)
-
-if clientStatus:
-    sys.exit(1)
-
-sys.exit(0)
diff --git a/cpp/test/IceSSL/certificateVerification/.depend b/cpp/test/IceSSL/certificateVerification/.depend
deleted file mode 100644
index 89142fceb0a..00000000000
--- a/cpp/test/IceSSL/certificateVerification/.depend
+++ /dev/null
@@ -1,4 +0,0 @@
-Pinger.o: Pinger.cpp ./Pinger.h ../../../include/Ice/LocalObjectF.h ../../../include/Ice/Handle.h ../../../include/IceUtil/Handle.h ../../../include/IceUtil/Exception.h ../../../include/IceUtil/Config.h ../../../include/Ice/Config.h ../../../include/Ice/ProxyF.h ../../../include/Ice/ProxyHandle.h ../../../include/Ice/ObjectF.h ../../../include/Ice/Exception.h ../../../include/Ice/LocalObject.h ../../../include/IceUtil/Shared.h ../../../include/Ice/Proxy.h ../../../include/IceUtil/Mutex.h ../../../include/IceUtil/Lock.h ../../../include/IceUtil/ThreadException.h ../../../include/Ice/ProxyFactoryF.h ../../../include/Ice/ConnectionIF.h ../../../include/Ice/EndpointIF.h ../../../include/Ice/Endpoint.h ../../../include/Ice/UndefSysMacros.h ../../../include/Ice/ObjectAdapterF.h ../../../include/Ice/ReferenceF.h ../../../include/Ice/OutgoingAsyncF.h ../../../include/Ice/Current.h ../../../include/Ice/ConnectionF.h ../../../include/Ice/Identity.h ../../../include/Ice/StreamF.h ../../../include/Ice/CommunicatorF.h ../../../include/Ice/Object.h ../../../include/Ice/GCShared.h ../../../include/Ice/GCRecMutex.h ../../../include/IceUtil/RecMutex.h ../../../include/Ice/IncomingAsyncF.h ../../../include/Ice/Outgoing.h ../../../include/IceUtil/Monitor.h ../../../include/IceUtil/Cond.h ../../../include/IceUtil/Time.h ../../../include/Ice/BasicStream.h ../../../include/Ice/InstanceF.h ../../../include/Ice/ObjectFactoryF.h ../../../include/Ice/Buffer.h ../../../include/Ice/Incoming.h ../../../include/Ice/ServantLocatorF.h ../../../include/Ice/ServantManagerF.h ../../../include/Ice/Direct.h ../../../include/Ice/BuiltinSequences.h ../../../include/Ice/LocalException.h ../../../include/Ice/ObjectFactory.h
-Client.o: Client.cpp ../../../include/Ice/Ice.h ../../../include/Ice/GCRecMutex.h ../../../include/IceUtil/RecMutex.h ../../../include/IceUtil/Config.h ../../../include/IceUtil/Lock.h ../../../include/IceUtil/ThreadException.h ../../../include/IceUtil/Exception.h ../../../include/Ice/Config.h ../../../include/Ice/GCShared.h ../../../include/Ice/GC.h ../../../include/IceUtil/Thread.h ../../../include/IceUtil/Shared.h ../../../include/IceUtil/Handle.h ../../../include/IceUtil/Mutex.h ../../../include/IceUtil/Monitor.h ../../../include/IceUtil/Cond.h ../../../include/IceUtil/Time.h ../../../include/Ice/Initialize.h ../../../include/Ice/CommunicatorF.h ../../../include/Ice/LocalObjectF.h ../../../include/Ice/Handle.h ../../../include/Ice/ProxyF.h ../../../include/Ice/ProxyHandle.h ../../../include/Ice/ObjectF.h ../../../include/Ice/Exception.h ../../../include/Ice/LocalObject.h ../../../include/Ice/UndefSysMacros.h ../../../include/Ice/PropertiesF.h ../../../include/Ice/InstanceF.h ../../../include/Ice/BuiltinSequences.h ../../../include/Ice/Proxy.h ../../../include/Ice/ProxyFactoryF.h ../../../include/Ice/ConnectionIF.h ../../../include/Ice/EndpointIF.h ../../../include/Ice/Endpoint.h ../../../include/Ice/ObjectAdapterF.h ../../../include/Ice/ReferenceF.h ../../../include/Ice/OutgoingAsyncF.h ../../../include/Ice/Current.h ../../../include/Ice/ConnectionF.h ../../../include/Ice/Identity.h ../../../include/Ice/StreamF.h ../../../include/Ice/LocalException.h ../../../include/Ice/Properties.h ../../../include/Ice/Logger.h ../../../include/Ice/LoggerUtil.h ../../../include/Ice/LoggerF.h ../../../include/Ice/Stats.h ../../../include/Ice/Communicator.h ../../../include/Ice/StatsF.h ../../../include/Ice/ObjectFactoryF.h ../../../include/Ice/RouterF.h ../../../include/Ice/LocatorF.h ../../../include/Ice/PluginF.h ../../../include/Ice/ObjectFactory.h ../../../include/Ice/ObjectAdapter.h ../../../include/Ice/ServantLocatorF.h ../../../include/Ice/FacetMap.h ../../../include/Ice/ServantLocator.h ../../../include/Ice/Object.h ../../../include/Ice/IncomingAsyncF.h ../../../include/Ice/IdentityUtil.h ../../../include/Ice/OutgoingAsync.h ../../../include/Ice/IncomingAsync.h ../../../include/Ice/Incoming.h ../../../include/Ice/ServantManagerF.h ../../../include/Ice/BasicStream.h ../../../include/Ice/Buffer.h ../../../include/Ice/Process.h ../../../include/Ice/Outgoing.h ../../../include/Ice/Direct.h ../../../include/Ice/Application.h ../../../include/Ice/Connection.h ../../../include/Ice/Functional.h ../../../include/IceUtil/Functional.h ../../../include/Ice/Stream.h ../../../include/IceSSL/Plugin.h ../../../include/Ice/Plugin.h ../../../include/IceSSL/CertificateVerifierF.h ../../../include/IceSSL/Exception.h ../../include/TestCommon.h ./Pinger.h
-Server.o: Server.cpp ../../../include/Ice/Ice.h ../../../include/Ice/GCRecMutex.h ../../../include/IceUtil/RecMutex.h ../../../include/IceUtil/Config.h ../../../include/IceUtil/Lock.h ../../../include/IceUtil/ThreadException.h ../../../include/IceUtil/Exception.h ../../../include/Ice/Config.h ../../../include/Ice/GCShared.h ../../../include/Ice/GC.h ../../../include/IceUtil/Thread.h ../../../include/IceUtil/Shared.h ../../../include/IceUtil/Handle.h ../../../include/IceUtil/Mutex.h ../../../include/IceUtil/Monitor.h ../../../include/IceUtil/Cond.h ../../../include/IceUtil/Time.h ../../../include/Ice/Initialize.h ../../../include/Ice/CommunicatorF.h ../../../include/Ice/LocalObjectF.h ../../../include/Ice/Handle.h ../../../include/Ice/ProxyF.h ../../../include/Ice/ProxyHandle.h ../../../include/Ice/ObjectF.h ../../../include/Ice/Exception.h ../../../include/Ice/LocalObject.h ../../../include/Ice/UndefSysMacros.h ../../../include/Ice/PropertiesF.h ../../../include/Ice/InstanceF.h ../../../include/Ice/BuiltinSequences.h ../../../include/Ice/Proxy.h ../../../include/Ice/ProxyFactoryF.h ../../../include/Ice/ConnectionIF.h ../../../include/Ice/EndpointIF.h ../../../include/Ice/Endpoint.h ../../../include/Ice/ObjectAdapterF.h ../../../include/Ice/ReferenceF.h ../../../include/Ice/OutgoingAsyncF.h ../../../include/Ice/Current.h ../../../include/Ice/ConnectionF.h ../../../include/Ice/Identity.h ../../../include/Ice/StreamF.h ../../../include/Ice/LocalException.h ../../../include/Ice/Properties.h ../../../include/Ice/Logger.h ../../../include/Ice/LoggerUtil.h ../../../include/Ice/LoggerF.h ../../../include/Ice/Stats.h ../../../include/Ice/Communicator.h ../../../include/Ice/StatsF.h ../../../include/Ice/ObjectFactoryF.h ../../../include/Ice/RouterF.h ../../../include/Ice/LocatorF.h ../../../include/Ice/PluginF.h ../../../include/Ice/ObjectFactory.h ../../../include/Ice/ObjectAdapter.h ../../../include/Ice/ServantLocatorF.h ../../../include/Ice/FacetMap.h ../../../include/Ice/ServantLocator.h ../../../include/Ice/Object.h ../../../include/Ice/IncomingAsyncF.h ../../../include/Ice/IdentityUtil.h ../../../include/Ice/OutgoingAsync.h ../../../include/Ice/IncomingAsync.h ../../../include/Ice/Incoming.h ../../../include/Ice/ServantManagerF.h ../../../include/Ice/BasicStream.h ../../../include/Ice/Buffer.h ../../../include/Ice/Process.h ../../../include/Ice/Outgoing.h ../../../include/Ice/Direct.h ../../../include/Ice/Application.h ../../../include/Ice/Connection.h ../../../include/Ice/Functional.h ../../../include/IceUtil/Functional.h ../../../include/Ice/Stream.h ../../../include/IceSSL/RSACertificateGen.h ../../../include/IceSSL/RSAKeyPairF.h ../../../include/IceSSL/Config.h ../../../include/IceSSL/RSAKeyPair.h ../../../include/IceSSL/RSACertificateGenF.h ../../../include/IceSSL/RSAPrivateKeyF.h ../../../include/IceSSL/RSAPublicKeyF.h ../../../include/IceSSL/Plugin.h ../../../include/Ice/Plugin.h ../../../include/IceSSL/CertificateVerifierF.h ./Pinger.h
-Pinger.cpp: Pinger.ice ../../../slice/Ice/BuiltinSequences.ice
diff --git a/cpp/test/IceSSL/certificateVerification/Client.cpp b/cpp/test/IceSSL/certificateVerification/Client.cpp
deleted file mode 100644
index aeab0bf195a..00000000000
--- a/cpp/test/IceSSL/certificateVerification/Client.cpp
+++ /dev/null
@@ -1,223 +0,0 @@
-// **********************************************************************
-//
-// Copyright (c) 2003-2006 ZeroC, Inc. All rights reserved.
-//
-// This copy of Ice is licensed to you under the terms described in the
-// ICE_LICENSE file included in this distribution.
-//
-// **********************************************************************
-
-#include <Ice/Ice.h>
-#include <IceSSL/Plugin.h>
-#include <IceSSL/Exception.h>
-#include <TestCommon.h>
-#include <Pinger.h>
-
-using namespace std;
-using namespace Test;
-
-int
-run(int argc, char* argv[], const Ice::CommunicatorPtr& communicator)
-{
-    const string ref1 = "pinger:ssl -p 12010 -t 10000";
-    const string ref2 = "pinger:ssl -p 12011 -t 10000";
-    const string ref3 = "pinger:ssl -p 12347 -t 10000";
-    const string ref4 = "pinger:ssl -p 12348 -t 10000";
-    const string ref5 = "pinger:ssl -p 12349 -t 10000";
-
-    KeyManagerPrx km = KeyManagerPrx::checkedCast(communicator->stringToProxy("keyManager:tcp -p 12344 -t 10000"));
-
-    Ice::ByteSeq serverTrustedCert;
-    Ice::ByteSeq serverUntrustedCert;
-    Ice::ByteSeq clientTrustedKey;
-    Ice::ByteSeq clientTrustedCert;
-    Ice::ByteSeq clientUntrustedKey;
-    Ice::ByteSeq clientUntrustedCert;
-
-    km->getServerCerts(serverTrustedCert,serverUntrustedCert);
-    km->getTrustedClientKeys(clientTrustedKey,clientTrustedCert);
-    km->getUntrustedClientKeys(clientUntrustedKey,clientUntrustedCert);
-
-    Ice::PluginPtr plugin = communicator->getPluginManager()->getPlugin("IceSSL");
-    IceSSL::PluginPtr sslPlugin = IceSSL::PluginPtr::dynamicCast(plugin);
-
-    Ice::PropertiesPtr properties = communicator->getProperties();
-
-    // Use test related paths - override values in TestUtil.py
-    std::string clientCertPath = properties->getProperty("TestSSL.Client.CertPath");
-    std::string serverCertPath = properties->getProperty("TestSSL.Server.CertPath");
-    properties->setProperty("IceSSL.Client.CertPath", clientCertPath);
-    properties->setProperty("IceSSL.Server.CertPath", serverCertPath);
-
-    bool singleCertVerifier = false;
-    if(properties->getProperty("TestSSL.Client.CertificateVerifier") == "singleCert")
-    {
-        singleCertVerifier = true;
-    }
-
-    if(!singleCertVerifier)
-    {
-        cout << "client and server trusted, client using stock certificate... " << flush;
-
-        properties->setProperty("IceSSL.Client.Config", "sslconfig_6.xml");
-        sslPlugin->configure(IceSSL::Client);
-        sslPlugin->addTrustedCertificate(IceSSL::Client, serverTrustedCert);
-        try
-        {
-	    Ice::ObjectPrx pinger1 = communicator->stringToProxy(ref1);
-            pinger1->ice_ping();
-            cout << "ok" << endl;
-        }
-        catch(const Ice::LocalException& ex)
-        {
-            cout << ex << endl;
-            km->shutdown();
-            test(false);
-        }
-    }
-
-    properties->setProperty("IceSSL.Client.Config", "sslconfig_7.xml");
-
-    cout << "client and server do not trust each other... " << flush;
-
-    // Neither Client nor Server will trust.
-    sslPlugin->configure(IceSSL::Client);
-    sslPlugin->addTrustedCertificate(IceSSL::Client, serverUntrustedCert);
-    if(singleCertVerifier)
-    {
-        IceSSL::CertificateVerifierPtr certVerifier = sslPlugin->getSingleCertVerifier(serverUntrustedCert);
-        sslPlugin->setCertificateVerifier(IceSSL::Client, certVerifier);
-    }
-    sslPlugin->setRSAKeys(IceSSL::Client, clientUntrustedKey, clientUntrustedCert);
-    try
-    {
-	Ice::ObjectPrx pinger2 = communicator->stringToProxy(ref2);
-        pinger2->ice_ping();
-        km->shutdown();
-        test(false);
-    }
-    catch(const IceSSL::CertificateVerificationException&)
-    {
-	cout << "ok" << endl;
-    }
-    catch(const Ice::LocalException& ex)
-    {
-	cout << ex << endl;
-        km->shutdown();
-        test(false);
-    }
-
-    cout << "client trusted, server not trusted... " << flush;
-
-    // Client will not trust Server, but Server will trust Client.
-    sslPlugin->setRSAKeys(IceSSL::Client, clientTrustedKey, clientTrustedCert);
-    try
-    {
-	Ice::ObjectPrx pinger3 = communicator->stringToProxy(ref3);
-        pinger3->ice_ping();
-        km->shutdown();
-        test(false);
-    }
-    catch(const IceSSL::CertificateVerificationException&)
-    {
-	cout << "ok" << endl;
-    }
-    catch(const Ice::LocalException& ex)
-    {
-	cout << ex << endl;
-        km->shutdown();
-        test(false);
-    }
-
-    cout << "client trusts server, server does not trust client... " << flush;
-
-    // Client trusts, Server does not.
-    sslPlugin->configure(IceSSL::Client);
-    sslPlugin->addTrustedCertificate(IceSSL::Client, serverTrustedCert);
-    if(singleCertVerifier)
-    {
-        IceSSL::CertificateVerifierPtr certVerifier = sslPlugin->getSingleCertVerifier(serverTrustedCert);
-        sslPlugin->setCertificateVerifier(IceSSL::Client, certVerifier);
-    }
-    sslPlugin->setRSAKeys(IceSSL::Client, clientUntrustedKey, clientUntrustedCert);
-    try
-    {
-	Ice::ObjectPrx pinger4 = communicator->stringToProxy(ref4);
-        pinger4->ice_ping();
-        km->shutdown();
-        test(false);
-    }
-    catch(const IceSSL::ProtocolException&)
-    {
-        // Note: We expect that the server will send an alert 48 back to the client,
-        //       generating this exception.
-	cout << "ok" << endl;
-    }
-    catch(const Ice::LocalException& ex)
-    {
-	cout << ex << endl;
-        km->shutdown();
-        test(false);
-    }
-
-    cout << "both client and server trust each other... " << flush;
-
-    // Both Client and Server trust.
-    sslPlugin->setRSAKeys(IceSSL::Client, clientTrustedKey, clientTrustedCert);
-
-    try
-    {
-	Ice::ObjectPrx pinger5 = communicator->stringToProxy(ref5);
-	pinger5->ice_ping();
-	cout << "ok" << endl;
-    }
-    catch(const Ice::LocalException& ex)
-    {
-	cout << ex << endl;
-        km->shutdown();
-        test(false);
-    }
-
-    cout << "shutting down... " << flush;
-    km->shutdown();
-    cout << "ok" << endl;
-
-    return EXIT_SUCCESS;
-}
-
-int
-main(int argc, char* argv[])
-{
-    int status;
-    Ice::CommunicatorPtr communicator;
-
-    try
-    {
-	communicator = Ice::initialize(argc, argv);
-        Ice::PropertiesPtr properties = communicator->getProperties();
-        Ice::StringSeq args = Ice::argsToStringSeq(argc, argv);
-        args = properties->parseCommandLineOptions("TestSSL", args);
-        Ice::stringSeqToArgs(args, argc, argv);
-	status = run(argc, argv, communicator);
-    }
-    catch(const Ice::Exception& ex)
-    {
-	cerr << ex << endl;
-	status = EXIT_FAILURE;
-    }
-
-    if(communicator)
-    {
-	try
-	{
-	    communicator->destroy();
-	}
-	catch(const Ice::Exception& ex)
-	{
-	    cerr << ex << endl;
-	    status = EXIT_FAILURE;
-	}
-    }
-
-    return status;
-}
diff --git a/cpp/test/IceSSL/certificateVerification/Makefile b/cpp/test/IceSSL/certificateVerification/Makefile
deleted file mode 100644
index 60a4b9595eb..00000000000
--- a/cpp/test/IceSSL/certificateVerification/Makefile
+++ /dev/null
@@ -1,41 +0,0 @@
-# **********************************************************************
-#
-# Copyright (c) 2003-2006 ZeroC, Inc. All rights reserved.
-#
-# This copy of Ice is licensed to you under the terms described in the
-# ICE_LICENSE file included in this distribution.
-#
-# **********************************************************************
-
-top_srcdir	= ../../..
-
-CLIENT		= client
-SERVER		= server
-
-TARGETS		= $(CLIENT) $(SERVER)
-
-OBJS		= Pinger.o
-
-COBJS		= Client.o 
-
-SOBJS		= Server.o
-
-SRCS		= $(OBJS:.o=.cpp) \
-		  $(COBJS:.o=.cpp) \
-		  $(SOBJS:.o=.cpp)
-
-SLICE_SRCS	= Pinger.ice
-
-include $(top_srcdir)/config/Make.rules
-
-CPPFLAGS	:= -I. -I../../include $(OPENSSL_FLAGS) $(CPPFLAGS)
-
-$(CLIENT): $(OBJS) $(COBJS)
-	rm -f $@
-	$(CXX) $(LDFLAGS) -o $@ $(OBJS) $(COBJS) $(OPENSSL_RPATH_LINK) -lIceSSL $(EXPAT_RPATH_LINK) -lIceXML $(LIBS) $(OPENSSL_LIBS)
-
-$(SERVER): $(OBJS) $(SOBJS)
-	rm -f $@
-	$(CXX) $(LDFLAGS) -o $@ $(OBJS) $(SOBJS) $(OPENSSL_RPATH_LINK) -lIceSSL $(EXPAT_RPATH_LINK) -lIceXML $(LIBS) $(OPENSSL_LIBS)
-
-include .depend
diff --git a/cpp/test/IceSSL/certificateVerification/Server.cpp b/cpp/test/IceSSL/certificateVerification/Server.cpp
deleted file mode 100644
index 5ca1c4d7df6..00000000000
--- a/cpp/test/IceSSL/certificateVerification/Server.cpp
+++ /dev/null
@@ -1,207 +0,0 @@
-// **********************************************************************
-//
-// Copyright (c) 2003-2006 ZeroC, Inc. All rights reserved.
-//
-// This copy of Ice is licensed to you under the terms described in the
-// ICE_LICENSE file included in this distribution.
-//
-// **********************************************************************
-
-#include <Ice/Ice.h>
-#include <IceSSL/RSACertificateGen.h>
-#include <IceSSL/RSAKeyPair.h>
-#include <IceSSL/Plugin.h>
-#include <Pinger.h>
-
-using namespace std;
-using namespace Test;
-
-class KeyManagerI : public KeyManager
-{
-
-public:
-
-    KeyManagerI(const IceSSL::RSAKeyPairPtr&, const IceSSL::RSAKeyPairPtr&,
-                const IceSSL::RSAKeyPairPtr&, const IceSSL::RSAKeyPairPtr&);
-
-    virtual void getServerCerts(Ice::ByteSeq&, Ice::ByteSeq&, const ::Ice::Current&);
-    virtual void getTrustedClientKeys(Ice::ByteSeq&, Ice::ByteSeq&, const ::Ice::Current&);
-    virtual void getUntrustedClientKeys(Ice::ByteSeq&, Ice::ByteSeq&, const ::Ice::Current&);
-    virtual void shutdown(const ::Ice::Current&);
-
-protected:
-
-    const IceSSL::RSAKeyPairPtr _serverTrusted;
-    const IceSSL::RSAKeyPairPtr _serverUntrusted;
-    const IceSSL::RSAKeyPairPtr _clientTrusted;
-    const IceSSL::RSAKeyPairPtr _clientUntrusted;
-};
-
-KeyManagerI::KeyManagerI(const IceSSL::RSAKeyPairPtr& serverTrusted,
-                         const IceSSL::RSAKeyPairPtr& serverUntrusted,
-                         const IceSSL::RSAKeyPairPtr& clientTrusted,
-                         const IceSSL::RSAKeyPairPtr& clientUntrusted) :
-            _serverTrusted(serverTrusted), _serverUntrusted(serverUntrusted),
-            _clientTrusted(clientTrusted), _clientUntrusted(clientUntrusted)
-{
-}
-
-void
-KeyManagerI::getServerCerts(Ice::ByteSeq& trusted, Ice::ByteSeq& untrusted, const ::Ice::Current&)
-{
-    _serverTrusted->certToByteSeq(trusted);
-    _serverUntrusted->certToByteSeq(untrusted);
-}
-
-void
-KeyManagerI::getTrustedClientKeys(Ice::ByteSeq& key, Ice::ByteSeq& cert, const ::Ice::Current&)
-{
-    _clientTrusted->keyToByteSeq(key);
-    _clientTrusted->certToByteSeq(cert);
-}
-
-void
-KeyManagerI::getUntrustedClientKeys(Ice::ByteSeq& key, Ice::ByteSeq& cert, const ::Ice::Current&)
-{
-    _clientUntrusted->keyToByteSeq(key);
-    _clientUntrusted->certToByteSeq(cert);
-}
-
-void
-KeyManagerI::shutdown(const ::Ice::Current& c)
-{
-    c.adapter->getCommunicator()->shutdown();
-}
-
-class PingerI : public Pinger
-{
-public:
-
-    PingerI() { }
-};
-
-int
-run(int argc, char* argv[], const Ice::CommunicatorPtr& communicator)
-{
-    Ice::PropertiesPtr properties = communicator->getProperties();
-
-    std::string certPath = properties->getProperty("TestSSL.Server.CertPath");
-    properties->setProperty("IceSSL.Server.CertPath", certPath);
-
-    properties->setProperty("Ice.Warn.Connections", "0");
-    properties->setProperty("IceSSL.Server.Config", "sslconfig_8.xml");
-
-    Ice::PluginPtr plugin = communicator->getPluginManager()->getPlugin("IceSSL");
-    IceSSL::PluginPtr sslPlugin = IceSSL::PluginPtr::dynamicCast(plugin);
-    sslPlugin->configure(IceSSL::Server);
-
-    IceSSL::RSACertificateGen certGen;
-
-    IceSSL::RSACertificateGenContext certGenContext;
-
-    // Base setup.
-    certGenContext.setCountry("US");
-    certGenContext.setStateProvince("DC");
-    certGenContext.setLocality("Washington");
-    certGenContext.setOrganization("Some Company Inc.");
-    certGenContext.setOrgainizationalUnit("Sales");
-    certGenContext.setBitStrength(1024);
-    certGenContext.setSecondsValid(IceSSL::RSACertificateGenContext::hoursToSeconds(1));
-
-    IceSSL::RSAKeyPairPtr serverTrusted;
-    IceSSL::RSAKeyPairPtr serverUntrusted;
-    IceSSL::RSAKeyPairPtr clientTrusted;
-    IceSSL::RSAKeyPairPtr clientUntrusted;
-
-    certGenContext.setCommonName("Server Trusted");
-    serverTrusted = certGen.generate(certGenContext);
-
-    certGenContext.setCommonName("Server Untrusted");
-    serverUntrusted = certGen.generate(certGenContext);
-
-    certGenContext.setCommonName("Client Trusted");
-    clientTrusted = certGen.generate(certGenContext);
-
-    certGenContext.setCommonName("Client Untrusted");
-    clientUntrusted = certGen.generate(certGenContext);
-
-    Ice::ObjectPtr object = new KeyManagerI(serverTrusted, serverUntrusted, clientTrusted, clientUntrusted);
-
-    Ice::ByteSeq trustedCertificate;
-    Ice::ByteSeq serverCertificate;
-    Ice::ByteSeq serverKey;
-
-    clientTrusted->certToByteSeq(trustedCertificate);
-    serverTrusted->certToByteSeq(serverCertificate);
-    serverTrusted->keyToByteSeq(serverKey);
-
-    sslPlugin->addTrustedCertificate(IceSSL::Server, trustedCertificate);
-    sslPlugin->setRSAKeys(IceSSL::Server, serverKey, serverCertificate);
-
-    if(properties->getProperty("TestSSL.Server.CertificateVerifier") == "singleCert")
-    {
-        IceSSL::CertificateVerifierPtr certVerifier = sslPlugin->getSingleCertVerifier(trustedCertificate);
-        sslPlugin->setCertificateVerifier(IceSSL::Server, certVerifier);
-    }
-
-    properties->setProperty("KeyManagerAdapter.Endpoints", "tcp -p 12344 -t 10000");
-    bool printAdapterReady = properties->getPropertyAsInt("Ice.PrintAdapterReady") > 0;
-    properties->setProperty("Ice.PrintAdapterReady", "0");
-    Ice::ObjectAdapterPtr kmAdapter = communicator->createObjectAdapter("KeyManagerAdapter");
-    kmAdapter->add(object, Ice::stringToIdentity("keyManager"));
-    kmAdapter->activate();
-
-    const string pingerEndpoints =
-	"ssl -p 12010 -t 10000"
-	":ssl -p 12011 -t 10000"
-	":ssl -p 12347 -t 10000"
-	":ssl -p 12348 -t 10000"
-	":ssl -p 12349 -t 10000";
-    if(printAdapterReady)
-    {
-	properties->setProperty("Ice.PrintAdapterReady", "1");
-    }
-    properties->setProperty("PingerAdapter.Endpoints", pingerEndpoints);
-    Ice::ObjectAdapterPtr adapter = communicator->createObjectAdapter("PingerAdapter");
-    adapter->add(new PingerI(), Ice::stringToIdentity("pinger"));
-    adapter->activate();
-    communicator->waitForShutdown();
-    return EXIT_SUCCESS;
-}
-
-int
-main(int argc, char* argv[])
-{
-    int status;
-    Ice::CommunicatorPtr communicator;
-
-    try
-    {
-	communicator = Ice::initialize(argc, argv);
-        Ice::PropertiesPtr properties = communicator->getProperties();
-        Ice::StringSeq args = Ice::argsToStringSeq(argc, argv);
-        args = properties->parseCommandLineOptions("TestSSL", args);
-        Ice::stringSeqToArgs(args, argc, argv);
-	status = run(argc, argv, communicator);
-    }
-    catch(const Ice::Exception& ex)
-    {
-	cerr << ex << endl;
-	status = EXIT_FAILURE;
-    }
-
-    if(communicator)
-    {
-	try
-	{
-	    communicator->destroy();
-	}
-	catch(const Ice::Exception& ex)
-	{
-	    cerr << ex << endl;
-	    status = EXIT_FAILURE;
-	}
-    }
-
-    return status;
-}
diff --git a/cpp/test/IceSSL/certificateVerification/certificateverificationC.dsp b/cpp/test/IceSSL/certificateVerification/certificateverificationC.dsp
deleted file mode 100644
index e733c061140..00000000000
--- a/cpp/test/IceSSL/certificateVerification/certificateverificationC.dsp
+++ /dev/null
@@ -1,153 +0,0 @@
-# Microsoft Developer Studio Project File - Name="certificateverificationC" - Package Owner=<4>

-# Microsoft Developer Studio Generated Build File, Format Version 6.00

-# ** DO NOT EDIT **

-

-# TARGTYPE "Win32 (x86) Console Application" 0x0103

-

-CFG=certificateverificationC - Win32 Debug

-!MESSAGE This is not a valid makefile. To build this project using NMAKE,

-!MESSAGE use the Export Makefile command and run

-!MESSAGE 

-!MESSAGE NMAKE /f "certificateverificationC.mak".

-!MESSAGE 

-!MESSAGE You can specify a configuration when running NMAKE

-!MESSAGE by defining the macro CFG on the command line. For example:

-!MESSAGE 

-!MESSAGE NMAKE /f "certificateverificationC.mak" CFG="certificateverificationC - Win32 Debug"

-!MESSAGE 

-!MESSAGE Possible choices for configuration are:

-!MESSAGE 

-!MESSAGE "certificateverificationC - Win32 Release" (based on "Win32 (x86) Console Application")

-!MESSAGE "certificateverificationC - Win32 Debug" (based on "Win32 (x86) Console Application")

-!MESSAGE 

-

-# Begin Project

-# PROP AllowPerConfigDependencies 0

-# PROP Scc_ProjName ""

-# PROP Scc_LocalPath ""

-CPP=cl.exe

-RSC=rc.exe

-

-!IF  "$(CFG)" == "certificateverificationC - Win32 Release"

-

-# PROP BASE Use_MFC 0

-# PROP BASE Use_Debug_Libraries 0

-# PROP BASE Output_Dir "Release"

-# PROP BASE Intermediate_Dir "Release"

-# PROP BASE Target_Dir ""

-# PROP Use_MFC 0

-# PROP Use_Debug_Libraries 0

-# PROP Output_Dir "Release"

-# PROP Intermediate_Dir "Release"

-# PROP Ignore_Export_Lib 0

-# PROP Target_Dir ""

-# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /Yu"stdafx.h" /FD /c

-# ADD CPP /nologo /MD /W3 /WX /GR /GX /O2 /I "." /I "../../../include" /I "../../include" /D "_CONSOLE" /D "NDEBUG" /D "WIN32_LEAN_AND_MEAN" /FD /c

-# SUBTRACT CPP /Z<none> /YX

-# ADD BASE RSC /l 0x409 /d "NDEBUG"

-# ADD RSC /l 0x409 /d "NDEBUG"

-BSC32=bscmake.exe

-# ADD BASE BSC32 /nologo

-# ADD BSC32 /nologo

-LINK32=link.exe

-# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386

-# ADD LINK32 /nologo /subsystem:console /pdb:none /machine:I386 /out:"client.exe" /libpath:"../../../lib" /FIXED:no

-# SUBTRACT LINK32 /debug

-

-!ELSEIF  "$(CFG)" == "certificateverificationC - Win32 Debug"

-

-# PROP BASE Use_MFC 0

-# PROP BASE Use_Debug_Libraries 1

-# PROP BASE Output_Dir "Debug"

-# PROP BASE Intermediate_Dir "Debug"

-# PROP BASE Target_Dir ""

-# PROP Use_MFC 0

-# PROP Use_Debug_Libraries 1

-# PROP Output_Dir "Debug"

-# PROP Intermediate_Dir "Debug"

-# PROP Ignore_Export_Lib 0

-# PROP Target_Dir ""

-# ADD BASE CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /Yu"stdafx.h" /FD /GZ /c

-# ADD CPP /nologo /MDd /W3 /WX /Gm /GR /GX /Zi /Od /I "." /I "../../../include" /I "../../include" /D "_CONSOLE" /D "_DEBUG" /D "WIN32_LEAN_AND_MEAN" /FD /GZ /c

-# SUBTRACT CPP /YX

-# ADD BASE RSC /l 0x409 /d "_DEBUG"

-# ADD RSC /l 0x409 /d "_DEBUG"

-BSC32=bscmake.exe

-# ADD BASE BSC32 /nologo

-# ADD BSC32 /nologo

-LINK32=link.exe

-# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept

-# ADD LINK32 /nologo /subsystem:console /debug /machine:I386 /out:"client.exe" /pdbtype:sept /libpath:"../../../lib" /FIXED:no

-# SUBTRACT LINK32 /pdb:none

-

-!ENDIF 

-

-# Begin Target

-

-# Name "certificateverificationC - Win32 Release"

-# Name "certificateverificationC - Win32 Debug"

-# Begin Group "Source Files"

-

-# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat"

-# Begin Source File

-

-SOURCE=.\Client.cpp

-# End Source File

-# Begin Source File

-

-SOURCE=.\Pinger.cpp

-# End Source File

-# End Group

-# Begin Group "Header Files"

-

-# PROP Default_Filter "h;hpp;hxx;hm;inl"

-# Begin Source File

-

-SOURCE=.\Pinger.h

-# End Source File

-# End Group

-# Begin Group "Resource Files"

-

-# PROP Default_Filter "ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe"

-# Begin Source File

-

-SOURCE=.\Pinger.ice

-

-!IF  "$(CFG)" == "certificateverificationC - Win32 Release"

-

-USERDEP__PINGE="..\..\..\bin\slice2cpp.exe"	"..\..\..\lib\slice.lib"	

-# Begin Custom Build

-InputPath=.\Pinger.ice

-

-BuildCmds= \

-	..\..\..\bin\slice2cpp.exe -I../../../slice Pinger.ice

-

-"Pinger.h" : $(SOURCE) "$(INTDIR)" "$(OUTDIR)"

-   $(BuildCmds)

-

-"Pinger.cpp" : $(SOURCE) "$(INTDIR)" "$(OUTDIR)"

-   $(BuildCmds)

-# End Custom Build

-

-!ELSEIF  "$(CFG)" == "certificateverificationC - Win32 Debug"

-

-USERDEP__PINGE="..\..\..\bin\slice2cpp.exe"	"..\..\..\lib\sliced.lib"	

-# Begin Custom Build

-InputPath=.\Pinger.ice

-

-BuildCmds= \

-	..\..\..\bin\slice2cpp.exe -I../../../slice Pinger.ice

-

-"Pinger.h" : $(SOURCE) "$(INTDIR)" "$(OUTDIR)"

-   $(BuildCmds)

-

-"Pinger.cpp" : $(SOURCE) "$(INTDIR)" "$(OUTDIR)"

-   $(BuildCmds)

-# End Custom Build

-

-!ENDIF 

-

-# End Source File

-# End Group

-# End Target

-# End Project

diff --git a/cpp/test/IceSSL/certificateVerification/certificateverificationS.dsp b/cpp/test/IceSSL/certificateVerification/certificateverificationS.dsp
deleted file mode 100644
index 0f77b79200c..00000000000
--- a/cpp/test/IceSSL/certificateVerification/certificateverificationS.dsp
+++ /dev/null
@@ -1,153 +0,0 @@
-# Microsoft Developer Studio Project File - Name="certificateverificationS" - Package Owner=<4>

-# Microsoft Developer Studio Generated Build File, Format Version 6.00

-# ** DO NOT EDIT **

-

-# TARGTYPE "Win32 (x86) Console Application" 0x0103

-

-CFG=certificateverificationS - Win32 Debug

-!MESSAGE This is not a valid makefile. To build this project using NMAKE,

-!MESSAGE use the Export Makefile command and run

-!MESSAGE 

-!MESSAGE NMAKE /f "certificateverificationS.mak".

-!MESSAGE 

-!MESSAGE You can specify a configuration when running NMAKE

-!MESSAGE by defining the macro CFG on the command line. For example:

-!MESSAGE 

-!MESSAGE NMAKE /f "certificateverificationS.mak" CFG="certificateverificationS - Win32 Debug"

-!MESSAGE 

-!MESSAGE Possible choices for configuration are:

-!MESSAGE 

-!MESSAGE "certificateverificationS - Win32 Release" (based on "Win32 (x86) Console Application")

-!MESSAGE "certificateverificationS - Win32 Debug" (based on "Win32 (x86) Console Application")

-!MESSAGE 

-

-# Begin Project

-# PROP AllowPerConfigDependencies 0

-# PROP Scc_ProjName ""

-# PROP Scc_LocalPath ""

-CPP=cl.exe

-RSC=rc.exe

-

-!IF  "$(CFG)" == "certificateverificationS - Win32 Release"

-

-# PROP BASE Use_MFC 0

-# PROP BASE Use_Debug_Libraries 0

-# PROP BASE Output_Dir "Release"

-# PROP BASE Intermediate_Dir "Release"

-# PROP BASE Target_Dir ""

-# PROP Use_MFC 0

-# PROP Use_Debug_Libraries 0

-# PROP Output_Dir "Release"

-# PROP Intermediate_Dir "Release"

-# PROP Ignore_Export_Lib 0

-# PROP Target_Dir ""

-# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /Yu"stdafx.h" /FD /c

-# ADD CPP /nologo /MD /W3 /WX /GR /GX /O2 /I "." /I "../../../include" /I "../../include" /D "_CONSOLE" /D "NDEBUG" /D "WIN32_LEAN_AND_MEAN" /FD /c

-# SUBTRACT CPP /Z<none> /YX

-# ADD BASE RSC /l 0x409 /d "NDEBUG"

-# ADD RSC /l 0x409 /d "NDEBUG"

-BSC32=bscmake.exe

-# ADD BASE BSC32 /nologo

-# ADD BSC32 /nologo

-LINK32=link.exe

-# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386

-# ADD LINK32 /nologo /subsystem:console /pdb:none /machine:I386 /out:"server.exe" /libpath:"../../../lib" /FIXED:no

-# SUBTRACT LINK32 /debug

-

-!ELSEIF  "$(CFG)" == "certificateverificationS - Win32 Debug"

-

-# PROP BASE Use_MFC 0

-# PROP BASE Use_Debug_Libraries 1

-# PROP BASE Output_Dir "certificateverificationS___Win32_Debug"

-# PROP BASE Intermediate_Dir "certificateverificationS___Win32_Debug"

-# PROP BASE Target_Dir ""

-# PROP Use_MFC 0

-# PROP Use_Debug_Libraries 1

-# PROP Output_Dir "Debug"

-# PROP Intermediate_Dir "Debug"

-# PROP Ignore_Export_Lib 0

-# PROP Target_Dir ""

-# ADD BASE CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /Yu"stdafx.h" /FD /GZ /c

-# ADD CPP /nologo /MDd /W3 /WX /Gm /GR /GX /Zi /Od /I "." /I "../../../include" /I "../../include" /D "_CONSOLE" /D "_DEBUG" /D "WIN32_LEAN_AND_MEAN" /FD /GZ /c

-# SUBTRACT CPP /YX

-# ADD BASE RSC /l 0x409 /d "_DEBUG"

-# ADD RSC /l 0x409 /d "_DEBUG"

-BSC32=bscmake.exe

-# ADD BASE BSC32 /nologo

-# ADD BSC32 /nologo

-LINK32=link.exe

-# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept

-# ADD LINK32 /nologo /subsystem:console /debug /machine:I386 /out:"server.exe" /pdbtype:sept /libpath:"../../../lib" /FIXED:no

-# SUBTRACT LINK32 /pdb:none

-

-!ENDIF 

-

-# Begin Target

-

-# Name "certificateverificationS - Win32 Release"

-# Name "certificateverificationS - Win32 Debug"

-# Begin Group "Source Files"

-

-# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat"

-# Begin Source File

-

-SOURCE=.\Pinger.cpp

-# End Source File

-# Begin Source File

-

-SOURCE=.\Server.cpp

-# End Source File

-# End Group

-# Begin Group "Header Files"

-

-# PROP Default_Filter "h;hpp;hxx;hm;inl"

-# Begin Source File

-

-SOURCE=.\Pinger.h

-# End Source File

-# End Group

-# Begin Group "Resource Files"

-

-# PROP Default_Filter "ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe"

-# Begin Source File

-

-SOURCE=.\Pinger.ice

-

-!IF  "$(CFG)" == "certificateverificationS - Win32 Release"

-

-USERDEP__PINGE="..\..\..\bin\slice2cpp.exe"	"..\..\..\lib\slice.lib"	

-# Begin Custom Build

-InputPath=.\Pinger.ice

-

-BuildCmds= \

-	..\..\..\bin\slice2cpp.exe -I../../../slice Pinger.ice

-

-"Pinger.h" : $(SOURCE) "$(INTDIR)" "$(OUTDIR)"

-   $(BuildCmds)

-

-"Pinger.cpp" : $(SOURCE) "$(INTDIR)" "$(OUTDIR)"

-   $(BuildCmds)

-# End Custom Build

-

-!ELSEIF  "$(CFG)" == "certificateverificationS - Win32 Debug"

-

-USERDEP__PINGE="..\..\..\bin\slice2cpp.exe"	"..\..\..\lib\sliced.lib"	

-# Begin Custom Build

-InputPath=.\Pinger.ice

-

-BuildCmds= \

-	..\..\..\bin\slice2cpp.exe -I../../../slice Pinger.ice

-

-"Pinger.h" : $(SOURCE) "$(INTDIR)" "$(OUTDIR)"

-   $(BuildCmds)

-

-"Pinger.cpp" : $(SOURCE) "$(INTDIR)" "$(OUTDIR)"

-   $(BuildCmds)

-# End Custom Build

-

-!ENDIF 

-

-# End Source File

-# End Group

-# End Target

-# End Project

diff --git a/cpp/test/IceSSL/certificateVerification/run.py b/cpp/test/IceSSL/certificateVerification/run.py
deleted file mode 100755
index f4a9e44d0bc..00000000000
--- a/cpp/test/IceSSL/certificateVerification/run.py
+++ /dev/null
@@ -1,51 +0,0 @@
-#!/usr/bin/env python
-# **********************************************************************
-#
-# Copyright (c) 2003-2006 ZeroC, Inc. All rights reserved.
-#
-# This copy of Ice is licensed to you under the terms described in the
-# ICE_LICENSE file included in this distribution.
-#
-# **********************************************************************
-
-import os, sys
-
-for toplevel in [".", "..", "../..", "../../..", "../../../.."]:
-    toplevel = os.path.normpath(toplevel)
-    if os.path.exists(os.path.join(toplevel, "config", "TestUtil.py")):
-        break
-else:
-    raise "can't find toplevel directory!"
-
-sys.path.append(os.path.join(toplevel, "config"))
-import TestUtil
-
-if TestUtil.protocol != "ssl":
-    print "This test may only be run with SSL enabled."
-    sys.exit(0)
-
-oldClientOptions = TestUtil.clientOptions
-oldServerOptions = TestUtil.serverOptions
-oldClientServerOptions = TestUtil.clientServerOptions
-
-TestUtil.clientOptions += " --TestSSL.Client.CertPath=" + os.path.join(toplevel, "test", "IceSSL", "certs")
-TestUtil.serverOptions += " --TestSSL.Server.CertPath=" + os.path.join(toplevel, "test", "IceSSL", "certs")
-TestUtil.clientServerOptions += " --TestSSL.Client.CertPath=" + os.path.join(toplevel, "test", "IceSSL", "certs") + \
-                                " --TestSSL.Server.CertPath=" + os.path.join(toplevel, "test", "IceSSL", "certs")
-
-name = os.path.join("IceSSL", "certificateVerification")
-testdir = os.path.join(toplevel, "test", name)
-
-print "testing default certificate verifier."
-TestUtil.clientServerTest(name)
-
-print "testing single-certificate certificate verifier."
-TestUtil.clientOptions += " --TestSSL.Client.CertificateVerifier=singleCert"
-TestUtil.serverOptions += " --TestSSL.Server.CertificateVerifier=singleCert"
-TestUtil.clientServerTest(name)
-
-TestUtil.clientOptions = oldClientOptions
-TestUtil.serverOptions = oldServerOptions
-TestUtil.clientServerOptions = oldClientServerOptions
-
-sys.exit(0)
diff --git a/cpp/test/IceSSL/certificateVerifier/.depend b/cpp/test/IceSSL/certificateVerifier/.depend
deleted file mode 100644
index 869a2420c5c..00000000000
--- a/cpp/test/IceSSL/certificateVerifier/.depend
+++ /dev/null
@@ -1 +0,0 @@
-CertificateVerifier.o: CertificateVerifier.cpp ../../../include/Ice/Ice.h ../../../include/Ice/GCRecMutex.h ../../../include/IceUtil/RecMutex.h ../../../include/IceUtil/Config.h ../../../include/IceUtil/Lock.h ../../../include/IceUtil/ThreadException.h ../../../include/IceUtil/Exception.h ../../../include/Ice/Config.h ../../../include/Ice/GCShared.h ../../../include/Ice/GC.h ../../../include/IceUtil/Thread.h ../../../include/IceUtil/Shared.h ../../../include/IceUtil/Handle.h ../../../include/IceUtil/Mutex.h ../../../include/IceUtil/Monitor.h ../../../include/IceUtil/Cond.h ../../../include/IceUtil/Time.h ../../../include/Ice/Initialize.h ../../../include/Ice/CommunicatorF.h ../../../include/Ice/LocalObjectF.h ../../../include/Ice/Handle.h ../../../include/Ice/ProxyF.h ../../../include/Ice/ProxyHandle.h ../../../include/Ice/ObjectF.h ../../../include/Ice/Exception.h ../../../include/Ice/LocalObject.h ../../../include/Ice/UndefSysMacros.h ../../../include/Ice/PropertiesF.h ../../../include/Ice/InstanceF.h ../../../include/Ice/BuiltinSequences.h ../../../include/Ice/Proxy.h ../../../include/Ice/ProxyFactoryF.h ../../../include/Ice/ConnectionIF.h ../../../include/Ice/EndpointIF.h ../../../include/Ice/Endpoint.h ../../../include/Ice/ObjectAdapterF.h ../../../include/Ice/ReferenceF.h ../../../include/Ice/OutgoingAsyncF.h ../../../include/Ice/Current.h ../../../include/Ice/ConnectionF.h ../../../include/Ice/Identity.h ../../../include/Ice/StreamF.h ../../../include/Ice/LocalException.h ../../../include/Ice/Properties.h ../../../include/Ice/Logger.h ../../../include/Ice/LoggerUtil.h ../../../include/Ice/LoggerF.h ../../../include/Ice/Stats.h ../../../include/Ice/Communicator.h ../../../include/Ice/StatsF.h ../../../include/Ice/ObjectFactoryF.h ../../../include/Ice/RouterF.h ../../../include/Ice/LocatorF.h ../../../include/Ice/PluginF.h ../../../include/Ice/ObjectFactory.h ../../../include/Ice/ObjectAdapter.h ../../../include/Ice/ServantLocatorF.h ../../../include/Ice/FacetMap.h ../../../include/Ice/ServantLocator.h ../../../include/Ice/Object.h ../../../include/Ice/IncomingAsyncF.h ../../../include/Ice/IdentityUtil.h ../../../include/Ice/OutgoingAsync.h ../../../include/Ice/IncomingAsync.h ../../../include/Ice/Incoming.h ../../../include/Ice/ServantManagerF.h ../../../include/Ice/BasicStream.h ../../../include/Ice/Buffer.h ../../../include/Ice/Process.h ../../../include/Ice/Outgoing.h ../../../include/Ice/Direct.h ../../../include/Ice/Application.h ../../../include/Ice/Connection.h ../../../include/Ice/Functional.h ../../../include/IceUtil/Functional.h ../../../include/Ice/Stream.h ../../include/TestCommon.h ../../../include/IceSSL/CertificateVerifier.h ../../../include/IceSSL/Plugin.h ../../../include/Ice/Plugin.h ../../../include/IceSSL/CertificateVerifierF.h ../../../include/IceSSL/CertificateVerifierOpenSSL.h ../../../include/IceSSL/Config.h ../../../include/IceSSL/Exception.h
diff --git a/cpp/test/IceSSL/certificateVerifier/CertificateVerifier.cpp b/cpp/test/IceSSL/certificateVerifier/CertificateVerifier.cpp
deleted file mode 100644
index 7d5f79283a7..00000000000
--- a/cpp/test/IceSSL/certificateVerifier/CertificateVerifier.cpp
+++ /dev/null
@@ -1,186 +0,0 @@
-// **********************************************************************
-//
-// Copyright (c) 2003-2006 ZeroC, Inc. All rights reserved.
-//
-// This copy of Ice is licensed to you under the terms described in the
-// ICE_LICENSE file included in this distribution.
-//
-// **********************************************************************
-
-#include <Ice/Ice.h>
-#include <TestCommon.h>
-#include <IceSSL/CertificateVerifier.h>
-#include <IceSSL/CertificateVerifierOpenSSL.h>
-#include <IceSSL/Exception.h>
-#include <IceSSL/Plugin.h>
-
-using namespace std;
-using namespace Ice;
-
-//
-// Certificate Verifier definitions
-//
-
-class BadCertificateVerifier : virtual public ::IceSSL::CertificateVerifier
-{
-public:
-    virtual void setContext(IceSSL::ContextType type) { };
-};
-
-class GoodCertificateVerifier : virtual public ::IceSSL::CertificateVerifierOpenSSL
-{
-public:
-    virtual int verify(int, X509_STORE_CTX*, SSL*);
-    virtual void setContext(IceSSL::ContextType type) { };
-};
-
-int
-GoodCertificateVerifier::verify(int preVerifyOk, X509_STORE_CTX* certificateStore, SSL* sslConnection)
-{
-    return preVerifyOk;
-}
-
-//
-// certificateVerifierClient definition
-//
-
-void
-testExpectCertificateVerifierTypeException(const IceSSL::PluginPtr& plugin,
-                                           IceSSL::ContextType context,
-                                           const IceSSL::CertificateVerifierPtr& verifier)
-{
-    try
-    {
-        plugin->setCertificateVerifier(context, verifier);
-        test(false);
-    }
-    catch(const IceSSL::CertificateVerifierTypeException&)
-    {
-        std::cout << "ok" << std::endl;
-    }
-    catch(const Ice::LocalException&)
-    {
-        //
-        // Any other exception is bad.
-        //
-
-        test(false);
-    }
-    catch(...)
-    {
-        //
-        // Unknown exceptions are always bad.
-        //
-
-        test(false);
-    }
-}
-
-void
-testExpectNoException(const IceSSL::PluginPtr& plugin,
-                      IceSSL::ContextType context,
-                      const IceSSL::CertificateVerifierPtr& verifier)
-{
-    try
-    {
-        plugin->setCertificateVerifier(context, verifier);
-        std::cout << "ok" << std::endl;
-    }
-    catch(const Ice::LocalException&)
-    {
-        //
-        // Any other exception is bad.
-        //
-
-        test(false);
-    }
-    catch(...)
-    {
-        //
-        // Unknown exceptions are always bad.
-        //
-
-        test(false);
-    }
-}
-
-int
-run(int argc, char* argv[], const Ice::CommunicatorPtr& communicator)
-{
-    Ice::PluginPtr plugin = communicator->getPluginManager()->getPlugin("IceSSL");
-    IceSSL::PluginPtr sslPlugin = IceSSL::PluginPtr::dynamicCast(plugin);
-
-    IceSSL::CertificateVerifierPtr badVerifier  = new BadCertificateVerifier();
-    IceSSL::CertificateVerifierPtr goodVerifier = new GoodCertificateVerifier();
-
-    //
-    // Testing IceSSL::Client context type.
-    //
-
-    std::cout << "setting Certificate Verifiers on Client context." << std::endl;
-
-    std::cout << "setting verifier of wrong type... " << std::flush;
-    testExpectCertificateVerifierTypeException(sslPlugin, IceSSL::Client, badVerifier);
-
-    std::cout << "setting verifier of correct type... " << std::flush;
-    testExpectNoException(sslPlugin, IceSSL::Client, goodVerifier);
-
-    //
-    // Testing IceSSL::Server context type.
-    //
-
-    std::cout << "setting Certificate Verifiers on Server context." << std::endl;
-
-    std::cout << "setting verifier of wrong type... " << std::flush;
-    testExpectCertificateVerifierTypeException(sslPlugin, IceSSL::Server, badVerifier);
-
-    std::cout << "setting verifier of correct type... " << std::flush;
-    testExpectNoException(sslPlugin, IceSSL::Server, goodVerifier);
-
-    //
-    // Testing IceSSL::ClientServer context type.
-    //
-
-    std::cout << "setting Certificate Verifiers on Client and Server contexts." << std::endl;
-
-    std::cout << "setting verifier of wrong type... " << std::flush;
-    testExpectCertificateVerifierTypeException(sslPlugin, IceSSL::ClientServer, badVerifier);
-
-    std::cout << "setting verifier of correct type... " << std::flush;
-    testExpectNoException(sslPlugin, IceSSL::ClientServer, goodVerifier);
-
-    return EXIT_SUCCESS;
-}
-
-int
-main(int argc, char* argv[])
-{
-    int status;
-    Ice::CommunicatorPtr communicator;
-
-    try
-    {
-	communicator = Ice::initialize(argc, argv);
-	status = run(argc, argv, communicator);
-    }
-    catch(const Ice::Exception& ex)
-    {
-	cerr << ex << endl;
-	status = EXIT_FAILURE;
-    }
-
-    if(communicator)
-    {
-	try
-	{
-	    communicator->destroy();
-	}
-	catch(const Ice::Exception& ex)
-	{
-	    cerr << ex << endl;
-	    status = EXIT_FAILURE;
-	}
-    }
-
-    return status;
-}
diff --git a/cpp/test/IceSSL/certificateVerifier/Makefile b/cpp/test/IceSSL/certificateVerifier/Makefile
deleted file mode 100644
index f82c96f8285..00000000000
--- a/cpp/test/IceSSL/certificateVerifier/Makefile
+++ /dev/null
@@ -1,28 +0,0 @@
-# **********************************************************************
-#
-# Copyright (c) 2003-2006 ZeroC, Inc. All rights reserved.
-#
-# This copy of Ice is licensed to you under the terms described in the
-# ICE_LICENSE file included in this distribution.
-#
-# **********************************************************************
-
-top_srcdir	= ../../..
-
-CLIENT		= certificateVerifier
-
-TARGETS		= $(CLIENT)
-
-OBJS		= CertificateVerifier.o
-
-SRCS		= $(OBJS:.o=.cpp)
-
-include $(top_srcdir)/config/Make.rules
-
-CPPFLAGS	:= -I. -I../../include $(OPENSSL_FLAGS) $(CPPFLAGS)
-
-$(CLIENT): $(OBJS)
-	rm -f $@
-	$(CXX) $(LDFLAGS) -o $@ $(OBJS) $(OPENSSL_RPATH_LINK) -lIceSSL $(EXPAT_RPATH_LINK) -lIceXML $(LIBS) $(OPENSSL_LIBS)
-
-include .depend
diff --git a/cpp/test/IceSSL/certificateVerifier/certificateverifier.dsp b/cpp/test/IceSSL/certificateVerifier/certificateverifier.dsp
deleted file mode 100644
index 866689c8f18..00000000000
--- a/cpp/test/IceSSL/certificateVerifier/certificateverifier.dsp
+++ /dev/null
@@ -1,106 +0,0 @@
-# Microsoft Developer Studio Project File - Name="certificateverifier" - Package Owner=<4>

-# Microsoft Developer Studio Generated Build File, Format Version 6.00

-# ** DO NOT EDIT **

-

-# TARGTYPE "Win32 (x86) Console Application" 0x0103

-

-CFG=certificateverifier - Win32 Debug

-!MESSAGE This is not a valid makefile. To build this project using NMAKE,

-!MESSAGE use the Export Makefile command and run

-!MESSAGE 

-!MESSAGE NMAKE /f "certificateverifier.mak".

-!MESSAGE 

-!MESSAGE You can specify a configuration when running NMAKE

-!MESSAGE by defining the macro CFG on the command line. For example:

-!MESSAGE 

-!MESSAGE NMAKE /f "certificateverifier.mak" CFG="certificateverifier - Win32 Debug"

-!MESSAGE 

-!MESSAGE Possible choices for configuration are:

-!MESSAGE 

-!MESSAGE "certificateverifier - Win32 Release" (based on "Win32 (x86) Console Application")

-!MESSAGE "certificateverifier - Win32 Debug" (based on "Win32 (x86) Console Application")

-!MESSAGE 

-

-# Begin Project

-# PROP AllowPerConfigDependencies 0

-# PROP Scc_ProjName ""

-# PROP Scc_LocalPath ""

-CPP=cl.exe

-RSC=rc.exe

-

-!IF  "$(CFG)" == "certificateverifier - Win32 Release"

-

-# PROP BASE Use_MFC 0

-# PROP BASE Use_Debug_Libraries 0

-# PROP BASE Output_Dir "Release"

-# PROP BASE Intermediate_Dir "Release"

-# PROP BASE Target_Dir ""

-# PROP Use_MFC 0

-# PROP Use_Debug_Libraries 0

-# PROP Output_Dir "Release"

-# PROP Intermediate_Dir "Release"

-# PROP Ignore_Export_Lib 0

-# PROP Target_Dir ""

-# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /Yu"stdafx.h" /FD /c

-# ADD CPP /nologo /MD /W3 /WX /GR /GX /O2 /I "." /I "../../../include" /I "../../include" /D "_CONSOLE" /D "NDEBUG" /D "WIN32_LEAN_AND_MEAN" /FD /c

-# SUBTRACT CPP /Z<none> /YX

-# ADD BASE RSC /l 0x409 /d "NDEBUG"

-# ADD RSC /l 0x409 /d "NDEBUG"

-BSC32=bscmake.exe

-# ADD BASE BSC32 /nologo

-# ADD BSC32 /nologo

-LINK32=link.exe

-# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386

-# ADD LINK32 /nologo /subsystem:console /pdb:none /machine:I386 /out:"certificateverifier.exe" /libpath:"../../../lib" /FIXED:no

-# SUBTRACT LINK32 /debug

-

-!ELSEIF  "$(CFG)" == "certificateverifier - Win32 Debug"

-

-# PROP BASE Use_MFC 0

-# PROP BASE Use_Debug_Libraries 1

-# PROP BASE Output_Dir "Debug"

-# PROP BASE Intermediate_Dir "Debug"

-# PROP BASE Target_Dir ""

-# PROP Use_MFC 0

-# PROP Use_Debug_Libraries 1

-# PROP Output_Dir "Debug"

-# PROP Intermediate_Dir "Debug"

-# PROP Ignore_Export_Lib 0

-# PROP Target_Dir ""

-# ADD BASE CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /Yu"stdafx.h" /FD /GZ /c

-# ADD CPP /nologo /MDd /W3 /WX /Gm /GR /GX /Zi /Od /I "." /I "../../../include" /I "../../include" /D "_CONSOLE" /D "_DEBUG" /D "WIN32_LEAN_AND_MEAN" /FD /GZ /c

-# SUBTRACT CPP /YX

-# ADD BASE RSC /l 0x409 /d "_DEBUG"

-# ADD RSC /l 0x409 /d "_DEBUG"

-BSC32=bscmake.exe

-# ADD BASE BSC32 /nologo

-# ADD BSC32 /nologo

-LINK32=link.exe

-# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept

-# ADD LINK32 /nologo /subsystem:console /debug /machine:I386 /out:"certificateverifier.exe" /pdbtype:sept /libpath:"../../../lib" /FIXED:no

-# SUBTRACT LINK32 /pdb:none

-

-!ENDIF 

-

-# Begin Target

-

-# Name "certificateverifier - Win32 Release"

-# Name "certificateverifier - Win32 Debug"

-# Begin Group "Source Files"

-

-# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat"

-# Begin Source File

-

-SOURCE=.\certificateverifier.cpp

-# End Source File

-# End Group

-# Begin Group "Header Files"

-

-# PROP Default_Filter "h;hpp;hxx;hm;inl"

-# End Group

-# Begin Group "Resource Files"

-

-# PROP Default_Filter "ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe"

-# End Group

-# End Target

-# End Project

diff --git a/cpp/test/IceSSL/certificateVerifier/run.py b/cpp/test/IceSSL/certificateVerifier/run.py
deleted file mode 100755
index cb4931254ab..00000000000
--- a/cpp/test/IceSSL/certificateVerifier/run.py
+++ /dev/null
@@ -1,44 +0,0 @@
-#!/usr/bin/env python
-# **********************************************************************
-#
-# Copyright (c) 2003-2006 ZeroC, Inc. All rights reserved.
-#
-# This copy of Ice is licensed to you under the terms described in the
-# ICE_LICENSE file included in this distribution.
-#
-# **********************************************************************
-
-import os, sys
-
-for toplevel in [".", "..", "../..", "../../..", "../../../.."]:
-    toplevel = os.path.normpath(toplevel)
-    if os.path.exists(os.path.join(toplevel, "config", "TestUtil.py")):
-        break
-else:
-    raise "can't find toplevel directory!"
-
-sys.path.append(os.path.join(toplevel, "config"))
-import TestUtil
-
-if TestUtil.protocol != "ssl":
-    print "This test may only be run with SSL enabled."
-    sys.exit(0)
-
-name = os.path.join("IceSSL", "certificateVerifier")
-testdir = os.path.join(toplevel, "test", name)
-
-client = os.path.join(testdir, "certificateVerifier")
-
-localClientOptions = TestUtil.clientServerProtocol + TestUtil.defaultHost
-print "starting certificateVerifier...",
-clientPipe = os.popen(client + localClientOptions + " 2>&1")
-print "ok"
-
-TestUtil.printOutputFromPipe(clientPipe)
-    
-clientStatus = TestUtil.closePipe(clientPipe)
-
-if clientStatus:
-    sys.exit(1)
-
-sys.exit(0)
diff --git a/cpp/test/IceSSL/certs/badCert.b64 b/cpp/test/IceSSL/certs/badCert.b64
deleted file mode 100644
index ea16bd5dae9..00000000000
--- a/cpp/test/IceSSL/certs/badCert.b64
+++ /dev/null
@@ -1,18 +0,0 @@
-MIIDVDCCAr2gAwIBAgIBAjANBgkqhkiG9w0BAQQFADB0MQswCQYDVQQGEwJVUzEQ
-TXV0YWJsZSBSZWFsbXMxEDAOBgNVBAsTB0ljZSBBZ2UxEzARBgNVBAMTCk11dGFi
-BhMCVVMxEDAOBgNVBAgTB0FsYWJhbWExFzAVBgNVBAoTDk11dGFibGUgUmVhbG1z
-LW4VtfBzqbbF6iZ2jXsZ9b+eJthklqDI9OuodbddQneZQyE5bc8iAmtk9kZHTfdC
-MRAwDgYDVQQLEwdJY2UgQWdlMSUwIwYDVQQDExxNUiBSU0EgMTAyNCBDbGllbnQg
-MA4GA1UECBMHQWxhYmFtYTETMBEGA1UEBxMKSHVudHN2aWxsZTEXMBUGA1UEChMO
-VGVzdCBDZXJ0MSQwIgYJKoZIhvcNAQkBFhVtcmNsaXJzYTEwMjRAc29tZS5uZXQw
-gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALCYySBuEQ85R4YzLGepTD3rnRmn
-EmbF4xhVnFOXZ7rbvYbjuCAMPViq7dqReikQOmGcXiI4Yuqvqzns9JRRTuMF0tSR
-a3CXKMl1eBjj2oXZCAHQlSm82nmQN7l2uuHh9dIMsefZuFVy8yj4uimLWIuy8w6n
-EzARBgNVBAMTCk11dGFibGUgQ0GCAQAwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0B
-rLOZDoiaWYP80glRAgMBAAGjgdEwgc4wHQYDVR0OBBYEFApzehDgwcwlZCFJU/w+
-jSNysDhRMIGeBgNVHSMEgZYwgZOAFBSVOXsF8JuI7LcNZkyP8Alwz2PZoXikdjB0
-MQswCQYDVQQGEwJVUzEQMA4GA1UECBMHQWxhYmFtYTETMBEGA1UEBxMKSHVudHN2
-aWxsZTEXMBUGA1UEChMOTXV0YWJsZSBSZWFsbXMxEDAOBgNVBAsTB0ljZSBBZ2Ux
-bGUgQ0EwHhcNMDIwMjIyMTYxMzE4WhcNMDMwMjIyMTYxMzE4WjCBlzELMAkGA1UE
-AQQFAAOBgQBZp3rgKryLbGGy4JPSXn6Cdh8qcce3D/9TYx8OtNCRM4iOBQDuGttI
-3IOojKTmv1jt8r2a+WeMbCg9KiENZF5ZI7U/uKADYtW0AY6V/y5dVg==
diff --git a/cpp/test/IceSSL/certs/badCert.pem b/cpp/test/IceSSL/certs/badCert.pem
deleted file mode 100644
index 202a3699cbb..00000000000
--- a/cpp/test/IceSSL/certs/badCert.pem
+++ /dev/null
@@ -1,20 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDVDCCAr2gAwIBAgIBAjANBgkqhkiG9w0BAQQFADB0MQswCQYDVQQGEwJVUzEQ
-TXV0YWJsZSBSZWFsbXMxEDAOBgNVBAsTB0ljZSBBZ2UxEzARBgNVBAMTCk11dGFi
-BhMCVVMxEDAOBgNVBAgTB0FsYWJhbWExFzAVBgNVBAoTDk11dGFibGUgUmVhbG1z
-LW4VtfBzqbbF6iZ2jXsZ9b+eJthklqDI9OuodbddQneZQyE5bc8iAmtk9kZHTfdC
-MRAwDgYDVQQLEwdJY2UgQWdlMSUwIwYDVQQDExxNUiBSU0EgMTAyNCBDbGllbnQg
-MA4GA1UECBMHQWxhYmFtYTETMBEGA1UEBxMKSHVudHN2aWxsZTEXMBUGA1UEChMO
-VGVzdCBDZXJ0MSQwIgYJKoZIhvcNAQkBFhVtcmNsaXJzYTEwMjRAc29tZS5uZXQw
-gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALCYySBuEQ85R4YzLGepTD3rnRmn
-EmbF4xhVnFOXZ7rbvYbjuCAMPViq7dqReikQOmGcXiI4Yuqvqzns9JRRTuMF0tSR
-a3CXKMl1eBjj2oXZCAHQlSm82nmQN7l2uuHh9dIMsefZuFVy8yj4uimLWIuy8w6n
-EzARBgNVBAMTCk11dGFibGUgQ0GCAQAwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0B
-rLOZDoiaWYP80glRAgMBAAGjgdEwgc4wHQYDVR0OBBYEFApzehDgwcwlZCFJU/w+
-jSNysDhRMIGeBgNVHSMEgZYwgZOAFBSVOXsF8JuI7LcNZkyP8Alwz2PZoXikdjB0
-MQswCQYDVQQGEwJVUzEQMA4GA1UECBMHQWxhYmFtYTETMBEGA1UEBxMKSHVudHN2
-aWxsZTEXMBUGA1UEChMOTXV0YWJsZSBSZWFsbXMxEDAOBgNVBAsTB0ljZSBBZ2Ux
-bGUgQ0EwHhcNMDIwMjIyMTYxMzE4WhcNMDMwMjIyMTYxMzE4WjCBlzELMAkGA1UE
-AQQFAAOBgQBZp3rgKryLbGGy4JPSXn6Cdh8qcce3D/9TYx8OtNCRM4iOBQDuGttI
-3IOojKTmv1jt8r2a+WeMbCg9KiENZF5ZI7U/uKADYtW0AY6V/y5dVg==
------END CERTIFICATE-----
diff --git a/cpp/test/IceSSL/certs/badKey.b64 b/cpp/test/IceSSL/certs/badKey.b64
deleted file mode 100644
index e46d75ad4f6..00000000000
--- a/cpp/test/IceSSL/certs/badKey.b64
+++ /dev/null
@@ -1,13 +0,0 @@
-MIICXQIBAAKBgQCwmMkgbhEPOUeGMyxnqUw9650ZpxJmxeMYVZxTl2e6272G47gg
-DD1Yqu3akXopEDphnF4iOGLqr6s57PSUUU7jBdLUkWtwlyjJdXgY49qF2QgB0JUp
-AoGAVxslqc9grsesFe/L6V3Cc5ByLyMPmo3lVC12LG00ByE4PP655WTkJYY6SGMV
-DMXr/eq+IAENcAIHK6bZ/ULOjkzkriw8HwJBAMSCU1xC0iqyuiuJ3GP2k2KNUbWI
-avQ3juM5LlwmOZrK1w/qzixHW9lEHWwn8528hNhbCXcXECvdskKopnDLBml2HzsT
-hIeypE8Cx5JUiDoaFTph8X6hj9t4sTAmfJW5IxjL8M5MW/nGW4s2mxv0b1qWQkmk
-Vu3rkemvi/ZfA4ic1RpzAHJAZNltqI36TZlaKfWk+boMZNkCQQDc7Nxy39+Y34hm
-vNp5kDe5drrh4fXSDLHn2bhVcvMo+Lopi1iLsvMOp6yzmQ6ImlmD/NIJUQIDAQAB
-J743VQyPAkEAzKJFBmztuhZPgIcwi/vy5qLZfpByk5Z5Gme6j8Uh6pAnEb6EFodB
-n2E2ncyKPMb4HLjUptkorF3kZjxi5MPINzoYUY4SSbhm1CpCtGoCp+mj1vUCQGfQ
-zE949l5l5iSLHfi+uEECQQDLH8uGp1h1N795gwO9S+Wu71Yuun1oBY9CajV4agcZ
-9ImsfG+DxoHYAxz7v70fPdRseYnoNDSDW3/4xCBcOiYhWEY0U9dzRuweQFRkeSpU
-z7wiNmRS5xto7VdHaJNETiZCYkjWPup34SqFxv/NjqIe
diff --git a/cpp/test/IceSSL/certs/badKey.pem b/cpp/test/IceSSL/certs/badKey.pem
deleted file mode 100644
index 6fa9750bf10..00000000000
--- a/cpp/test/IceSSL/certs/badKey.pem
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXQIBAAKBgQCwmMkgbhEPOUeGMyxnqUw9650ZpxJmxeMYVZxTl2e6272G47gg
-DD1Yqu3akXopEDphnF4iOGLqr6s57PSUUU7jBdLUkWtwlyjJdXgY49qF2QgB0JUp
-AoGAVxslqc9grsesFe/L6V3Cc5ByLyMPmo3lVC12LG00ByE4PP655WTkJYY6SGMV
-DMXr/eq+IAENcAIHK6bZ/ULOjkzkriw8HwJBAMSCU1xC0iqyuiuJ3GP2k2KNUbWI
-avQ3juM5LlwmOZrK1w/qzixHW9lEHWwn8528hNhbCXcXECvdskKopnDLBml2HzsT
-hIeypE8Cx5JUiDoaFTph8X6hj9t4sTAmfJW5IxjL8M5MW/nGW4s2mxv0b1qWQkmk
-Vu3rkemvi/ZfA4ic1RpzAHJAZNltqI36TZlaKfWk+boMZNkCQQDc7Nxy39+Y34hm
-vNp5kDe5drrh4fXSDLHn2bhVcvMo+Lopi1iLsvMOp6yzmQ6ImlmD/NIJUQIDAQAB
-J743VQyPAkEAzKJFBmztuhZPgIcwi/vy5qLZfpByk5Z5Gme6j8Uh6pAnEb6EFodB
-n2E2ncyKPMb4HLjUptkorF3kZjxi5MPINzoYUY4SSbhm1CpCtGoCp+mj1vUCQGfQ
-zE949l5l5iSLHfi+uEECQQDLH8uGp1h1N795gwO9S+Wu71Yuun1oBY9CajV4agcZ
-9ImsfG+DxoHYAxz7v70fPdRseYnoNDSDW3/4xCBcOiYhWEY0U9dzRuweQFRkeSpU
-z7wiNmRS5xto7VdHaJNETiZCYkjWPup34SqFxv/NjqIe
------END RSA PRIVATE KEY-----
diff --git a/cpp/test/IceSSL/certs/c_dsa_nopass_ca1_priv.pem b/cpp/test/IceSSL/certs/c_dsa_nopass_ca1_priv.pem
new file mode 100644
index 00000000000..3d8775eb8fd
--- /dev/null
+++ b/cpp/test/IceSSL/certs/c_dsa_nopass_ca1_priv.pem
@@ -0,0 +1,12 @@
+-----BEGIN DSA PRIVATE KEY-----
+MIIBvQIBAAKBgQDRqIk+hRip/xkMDFhb3SPSC9lUHFg2cGry7UpR/LQBobbaBx9+
+JTDL6iswzihT2Og/Ti8TAxCqhpjRGQRUrVThv+yb7DplfrKGiAby6xCD5BsJy6Ra
+0HchqVeISqXkaJyAGF+PW81Oh2BRejQgFuYe9Np1b8uynHYN1JF2xeHv5wIVAKM3
+w9+fI7s7jtna4yLhgE66z8SpAoGBAJK1QvQwz3nCIawxq2b52an7vUbm78oGi9K0
+fBgzugc7QREqNtFK8I1z7zoz42XR9rS9tqeE/Ncdjx+9d/X1R0miBiJauy2muodx
+HkPh40l1lSkUmUNDGE8Pm71VTG6+UShzs0ZSZ+zZ4JzmI/WxCglGJvfnP6DD3HYm
+4thBdXdWAoGBAIzqho6RIZT3d5cnhW+2xEWdnsW9ltQ5uix2L4OIJzszBMuMjXpE
+NHqLPgQTe1kZPLv8NhFVVmriare2WRk5/7equv27vWy0kpPz2QCmqe4Ypn+XjXJ6
+AyNQ+PotBKLJvP/CIOs6p0coUL/f3dBjkyABO3mtpzaLxM9h0PnrPnBxAhUAmQDK
+2etU/NbJhe6E15OYWLc4tNE=
+-----END DSA PRIVATE KEY-----
diff --git a/cpp/test/IceSSL/certs/c_dsa_nopass_ca1_pub.pem b/cpp/test/IceSSL/certs/c_dsa_nopass_ca1_pub.pem
new file mode 100644
index 00000000000..b891d4648d3
--- /dev/null
+++ b/cpp/test/IceSSL/certs/c_dsa_nopass_ca1_pub.pem
@@ -0,0 +1,104 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 1 (0x1)
+        Signature Algorithm: md5WithRSAEncryption
+        Issuer: C=US, ST=Florida, L=Palm Beach Gardens, O=ZeroC, Inc., OU=Ice, CN=ZeroC Test CA/emailAddress=info@zeroc.com
+        Validity
+            Not Before: Mar 28 18:10:00 2006 GMT
+            Not After : Mar 25 18:10:00 2016 GMT
+        Subject: C=US, ST=Florida, O=ZeroC, Inc., OU=Ice/emailAddress=info@zeroc.com, CN=Client
+        Subject Public Key Info:
+            Public Key Algorithm: dsaEncryption
+            DSA Public Key:
+                pub: 
+                    00:8c:ea:86:8e:91:21:94:f7:77:97:27:85:6f:b6:
+                    c4:45:9d:9e:c5:bd:96:d4:39:ba:2c:76:2f:83:88:
+                    27:3b:33:04:cb:8c:8d:7a:44:34:7a:8b:3e:04:13:
+                    7b:59:19:3c:bb:fc:36:11:55:56:6a:e2:6a:b7:b6:
+                    59:19:39:ff:b7:aa:ba:fd:bb:bd:6c:b4:92:93:f3:
+                    d9:00:a6:a9:ee:18:a6:7f:97:8d:72:7a:03:23:50:
+                    f8:fa:2d:04:a2:c9:bc:ff:c2:20:eb:3a:a7:47:28:
+                    50:bf:df:dd:d0:63:93:20:01:3b:79:ad:a7:36:8b:
+                    c4:cf:61:d0:f9:eb:3e:70:71
+                P:   
+                    00:d1:a8:89:3e:85:18:a9:ff:19:0c:0c:58:5b:dd:
+                    23:d2:0b:d9:54:1c:58:36:70:6a:f2:ed:4a:51:fc:
+                    b4:01:a1:b6:da:07:1f:7e:25:30:cb:ea:2b:30:ce:
+                    28:53:d8:e8:3f:4e:2f:13:03:10:aa:86:98:d1:19:
+                    04:54:ad:54:e1:bf:ec:9b:ec:3a:65:7e:b2:86:88:
+                    06:f2:eb:10:83:e4:1b:09:cb:a4:5a:d0:77:21:a9:
+                    57:88:4a:a5:e4:68:9c:80:18:5f:8f:5b:cd:4e:87:
+                    60:51:7a:34:20:16:e6:1e:f4:da:75:6f:cb:b2:9c:
+                    76:0d:d4:91:76:c5:e1:ef:e7
+                Q:   
+                    00:a3:37:c3:df:9f:23:bb:3b:8e:d9:da:e3:22:e1:
+                    80:4e:ba:cf:c4:a9
+                G:   
+                    00:92:b5:42:f4:30:cf:79:c2:21:ac:31:ab:66:f9:
+                    d9:a9:fb:bd:46:e6:ef:ca:06:8b:d2:b4:7c:18:33:
+                    ba:07:3b:41:11:2a:36:d1:4a:f0:8d:73:ef:3a:33:
+                    e3:65:d1:f6:b4:bd:b6:a7:84:fc:d7:1d:8f:1f:bd:
+                    77:f5:f5:47:49:a2:06:22:5a:bb:2d:a6:ba:87:71:
+                    1e:43:e1:e3:49:75:95:29:14:99:43:43:18:4f:0f:
+                    9b:bd:55:4c:6e:be:51:28:73:b3:46:52:67:ec:d9:
+                    e0:9c:e6:23:f5:b1:0a:09:46:26:f7:e7:3f:a0:c3:
+                    dc:76:26:e2:d8:41:75:77:56
+        X509v3 extensions:
+            X509v3 Basic Constraints: 
+            CA:FALSE
+            X509v3 Subject Key Identifier: 
+            04:ED:7A:D9:7B:B9:34:A0:F5:26:E6:25:98:AB:AB:26:23:CF:9D:7C
+            X509v3 Authority Key Identifier: 
+            keyid:A3:8D:7D:FF:A8:69:1E:7C:54:58:46:61:FE:B7:68:BC:2C:FC:CB:DE
+            DirName:/C=US/ST=Florida/L=Palm Beach Gardens/O=ZeroC, Inc./OU=Ice/CN=ZeroC Test CA/emailAddress=info@zeroc.com
+            serial:00
+
+            X509v3 Subject Alternative Name: 
+            DNS:client, IP Address:127.0.0.1
+    Signature Algorithm: md5WithRSAEncryption
+        b2:e5:01:c4:b4:c1:1a:6b:c5:6a:dc:6b:1f:8e:76:62:c9:09:
+        a0:7c:86:fb:8f:86:86:a0:0b:6e:24:92:22:ad:2f:12:3f:c8:
+        31:c1:7a:25:44:44:3c:b8:4f:1e:f0:de:b8:a4:2e:71:02:7d:
+        10:65:80:d0:95:74:ca:26:65:c8:e5:86:bd:9d:1f:90:e5:b2:
+        64:06:ab:b0:e3:37:20:d6:3b:61:13:b2:f9:52:d4:44:58:21:
+        ca:10:f2:82:c9:d4:9a:95:ff:54:72:a3:15:95:54:5b:44:af:
+        27:57:2d:77:8e:dd:dd:fc:85:59:e2:85:86:6d:7f:0f:de:a1:
+        c5:d1:e8:de:b6:56:85:f9:10:19:cf:c3:aa:36:d5:b2:df:65:
+        1c:9f:41:ee:77:99:8f:28:5c:9b:81:72:90:3f:80:e1:81:ec:
+        f3:b7:17:07:d5:63:3f:e5:b4:61:36:fc:5c:6c:79:e3:a2:db:
+        2b:9a:98:8b:27:54:8a:1f:97:4d:97:1b:fd:0c:31:94:8d:9a:
+        b9:a7:7d:2c:5d:ea:ee:2f:ec:08:07:4f:1e:8a:37:d6:2e:54:
+        fe:42:ed:f8:ed:e2:80:d5:19:98:9c:44:1e:29:6c:c9:ec:27:
+        6e:18:f9:66:2d:5a:71:72:94:97:7e:30:48:b9:b2:76:30:45:
+        87:e7:5a:c9
+-----BEGIN CERTIFICATE-----
+MIIFLDCCBBSgAwIBAgIBATANBgkqhkiG9w0BAQQFADCBlzELMAkGA1UEBhMCVVMx
+EDAOBgNVBAgTB0Zsb3JpZGExGzAZBgNVBAcTElBhbG0gQmVhY2ggR2FyZGVuczEU
+MBIGA1UEChMLWmVyb0MsIEluYy4xDDAKBgNVBAsTA0ljZTEWMBQGA1UEAxMNWmVy
+b0MgVGVzdCBDQTEdMBsGCSqGSIb3DQEJARYOaW5mb0B6ZXJvYy5jb20wHhcNMDYw
+MzI4MTgxMDAwWhcNMTYwMzI1MTgxMDAwWjBzMQswCQYDVQQGEwJVUzEQMA4GA1UE
+CBMHRmxvcmlkYTEUMBIGA1UEChMLWmVyb0MsIEluYy4xDDAKBgNVBAsTA0ljZTEd
+MBsGCSqGSIb3DQEJARYOaW5mb0B6ZXJvYy5jb20xDzANBgNVBAMTBkNsaWVudDCC
+AbgwggEsBgcqhkjOOAQBMIIBHwKBgQDRqIk+hRip/xkMDFhb3SPSC9lUHFg2cGry
+7UpR/LQBobbaBx9+JTDL6iswzihT2Og/Ti8TAxCqhpjRGQRUrVThv+yb7DplfrKG
+iAby6xCD5BsJy6Ra0HchqVeISqXkaJyAGF+PW81Oh2BRejQgFuYe9Np1b8uynHYN
+1JF2xeHv5wIVAKM3w9+fI7s7jtna4yLhgE66z8SpAoGBAJK1QvQwz3nCIawxq2b5
+2an7vUbm78oGi9K0fBgzugc7QREqNtFK8I1z7zoz42XR9rS9tqeE/Ncdjx+9d/X1
+R0miBiJauy2muodxHkPh40l1lSkUmUNDGE8Pm71VTG6+UShzs0ZSZ+zZ4JzmI/Wx
+CglGJvfnP6DD3HYm4thBdXdWA4GFAAKBgQCM6oaOkSGU93eXJ4VvtsRFnZ7FvZbU
+Obosdi+DiCc7MwTLjI16RDR6iz4EE3tZGTy7/DYRVVZq4mq3tlkZOf+3qrr9u71s
+tJKT89kApqnuGKZ/l41yegMjUPj6LQSiybz/wiDrOqdHKFC/393QY5MgATt5rac2
+i8TPYdD56z5wcaOCAQ4wggEKMAkGA1UdEwQCMAAwHQYDVR0OBBYEFATtetl7uTSg
+9SbmJZirqyYjz518MIHEBgNVHSMEgbwwgbmAFKONff+oaR58VFhGYf63aLws/Mve
+oYGdpIGaMIGXMQswCQYDVQQGEwJVUzEQMA4GA1UECBMHRmxvcmlkYTEbMBkGA1UE
+BxMSUGFsbSBCZWFjaCBHYXJkZW5zMRQwEgYDVQQKEwtaZXJvQywgSW5jLjEMMAoG
+A1UECxMDSWNlMRYwFAYDVQQDEw1aZXJvQyBUZXN0IENBMR0wGwYJKoZIhvcNAQkB
+Fg5pbmZvQHplcm9jLmNvbYIBADAXBgNVHREEEDAOggZjbGllbnSHBH8AAAEwDQYJ
+KoZIhvcNAQEEBQADggEBALLlAcS0wRprxWrcax+OdmLJCaB8hvuPhoagC24kkiKt
+LxI/yDHBeiVERDy4Tx7w3rikLnECfRBlgNCVdMomZcjlhr2dH5DlsmQGq7DjNyDW
+O2ETsvlS1ERYIcoQ8oLJ1JqV/1RyoxWVVFtErydXLXeO3d38hVnihYZtfw/eocXR
+6N62VoX5EBnPw6o21bLfZRyfQe53mY8oXJuBcpA/gOGB7PO3FwfVYz/ltGE2/Fxs
+eeOi2yuamIsnVIofl02XG/0MMZSNmrmnfSxd6u4v7AgHTx6KN9YuVP5C7fjt4oDV
+GZicRB4pbMnsJ24Y+WYtWnFylJd+MEi5snYwRYfnWsk=
+-----END CERTIFICATE-----
diff --git a/cpp/test/IceSSL/certs/c_rsa_nopass_ca1_exp_priv.pem b/cpp/test/IceSSL/certs/c_rsa_nopass_ca1_exp_priv.pem
new file mode 100644
index 00000000000..75401c94094
--- /dev/null
+++ b/cpp/test/IceSSL/certs/c_rsa_nopass_ca1_exp_priv.pem
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQCjwrEKiOasqYcN+JT7wcAWsRpvBOAUDsKq7h3vycC87IpBiCot
+K/0VrIMvPPWG4btxRQcuFl7YTQtw3VzElikC10/2f4KZAcuH174P5bjifHpwGdl8
+eLKbI6MKzIiA2pQtX/cvJduLFXA6UVW5zea71vBGqyhhzSeba7cLPtH9oQIDAQAB
+AoGAEcTDPvhhxyRR4iMxzytTs2KeEqO9yI9dcfyKRQVoI1erHLcwlFwshtiEF3EO
+1wbRNtYdlFObEO8zKZjrQu1kH51IishLZHHa2p0uaYXTEGb5kbDscFFIWH2P/KcZ
+neUajlvLnbnMje/s3wO10USigkWx6g/aQc6ouKV82wcOCt0CQQDZMh/uyKvlv5G7
+rb2M7PHhTBjIr++0T1pVQxDYlASRQTc2wYKpHSXVC9FGrH6z181Je2xRbGjr3eVx
+rC537wlPAkEAwQSZcTgwh5sL9fAvDstbDvW5Zp0szLdJYKn8XKKMY4QoXn3M1jsl
+nwtrSeuLcFLeReFwezQL2vgDuvzEhAfuDwJBALgCKmGfq1qbATmSyWsydv4b/UdR
+HvCQ5gQkLIqAZJo3OTLvoOXrptinCWcpzrJI20gtA6i8AuwJc1DpwfikECsCQGME
+TQL75ElsjJI6CKn6QFhITjgJ4XWTgR0JluCeso5KubrfpjkwVnhkj0F4iCuzFzua
+Du3lIT/Pg3plORrSRpkCQBeUaSxZ+pDPX/GjQ3wa+ORHiSB65IGa/icmyvoZtX0K
+J8X8DtRWlbc3UdhfBhvzoZJ9RbOaopbQtdrXsyqRNgE=
+-----END RSA PRIVATE KEY-----
diff --git a/cpp/test/IceSSL/certs/c_rsa_nopass_ca1_exp_pub.pem b/cpp/test/IceSSL/certs/c_rsa_nopass_ca1_exp_pub.pem
new file mode 100644
index 00000000000..d70dafb3395
--- /dev/null
+++ b/cpp/test/IceSSL/certs/c_rsa_nopass_ca1_exp_pub.pem
@@ -0,0 +1,76 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 1 (0x1)
+        Signature Algorithm: md5WithRSAEncryption
+        Issuer: C=US, ST=Florida, L=Palm Beach Gardens, O=ZeroC, Inc., OU=Ice, CN=ZeroC Test CA/emailAddress=info@zeroc.com
+        Validity
+            Not Before: Mar 28 18:09:57 2006 GMT
+            Not After : Dec 31 00:00:00 2005 GMT
+        Subject: C=US, ST=Florida, O=ZeroC, Inc., OU=Ice/emailAddress=info@zeroc.com, CN=Client
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (1024 bit)
+                Modulus (1024 bit):
+                    00:a3:c2:b1:0a:88:e6:ac:a9:87:0d:f8:94:fb:c1:
+                    c0:16:b1:1a:6f:04:e0:14:0e:c2:aa:ee:1d:ef:c9:
+                    c0:bc:ec:8a:41:88:2a:2d:2b:fd:15:ac:83:2f:3c:
+                    f5:86:e1:bb:71:45:07:2e:16:5e:d8:4d:0b:70:dd:
+                    5c:c4:96:29:02:d7:4f:f6:7f:82:99:01:cb:87:d7:
+                    be:0f:e5:b8:e2:7c:7a:70:19:d9:7c:78:b2:9b:23:
+                    a3:0a:cc:88:80:da:94:2d:5f:f7:2f:25:db:8b:15:
+                    70:3a:51:55:b9:cd:e6:bb:d6:f0:46:ab:28:61:cd:
+                    27:9b:6b:b7:0b:3e:d1:fd:a1
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Basic Constraints: 
+            CA:FALSE
+            X509v3 Subject Key Identifier: 
+            2C:1A:E5:40:AA:C6:AB:5B:E6:0C:8F:A4:21:02:DE:35:5F:C4:02:B3
+            X509v3 Authority Key Identifier: 
+            keyid:A3:8D:7D:FF:A8:69:1E:7C:54:58:46:61:FE:B7:68:BC:2C:FC:CB:DE
+            DirName:/C=US/ST=Florida/L=Palm Beach Gardens/O=ZeroC, Inc./OU=Ice/CN=ZeroC Test CA/emailAddress=info@zeroc.com
+            serial:00
+
+            X509v3 Subject Alternative Name: 
+            DNS:client, IP Address:127.0.0.1
+    Signature Algorithm: md5WithRSAEncryption
+        ea:a6:22:d8:a8:09:b9:e9:d3:80:de:c9:07:88:09:ef:b8:14:
+        d7:28:a9:dc:48:b2:95:bc:4a:e6:9a:98:81:6d:f6:b9:84:2d:
+        8e:bf:bf:97:b7:b7:74:30:91:6f:a2:3a:c1:f4:30:b4:b9:df:
+        71:3d:e5:92:9d:70:51:e9:c8:89:7c:a7:21:f9:6f:dc:f0:d8:
+        6e:0c:94:3c:3e:c5:0f:33:7a:29:0a:b1:d5:8e:91:00:cd:ad:
+        e0:28:87:3f:e1:bc:e6:e0:d8:27:93:96:10:2a:23:b4:5b:15:
+        33:b7:7b:27:a0:5f:aa:2e:80:e8:e4:95:88:c2:96:69:87:cd:
+        ff:4f:56:db:94:95:c8:e9:62:54:2b:0b:dd:78:a2:70:e8:a2:
+        b8:02:5b:a2:59:77:aa:9a:46:d4:35:d8:52:ac:a2:3c:65:6c:
+        11:05:19:97:8f:aa:47:c6:b9:5f:b2:22:5f:4a:c3:d9:89:5b:
+        50:0b:87:f7:c2:89:a6:5c:2d:84:83:c6:6e:f4:20:77:12:7d:
+        30:61:94:a9:07:8f:55:f5:21:fe:06:d5:bb:3d:67:ee:f8:87:
+        5b:f7:f1:78:e1:2e:4b:14:fe:6d:d9:3b:c6:d0:65:ed:00:a9:
+        5c:e0:c2:0f:5d:0d:71:d8:8d:db:bd:57:f5:f9:68:5b:31:2a:
+        e4:0f:b4:3a
+-----BEGIN CERTIFICATE-----
+MIIEEjCCAvqgAwIBAgIBATANBgkqhkiG9w0BAQQFADCBlzELMAkGA1UEBhMCVVMx
+EDAOBgNVBAgTB0Zsb3JpZGExGzAZBgNVBAcTElBhbG0gQmVhY2ggR2FyZGVuczEU
+MBIGA1UEChMLWmVyb0MsIEluYy4xDDAKBgNVBAsTA0ljZTEWMBQGA1UEAxMNWmVy
+b0MgVGVzdCBDQTEdMBsGCSqGSIb3DQEJARYOaW5mb0B6ZXJvYy5jb20wHhcNMDYw
+MzI4MTgwOTU3WhcNMDUxMjMxMDAwMDAwWjBzMQswCQYDVQQGEwJVUzEQMA4GA1UE
+CBMHRmxvcmlkYTEUMBIGA1UEChMLWmVyb0MsIEluYy4xDDAKBgNVBAsTA0ljZTEd
+MBsGCSqGSIb3DQEJARYOaW5mb0B6ZXJvYy5jb20xDzANBgNVBAMTBkNsaWVudDCB
+nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAo8KxCojmrKmHDfiU+8HAFrEabwTg
+FA7Cqu4d78nAvOyKQYgqLSv9FayDLzz1huG7cUUHLhZe2E0LcN1cxJYpAtdP9n+C
+mQHLh9e+D+W44nx6cBnZfHiymyOjCsyIgNqULV/3LyXbixVwOlFVuc3mu9bwRqso
+Yc0nm2u3Cz7R/aECAwEAAaOCAQ4wggEKMAkGA1UdEwQCMAAwHQYDVR0OBBYEFCwa
+5UCqxqtb5gyPpCEC3jVfxAKzMIHEBgNVHSMEgbwwgbmAFKONff+oaR58VFhGYf63
+aLws/MveoYGdpIGaMIGXMQswCQYDVQQGEwJVUzEQMA4GA1UECBMHRmxvcmlkYTEb
+MBkGA1UEBxMSUGFsbSBCZWFjaCBHYXJkZW5zMRQwEgYDVQQKEwtaZXJvQywgSW5j
+LjEMMAoGA1UECxMDSWNlMRYwFAYDVQQDEw1aZXJvQyBUZXN0IENBMR0wGwYJKoZI
+hvcNAQkBFg5pbmZvQHplcm9jLmNvbYIBADAXBgNVHREEEDAOggZjbGllbnSHBH8A
+AAEwDQYJKoZIhvcNAQEEBQADggEBAOqmItioCbnp04DeyQeICe+4FNcoqdxIspW8
+SuaamIFt9rmELY6/v5e3t3QwkW+iOsH0MLS533E95ZKdcFHpyIl8pyH5b9zw2G4M
+lDw+xQ8zeikKsdWOkQDNreAohz/hvObg2CeTlhAqI7RbFTO3eyegX6ougOjklYjC
+lmmHzf9PVtuUlcjpYlQrC914onDoorgCW6JZd6qaRtQ12FKsojxlbBEFGZePqkfG
+uV+yIl9Kw9mJW1ALh/fCiaZcLYSDxm70IHcSfTBhlKkHj1X1If4G1bs9Z+74h1v3
+8XjhLksU/m3ZO8bQZe0AqVzgwg9dDXHYjdu9V/X5aFsxKuQPtDo=
+-----END CERTIFICATE-----
diff --git a/cpp/test/IceSSL/certs/c_rsa_nopass_ca1_priv.pem b/cpp/test/IceSSL/certs/c_rsa_nopass_ca1_priv.pem
new file mode 100644
index 00000000000..3d227523dcc
--- /dev/null
+++ b/cpp/test/IceSSL/certs/c_rsa_nopass_ca1_priv.pem
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQC9bDbYC8+X52OpvlMkmfxIvAM0k68zpCUDSYE73wMh5+w7IssW
+04PzTKfSUT43ZFuxp6HvQz+MHZ69LeDI2o6slxz7syrSP9KvqJO/TLpBRi58NZTB
+jyKOn199+5IAFsPMDQeP47QOxj8+5D9+g7/3rwDafJZUL/pENgPC0+ZsLwIDAQAB
+AoGACapL4ho4LXgRDcg4VdXFmbB+OWCPwALQIKrPfU6TylcbJqlP04pXYUK4DXM3
+yXvFcfsruBmmVG/ueZitr5H3VaCbtEXBoVqp58OcGwmVWliNCz6mT9+uJPV2Fcl7
+QX/Ssy9jocoDLhs+VpEebeEOvjWdTyoFP5nOHaRxEfkgWIECQQDqpwcdiILCEgRR
+pjnj9aDdZLMiczdeaMPBKc/zfDwVVL41CPec6xnIrudxf5VYoY6QDYP2cqkO2TTN
+0fg9Ct5jAkEAzqfNRsov7ZRjQwiScomIEnsaPxuHSCZzoB7FVmXEYeC813j+HzVZ
+jSWjbrFJ+ShECnh77yQoI8DzCfouP7auxQJAWCEfVQI+SfFGWfwaZfmMz1nQxbGM
+LBMg4l130rToRAKt5XFWvkK2Tl8SYdhPGRikWIoa8+aghAkkAeFIYHTCjQJBAKXe
+NXtOKW3tnkZdiP35uYfr2sMwW0Lj6gZo7EdOY3OUKL5h1MZD0d7iiOz9y7v6P7KP
+xhnJ0ZXw9qHZdmmZPWkCQBcY2GM4z2TRC26xsWuSlnqt5/hsZVpYQS2/J0t0g0BO
+SO7E4IBGCzyKfjPyCFBNGJVn7aFJQUL5z2jaSEQsKC0=
+-----END RSA PRIVATE KEY-----
diff --git a/cpp/test/IceSSL/certs/c_rsa_nopass_ca1_pub.pem b/cpp/test/IceSSL/certs/c_rsa_nopass_ca1_pub.pem
new file mode 100644
index 00000000000..944981ddea1
--- /dev/null
+++ b/cpp/test/IceSSL/certs/c_rsa_nopass_ca1_pub.pem
@@ -0,0 +1,76 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 1 (0x1)
+        Signature Algorithm: md5WithRSAEncryption
+        Issuer: C=US, ST=Florida, L=Palm Beach Gardens, O=ZeroC, Inc., OU=Ice, CN=ZeroC Test CA/emailAddress=info@zeroc.com
+        Validity
+            Not Before: Mar 28 18:09:57 2006 GMT
+            Not After : Mar 25 18:09:57 2016 GMT
+        Subject: C=US, ST=Florida, O=ZeroC, Inc., OU=Ice/emailAddress=info@zeroc.com, CN=Client
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (1024 bit)
+                Modulus (1024 bit):
+                    00:bd:6c:36:d8:0b:cf:97:e7:63:a9:be:53:24:99:
+                    fc:48:bc:03:34:93:af:33:a4:25:03:49:81:3b:df:
+                    03:21:e7:ec:3b:22:cb:16:d3:83:f3:4c:a7:d2:51:
+                    3e:37:64:5b:b1:a7:a1:ef:43:3f:8c:1d:9e:bd:2d:
+                    e0:c8:da:8e:ac:97:1c:fb:b3:2a:d2:3f:d2:af:a8:
+                    93:bf:4c:ba:41:46:2e:7c:35:94:c1:8f:22:8e:9f:
+                    5f:7d:fb:92:00:16:c3:cc:0d:07:8f:e3:b4:0e:c6:
+                    3f:3e:e4:3f:7e:83:bf:f7:af:00:da:7c:96:54:2f:
+                    fa:44:36:03:c2:d3:e6:6c:2f
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Basic Constraints: 
+            CA:FALSE
+            X509v3 Subject Key Identifier: 
+            91:F0:42:68:7C:E8:C9:D8:E4:27:F2:B2:11:CF:F5:BD:82:F8:3D:07
+            X509v3 Authority Key Identifier: 
+            keyid:A3:8D:7D:FF:A8:69:1E:7C:54:58:46:61:FE:B7:68:BC:2C:FC:CB:DE
+            DirName:/C=US/ST=Florida/L=Palm Beach Gardens/O=ZeroC, Inc./OU=Ice/CN=ZeroC Test CA/emailAddress=info@zeroc.com
+            serial:00
+
+            X509v3 Subject Alternative Name: 
+            DNS:client, IP Address:127.0.0.1
+    Signature Algorithm: md5WithRSAEncryption
+        1a:d8:c4:90:34:42:e4:2e:e7:2b:6a:b1:50:54:cd:e2:7d:89:
+        14:c8:a4:71:b0:10:fd:67:0c:9b:66:f5:55:5e:0e:4f:c6:5f:
+        2e:a4:3d:ce:2e:3b:30:a7:a3:14:f1:83:a0:14:2d:2c:f3:1c:
+        bd:93:7d:1d:5b:f2:e7:6b:b9:17:c4:36:54:a7:b6:5f:94:9f:
+        79:7e:49:e8:92:b1:7f:cf:27:a7:7f:0e:76:86:9e:48:7e:61:
+        f5:af:c0:3b:72:c7:78:3a:16:cd:e9:b0:bd:33:4f:a1:3a:09:
+        ba:f2:f1:60:36:d2:ba:3b:36:7e:37:96:8b:d8:bf:db:b8:55:
+        cf:e7:2c:ac:2b:76:f9:2b:8b:30:8a:56:b1:aa:d8:04:f7:07:
+        c5:a5:82:2d:40:59:01:76:29:b8:e0:e8:37:8e:ae:94:30:f7:
+        60:20:9e:67:b6:ea:1a:20:c7:7d:c3:79:2d:dc:86:c9:e6:b9:
+        43:11:ac:c3:b7:4e:35:5d:91:fe:cb:77:35:3f:e0:d8:e2:2f:
+        a0:c8:58:2d:ac:1f:6b:53:c4:36:0a:6d:79:f4:cc:9a:33:fb:
+        b8:ff:be:55:c1:82:b0:63:ed:1c:fb:22:e7:b0:87:ee:57:04:
+        f8:be:fa:03:ee:24:61:f0:07:86:9e:b7:41:d3:2b:bd:c4:1b:
+        db:85:ec:81
+-----BEGIN CERTIFICATE-----
+MIIEEjCCAvqgAwIBAgIBATANBgkqhkiG9w0BAQQFADCBlzELMAkGA1UEBhMCVVMx
+EDAOBgNVBAgTB0Zsb3JpZGExGzAZBgNVBAcTElBhbG0gQmVhY2ggR2FyZGVuczEU
+MBIGA1UEChMLWmVyb0MsIEluYy4xDDAKBgNVBAsTA0ljZTEWMBQGA1UEAxMNWmVy
+b0MgVGVzdCBDQTEdMBsGCSqGSIb3DQEJARYOaW5mb0B6ZXJvYy5jb20wHhcNMDYw
+MzI4MTgwOTU3WhcNMTYwMzI1MTgwOTU3WjBzMQswCQYDVQQGEwJVUzEQMA4GA1UE
+CBMHRmxvcmlkYTEUMBIGA1UEChMLWmVyb0MsIEluYy4xDDAKBgNVBAsTA0ljZTEd
+MBsGCSqGSIb3DQEJARYOaW5mb0B6ZXJvYy5jb20xDzANBgNVBAMTBkNsaWVudDCB
+nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAvWw22AvPl+djqb5TJJn8SLwDNJOv
+M6QlA0mBO98DIefsOyLLFtOD80yn0lE+N2Rbsaeh70M/jB2evS3gyNqOrJcc+7Mq
+0j/Sr6iTv0y6QUYufDWUwY8ijp9fffuSABbDzA0Hj+O0DsY/PuQ/foO/968A2nyW
+VC/6RDYDwtPmbC8CAwEAAaOCAQ4wggEKMAkGA1UdEwQCMAAwHQYDVR0OBBYEFJHw
+Qmh86MnY5CfyshHP9b2C+D0HMIHEBgNVHSMEgbwwgbmAFKONff+oaR58VFhGYf63
+aLws/MveoYGdpIGaMIGXMQswCQYDVQQGEwJVUzEQMA4GA1UECBMHRmxvcmlkYTEb
+MBkGA1UEBxMSUGFsbSBCZWFjaCBHYXJkZW5zMRQwEgYDVQQKEwtaZXJvQywgSW5j
+LjEMMAoGA1UECxMDSWNlMRYwFAYDVQQDEw1aZXJvQyBUZXN0IENBMR0wGwYJKoZI
+hvcNAQkBFg5pbmZvQHplcm9jLmNvbYIBADAXBgNVHREEEDAOggZjbGllbnSHBH8A
+AAEwDQYJKoZIhvcNAQEEBQADggEBABrYxJA0QuQu5ytqsVBUzeJ9iRTIpHGwEP1n
+DJtm9VVeDk/GXy6kPc4uOzCnoxTxg6AULSzzHL2TfR1b8udruRfENlSntl+Un3l+
+SeiSsX/PJ6d/DnaGnkh+YfWvwDtyx3g6Fs3psL0zT6E6Cbry8WA20ro7Nn43lovY
+v9u4Vc/nLKwrdvkrizCKVrGq2AT3B8Wlgi1AWQF2Kbjg6DeOrpQw92Agnme26hog
+x33DeS3chsnmuUMRrMO3TjVdkf7LdzU/4NjiL6DIWC2sH2tTxDYKbXn0zJoz+7j/
+vlXBgrBj7Rz7Iuewh+5XBPi++gPuJGHwB4aet0HTK73EG9uF7IE=
+-----END CERTIFICATE-----
diff --git a/cpp/test/IceSSL/certs/c_rsa_nopass_ca2_priv.pem b/cpp/test/IceSSL/certs/c_rsa_nopass_ca2_priv.pem
new file mode 100644
index 00000000000..111c6a4ead8
--- /dev/null
+++ b/cpp/test/IceSSL/certs/c_rsa_nopass_ca2_priv.pem
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQDTgYNhfAjGTUOMfH4NSAiy0Ksjg/qWypJjcPpl2DppO0acdooz
+x6r692zSo3dV9j5oXZrtR5A3OGFLU+0cp1e7TfEYE7ymdcQz78fplggdhCaKEJVz
+WBFZ4B6AEUe07BGgB6hpTFJ9y5nyuDF6KrmA18XoM2hHj7mwwL+lt+12mwIDAQAB
+AoGBAMEXURFTglM/wHZmRVHsvHw7QrJm0ASQJXsBbqhB8nmVsw4urlc9Zxw9fK0E
+rXLeHvV613DeT4wKPdDeau8o206r3BXxu7XfV7fvuhcbdCiggkQLnAYioxHujIo1
+2VN+ODuC+XTUT5robGG1etf7z9oG+8X2axiwtFg7yglB8fjRAkEA91xHKNd/xiQq
+brbAd3LCB0XUowYi6zKzRrysn7aQYHBj0KW6K+ZqvvXPXy8/FhevsK3NK0TbE86L
+7dfNoVcn0wJBANrkpjVKabdZmGuGCNanGutJSWmJm4FhivtNiHQA59un5xFH5/Ha
+4ju9dGZpXO9vAgZiW9PwENss7NT748K6QRkCQQCNEwrehzEvTzcIF6BjP4bbYP8p
+zvkhTLQkVrzZBeUHq3Gx8KLiILKmoEiZz7daIT4pNKZ70/RiMn1ps5dqOevTAkAw
+VUKaC8dSE/eC7oKvGxDnmTQbmKX8qJQur00NCFIp/2YXO8Bsd/9yX3//SQ6bU/Cn
+hjpujti5/K6CzOfazJOpAkAE0casxjCqSXErU74vf3qpQs2MiUTKdeIbIxI8mWqI
+cgUYB+CpbuhiY6V13tNmQVzkemXHGSb/sRPcuwK0JJnp
+-----END RSA PRIVATE KEY-----
diff --git a/cpp/test/IceSSL/certs/c_rsa_nopass_ca2_pub.pem b/cpp/test/IceSSL/certs/c_rsa_nopass_ca2_pub.pem
new file mode 100644
index 00000000000..36626656a2c
--- /dev/null
+++ b/cpp/test/IceSSL/certs/c_rsa_nopass_ca2_pub.pem
@@ -0,0 +1,76 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 1 (0x1)
+        Signature Algorithm: md5WithRSAEncryption
+        Issuer: C=US, ST=Florida, L=Palm Beach Gardens, O=ZeroC, Inc., OU=Ice, CN=ZeroC Test CA/emailAddress=info@zeroc.com
+        Validity
+            Not Before: Mar 28 18:09:58 2006 GMT
+            Not After : Mar 25 18:09:58 2016 GMT
+        Subject: C=US, ST=Florida, O=ZeroC, Inc., OU=Ice/emailAddress=info@zeroc.com, CN=Client
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (1024 bit)
+                Modulus (1024 bit):
+                    00:d3:81:83:61:7c:08:c6:4d:43:8c:7c:7e:0d:48:
+                    08:b2:d0:ab:23:83:fa:96:ca:92:63:70:fa:65:d8:
+                    3a:69:3b:46:9c:76:8a:33:c7:aa:fa:f7:6c:d2:a3:
+                    77:55:f6:3e:68:5d:9a:ed:47:90:37:38:61:4b:53:
+                    ed:1c:a7:57:bb:4d:f1:18:13:bc:a6:75:c4:33:ef:
+                    c7:e9:96:08:1d:84:26:8a:10:95:73:58:11:59:e0:
+                    1e:80:11:47:b4:ec:11:a0:07:a8:69:4c:52:7d:cb:
+                    99:f2:b8:31:7a:2a:b9:80:d7:c5:e8:33:68:47:8f:
+                    b9:b0:c0:bf:a5:b7:ed:76:9b
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Basic Constraints: 
+            CA:FALSE
+            X509v3 Subject Key Identifier: 
+            D6:56:54:71:D9:44:C3:36:C4:8D:2F:AF:65:B0:B9:A6:DF:A4:45:5B
+            X509v3 Authority Key Identifier: 
+            keyid:BD:5A:BA:8A:D2:B9:96:DC:91:5C:64:9F:99:94:E2:48:44:2C:A9:DA
+            DirName:/C=US/ST=Florida/L=Palm Beach Gardens/O=ZeroC, Inc./OU=Ice/CN=ZeroC Test CA/emailAddress=info@zeroc.com
+            serial:00
+
+            X509v3 Subject Alternative Name: 
+            DNS:client, IP Address:127.0.0.1
+    Signature Algorithm: md5WithRSAEncryption
+        af:83:44:8b:af:5f:c2:32:34:bd:3a:ce:b3:09:c6:1d:83:2b:
+        5b:fa:ae:93:7d:24:ca:75:c6:f1:bc:fd:ff:67:b2:0f:f5:59:
+        db:c9:73:18:7e:39:0b:00:d9:71:d7:0c:00:ca:1e:89:53:83:
+        22:78:b1:1d:d0:62:2d:95:65:bd:63:65:cf:87:82:e7:81:00:
+        ae:c7:3b:67:9e:70:ac:c7:69:99:af:77:b6:0f:cb:78:76:0f:
+        2d:af:23:a6:80:5c:f0:47:7f:ed:55:8b:ed:12:69:ed:38:fb:
+        48:53:41:27:36:ae:e5:30:72:ed:51:15:f9:15:60:c1:0f:13:
+        9b:51:33:af:50:80:dd:3a:64:98:cf:65:5f:5f:76:2d:03:7b:
+        de:d0:28:93:c2:c0:ba:05:6c:13:95:cd:be:1a:0f:b6:6f:a6:
+        73:50:69:7c:4e:37:66:20:37:e0:0a:ee:e2:d8:43:b4:31:41:
+        c6:e4:08:51:47:07:5a:98:94:d2:1e:b7:5a:d4:c5:ea:7e:0f:
+        fa:bc:03:5f:9c:d9:5e:25:4c:45:a4:42:42:5f:72:06:7e:9a:
+        4b:83:ce:91:e8:af:9e:70:42:71:a7:56:d5:26:90:db:1d:08:
+        03:c4:18:0e:39:c9:f9:4a:70:a3:c3:f8:51:19:a3:db:96:92:
+        06:75:d2:95
+-----BEGIN CERTIFICATE-----
+MIIEEjCCAvqgAwIBAgIBATANBgkqhkiG9w0BAQQFADCBlzELMAkGA1UEBhMCVVMx
+EDAOBgNVBAgTB0Zsb3JpZGExGzAZBgNVBAcTElBhbG0gQmVhY2ggR2FyZGVuczEU
+MBIGA1UEChMLWmVyb0MsIEluYy4xDDAKBgNVBAsTA0ljZTEWMBQGA1UEAxMNWmVy
+b0MgVGVzdCBDQTEdMBsGCSqGSIb3DQEJARYOaW5mb0B6ZXJvYy5jb20wHhcNMDYw
+MzI4MTgwOTU4WhcNMTYwMzI1MTgwOTU4WjBzMQswCQYDVQQGEwJVUzEQMA4GA1UE
+CBMHRmxvcmlkYTEUMBIGA1UEChMLWmVyb0MsIEluYy4xDDAKBgNVBAsTA0ljZTEd
+MBsGCSqGSIb3DQEJARYOaW5mb0B6ZXJvYy5jb20xDzANBgNVBAMTBkNsaWVudDCB
+nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA04GDYXwIxk1DjHx+DUgIstCrI4P6
+lsqSY3D6Zdg6aTtGnHaKM8eq+vds0qN3VfY+aF2a7UeQNzhhS1PtHKdXu03xGBO8
+pnXEM+/H6ZYIHYQmihCVc1gRWeAegBFHtOwRoAeoaUxSfcuZ8rgxeiq5gNfF6DNo
+R4+5sMC/pbftdpsCAwEAAaOCAQ4wggEKMAkGA1UdEwQCMAAwHQYDVR0OBBYEFNZW
+VHHZRMM2xI0vr2WwuabfpEVbMIHEBgNVHSMEgbwwgbmAFL1auorSuZbckVxkn5mU
+4khELKnaoYGdpIGaMIGXMQswCQYDVQQGEwJVUzEQMA4GA1UECBMHRmxvcmlkYTEb
+MBkGA1UEBxMSUGFsbSBCZWFjaCBHYXJkZW5zMRQwEgYDVQQKEwtaZXJvQywgSW5j
+LjEMMAoGA1UECxMDSWNlMRYwFAYDVQQDEw1aZXJvQyBUZXN0IENBMR0wGwYJKoZI
+hvcNAQkBFg5pbmZvQHplcm9jLmNvbYIBADAXBgNVHREEEDAOggZjbGllbnSHBH8A
+AAEwDQYJKoZIhvcNAQEEBQADggEBAK+DRIuvX8IyNL06zrMJxh2DK1v6rpN9JMp1
+xvG8/f9nsg/1WdvJcxh+OQsA2XHXDADKHolTgyJ4sR3QYi2VZb1jZc+HgueBAK7H
+O2eecKzHaZmvd7YPy3h2Dy2vI6aAXPBHf+1Vi+0Sae04+0hTQSc2ruUwcu1RFfkV
+YMEPE5tRM69QgN06ZJjPZV9fdi0De97QKJPCwLoFbBOVzb4aD7ZvpnNQaXxON2Yg
+N+AK7uLYQ7QxQcbkCFFHB1qYlNIet1rUxep+D/q8A1+c2V4lTEWkQkJfcgZ+mkuD
+zpHor55wQnGnVtUmkNsdCAPEGA45yflKcKPD+FEZo9uWkgZ10pU=
+-----END CERTIFICATE-----
diff --git a/cpp/test/IceSSL/certs/c_rsa_pass_ca1_priv.pem b/cpp/test/IceSSL/certs/c_rsa_pass_ca1_priv.pem
new file mode 100644
index 00000000000..d1f76ef4a07
--- /dev/null
+++ b/cpp/test/IceSSL/certs/c_rsa_pass_ca1_priv.pem
@@ -0,0 +1,18 @@
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,83B3455E2D365B1F
+
+BWQJBcUwyg0MftFVbNiQWgws7MYFItmnaRU+tssIsk1aBEAOeBiVeEdo5vm/jani
+EJad9Vs+ogs29fWU/wWuCNTsX7MPAJyySoX03VDhqwrQN72xoOJ4dx6Zw7CH6SiE
+hq7jvEL7SctZxwXvRDRLjvWpLKkDqAwA6YP6R6+pFI2BgC+i6wMwuw8pFsn0r/Hz
+M/+KZveTuH6ctzNmxoYw1rdaKnAkeEgkPCYyX1xvzZ7P5HfhCN9o5okK9uQE8Izo
+pncSIr7fjKHh51+7T8b4axIqShTYAJC/NfymlceppzWcOuz2a+/wDIhRGE8UNZ/g
+59eHlO9V5NNs/vdSIdtCGk9fOW6hoiokLmAq0XsVIZz5JGgk62718tSAaNYXDKPq
+PHGTIWdeTA5r67H5bLh+9lrSoR7m4eFvfo/VQ6dAgbKmmabjaXf10YX/sQh9CLTu
+GMm24mHkUWVxbNtom8sOgXjD2xF0VyB4lItKUQ+znkNY5PiyA9dC0ZkU6LssGiwo
+MQN/DPEPtKbUafh+1sias4LoREAGlM1JFEcPzuK4xUhIxzTEBou30kugUzvVyVNE
+95TKUoLfBV4UGq/jW/iPI1sSXQRWHTVrhMnKXQsKvNU3G/lXXgkeVnfy2hPLNX7R
+OsZSN1YK9T75FI0E5LfstQmU3G6WBOuYStkdxtosAbqSFtDMQx/Wb4QYeyKMNVdz
+eKtPKr2BMLZ3O0rwQoxuEflIJRR32X0QaNnI/+cJTmukvN7TmBYMo9v0FEiBoDgk
+G0JwHH0XHprQ+Q56avc9LH1y1i56aGhhv1cVb20QfQ7h3zjtJ1qRiw==
+-----END RSA PRIVATE KEY-----
diff --git a/cpp/test/IceSSL/certs/c_rsa_pass_ca1_pub.pem b/cpp/test/IceSSL/certs/c_rsa_pass_ca1_pub.pem
new file mode 100644
index 00000000000..4375c953499
--- /dev/null
+++ b/cpp/test/IceSSL/certs/c_rsa_pass_ca1_pub.pem
@@ -0,0 +1,76 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 1 (0x1)
+        Signature Algorithm: md5WithRSAEncryption
+        Issuer: C=US, ST=Florida, L=Palm Beach Gardens, O=ZeroC, Inc., OU=Ice, CN=ZeroC Test CA/emailAddress=info@zeroc.com
+        Validity
+            Not Before: Mar 28 18:09:57 2006 GMT
+            Not After : Mar 25 18:09:57 2016 GMT
+        Subject: C=US, ST=Florida, O=ZeroC, Inc., OU=Ice/emailAddress=info@zeroc.com, CN=Client
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (1024 bit)
+                Modulus (1024 bit):
+                    00:b9:e9:dc:e9:25:35:34:0c:f5:78:74:a6:0a:44:
+                    15:a4:7d:09:f6:77:a2:9a:ff:2e:43:27:d8:c2:58:
+                    b8:16:40:4e:ef:d2:ac:28:bc:b0:34:17:f1:0f:9e:
+                    a0:76:27:30:24:c8:c8:60:f1:46:9e:8b:7d:96:c0:
+                    11:4b:48:2f:38:ad:2a:4b:bf:72:b6:49:ac:ee:c5:
+                    83:d2:d4:85:9d:c5:36:34:57:0e:1f:a9:bc:75:5e:
+                    d1:c4:96:8b:66:f5:1b:aa:e0:d1:29:a4:5b:18:c1:
+                    c6:4b:0d:09:41:3c:7c:e2:68:82:32:9f:2e:5e:b8:
+                    bf:75:6d:02:aa:dc:63:e0:1f
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Basic Constraints: 
+            CA:FALSE
+            X509v3 Subject Key Identifier: 
+            9B:38:4C:97:AD:BB:3F:CF:36:52:53:8C:8E:3A:37:71:3E:87:F8:C3
+            X509v3 Authority Key Identifier: 
+            keyid:A3:8D:7D:FF:A8:69:1E:7C:54:58:46:61:FE:B7:68:BC:2C:FC:CB:DE
+            DirName:/C=US/ST=Florida/L=Palm Beach Gardens/O=ZeroC, Inc./OU=Ice/CN=ZeroC Test CA/emailAddress=info@zeroc.com
+            serial:00
+
+            X509v3 Subject Alternative Name: 
+            DNS:client, IP Address:127.0.0.1
+    Signature Algorithm: md5WithRSAEncryption
+        a2:ca:10:e7:7c:b3:4c:ba:76:c6:e9:8b:90:d3:70:0b:f7:3d:
+        7d:c5:91:f0:29:e1:2b:d7:8b:b5:8d:e9:72:f0:ba:17:3f:88:
+        4b:d9:11:30:da:1f:d8:25:be:62:ca:23:9a:8d:d7:6a:db:21:
+        7c:fa:e4:54:54:db:17:6a:7f:c7:63:a8:35:e0:8c:fa:d0:5d:
+        b6:e8:1a:ef:1b:98:ea:d0:a9:5c:46:ba:3d:4a:8b:e5:eb:f6:
+        1a:ef:71:8a:f7:62:70:3a:6f:4c:06:3f:5e:39:57:fa:89:0b:
+        ed:63:1f:fd:b8:18:ee:f6:de:cc:62:ef:f2:6a:da:16:3e:32:
+        ab:d3:7f:4d:e8:16:61:61:da:64:8f:26:38:31:77:ef:cc:bc:
+        82:34:2f:c5:31:ce:1a:78:40:4d:1d:ca:9f:75:db:e1:eb:54:
+        df:b3:3c:bf:d1:13:91:4d:d1:a8:da:ef:89:31:70:3e:e0:bb:
+        10:65:7d:b6:d6:98:5e:1c:9f:23:a6:12:b8:cc:be:bc:df:56:
+        05:21:5d:27:df:0f:e8:24:04:df:f5:ae:de:3c:f1:17:7e:c0:
+        74:2e:79:be:1f:7b:b8:b7:fe:bb:59:5d:d5:b2:ab:51:4d:d0:
+        9e:df:5e:75:1b:4e:b8:18:dd:47:44:99:a5:6d:41:b1:9b:48:
+        eb:ea:af:8b
+-----BEGIN CERTIFICATE-----
+MIIEEjCCAvqgAwIBAgIBATANBgkqhkiG9w0BAQQFADCBlzELMAkGA1UEBhMCVVMx
+EDAOBgNVBAgTB0Zsb3JpZGExGzAZBgNVBAcTElBhbG0gQmVhY2ggR2FyZGVuczEU
+MBIGA1UEChMLWmVyb0MsIEluYy4xDDAKBgNVBAsTA0ljZTEWMBQGA1UEAxMNWmVy
+b0MgVGVzdCBDQTEdMBsGCSqGSIb3DQEJARYOaW5mb0B6ZXJvYy5jb20wHhcNMDYw
+MzI4MTgwOTU3WhcNMTYwMzI1MTgwOTU3WjBzMQswCQYDVQQGEwJVUzEQMA4GA1UE
+CBMHRmxvcmlkYTEUMBIGA1UEChMLWmVyb0MsIEluYy4xDDAKBgNVBAsTA0ljZTEd
+MBsGCSqGSIb3DQEJARYOaW5mb0B6ZXJvYy5jb20xDzANBgNVBAMTBkNsaWVudDCB
+nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAuenc6SU1NAz1eHSmCkQVpH0J9nei
+mv8uQyfYwli4FkBO79KsKLywNBfxD56gdicwJMjIYPFGnot9lsARS0gvOK0qS79y
+tkms7sWD0tSFncU2NFcOH6m8dV7RxJaLZvUbquDRKaRbGMHGSw0JQTx84miCMp8u
+Xri/dW0Cqtxj4B8CAwEAAaOCAQ4wggEKMAkGA1UdEwQCMAAwHQYDVR0OBBYEFJs4
+TJetuz/PNlJTjI46N3E+h/jDMIHEBgNVHSMEgbwwgbmAFKONff+oaR58VFhGYf63
+aLws/MveoYGdpIGaMIGXMQswCQYDVQQGEwJVUzEQMA4GA1UECBMHRmxvcmlkYTEb
+MBkGA1UEBxMSUGFsbSBCZWFjaCBHYXJkZW5zMRQwEgYDVQQKEwtaZXJvQywgSW5j
+LjEMMAoGA1UECxMDSWNlMRYwFAYDVQQDEw1aZXJvQyBUZXN0IENBMR0wGwYJKoZI
+hvcNAQkBFg5pbmZvQHplcm9jLmNvbYIBADAXBgNVHREEEDAOggZjbGllbnSHBH8A
+AAEwDQYJKoZIhvcNAQEEBQADggEBAKLKEOd8s0y6dsbpi5DTcAv3PX3FkfAp4SvX
+i7WN6XLwuhc/iEvZETDaH9glvmLKI5qN12rbIXz65FRU2xdqf8djqDXgjPrQXbbo
+Gu8bmOrQqVxGuj1Ki+Xr9hrvcYr3YnA6b0wGP145V/qJC+1jH/24GO723sxi7/Jq
+2hY+MqvTf03oFmFh2mSPJjgxd+/MvII0L8Uxzhp4QE0dyp912+HrVN+zPL/RE5FN
+0aja74kxcD7guxBlfbbWmF4cnyOmErjMvrzfVgUhXSffD+gkBN/1rt488Rd+wHQu
+eb4fe7i3/rtZXdWyq1FN0J7fXnUbTrgY3UdEmaVtQbGbSOvqr4s=
+-----END CERTIFICATE-----
diff --git a/cpp/test/IceSSL/certs/cacert.pem b/cpp/test/IceSSL/certs/cacert.pem
deleted file mode 100644
index 40b2d1e47b3..00000000000
--- a/cpp/test/IceSSL/certs/cacert.pem
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIEozCCA4ugAwIBAgIBADANBgkqhkiG9w0BAQQFADCBlzELMAkGA1UEBhMCVVMx
-EDAOBgNVBAgTB0Zsb3JpZGExGzAZBgNVBAcTElBhbG0gQmVhY2ggR2FyZGVuczEU
-MBIGA1UEChMLWmVyb0MsIEluYy4xDDAKBgNVBAsTA0ljZTEWMBQGA1UEAxMNWmVy
-b0MgVGVzdCBDQTEdMBsGCSqGSIb3DQEJARYOaW5mb0B6ZXJvYy5jb20wHhcNMDYw
-MzE1MTc1MTQ5WhcNMTEwMzE0MTc1MTQ5WjCBlzELMAkGA1UEBhMCVVMxEDAOBgNV
-BAgTB0Zsb3JpZGExGzAZBgNVBAcTElBhbG0gQmVhY2ggR2FyZGVuczEUMBIGA1UE
-ChMLWmVyb0MsIEluYy4xDDAKBgNVBAsTA0ljZTEWMBQGA1UEAxMNWmVyb0MgVGVz
-dCBDQTEdMBsGCSqGSIb3DQEJARYOaW5mb0B6ZXJvYy5jb20wggEiMA0GCSqGSIb3
-DQEBAQUAA4IBDwAwggEKAoIBAQDnTrtDY6KHEDN72Tx7OgkUaLMhYHIURb7/I72c
-AtoRzbf9qW77w+FmruNySlNAMPiPk70D8Xcl5svtOPe/OGgxSgSvoMS/ym/57eMe
-IE0LD6g5hwn2VQ65ZyPGHJ7PWgixpcejtpPIe2GeXABGp3ADGurlaOwvsORX72IQ
-hvciNlK31WZKvFascLGgvIgpNzasK1y1mV+My9I9rMBp6tz79aWYH62Tv/yZB/Kz
-F+6okSLIzYzZCMRactUbrWX3AE10c3gsJoIOi1spr5ax1LyjlS3AWI5jL2Eu0XLO
-k0Yz8o6M2XGr3BD/Q/cUFIKjjhZr6O0saJybWkAzmWeeuZ+XAgMBAAGjgfcwgfQw
-DAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQU9gQCQkZa8SH9cULWe8R5ZX4dHoYwgcQG
-A1UdIwSBvDCBuYAU9gQCQkZa8SH9cULWe8R5ZX4dHoahgZ2kgZowgZcxCzAJBgNV
-BAYTAlVTMRAwDgYDVQQIEwdGbG9yaWRhMRswGQYDVQQHExJQYWxtIEJlYWNoIEdh
-cmRlbnMxFDASBgNVBAoTC1plcm9DLCBJbmMuMQwwCgYDVQQLEwNJY2UxFjAUBgNV
-BAMTDVplcm9DIFRlc3QgQ0ExHTAbBgkqhkiG9w0BCQEWDmluZm9AemVyb2MuY29t
-ggEAMA0GCSqGSIb3DQEBBAUAA4IBAQDebv6otMlokDnzC/Y25VU+fhV8Hat9R0nE
-osWTArvmDgD8yip1Us7QSaoftuznIn3Xbh2jBOx5ND6srs14AIOpxaFU5QVOLzv3
-ZDcd7KOW+d7ft02NZFZcFkmvCjgFkjZcnyT4vDoGXopXlnlgJ4ipQv5Mz8af4RW+
-XTTKfSixR4gJbNfnywumssuV7bUxASivo+fSmiCUCHLDT9HocHgd69z55vT1Wqc2
-5K7Og+JAZvoItuoJxrQ7Mvd0nYUYaP2cmNRKramigqjNG0om529qH0/Cagsfi+bG
-PYjorZxJw8W+XSZv14qqJEo93ilZRo90RlB5e+n2kpdgA107qA7t
------END CERTIFICATE-----
diff --git a/cpp/test/IceSSL/certs/cacert1.pem b/cpp/test/IceSSL/certs/cacert1.pem
new file mode 100644
index 00000000000..2f0ad5b723c
--- /dev/null
+++ b/cpp/test/IceSSL/certs/cacert1.pem
@@ -0,0 +1,27 @@
+-----BEGIN CERTIFICATE-----
+MIIEozCCA4ugAwIBAgIBADANBgkqhkiG9w0BAQQFADCBlzELMAkGA1UEBhMCVVMx
+EDAOBgNVBAgTB0Zsb3JpZGExGzAZBgNVBAcTElBhbG0gQmVhY2ggR2FyZGVuczEU
+MBIGA1UEChMLWmVyb0MsIEluYy4xDDAKBgNVBAsTA0ljZTEWMBQGA1UEAxMNWmVy
+b0MgVGVzdCBDQTEdMBsGCSqGSIb3DQEJARYOaW5mb0B6ZXJvYy5jb20wHhcNMDYw
+MzI4MTgwOTUzWhcNMDYwNDI3MTgwOTUzWjCBlzELMAkGA1UEBhMCVVMxEDAOBgNV
+BAgTB0Zsb3JpZGExGzAZBgNVBAcTElBhbG0gQmVhY2ggR2FyZGVuczEUMBIGA1UE
+ChMLWmVyb0MsIEluYy4xDDAKBgNVBAsTA0ljZTEWMBQGA1UEAxMNWmVyb0MgVGVz
+dCBDQTEdMBsGCSqGSIb3DQEJARYOaW5mb0B6ZXJvYy5jb20wggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQDr7zDFp/OVfg8QR++rulBks0qdjS9Nr72TCNlA
+9d3fmfCSG7UA/78OIJCOS4o88RIzcZGT2uAaBuAahFg6jV1IMu0FjmsoTRukX6Bm
+A6ONF8XtNRKRB3wtAUWFn5ypUqf6srT06M7+3N+TBqo9MVCPxNSoyaEFPHMNVT3n
+52lPRJY/ycXuaun+eR4NrR/tf0h2dE0rO7PwVbofURaH5vSj8WZv+OfCtzg/s8oE
+u4D3caheoMvim8HhIc39tUrHVi2Jg8fCyDrnKteDmw0eu3DyCisa5mLfr6M5ORrt
+kCeWHGoIvivwjRo2iIMZ5vEwch8K7dBjt01Yt0erltU5CWg1AgMBAAGjgfcwgfQw
+DAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUo419/6hpHnxUWEZh/rdovCz8y94wgcQG
+A1UdIwSBvDCBuYAUo419/6hpHnxUWEZh/rdovCz8y96hgZ2kgZowgZcxCzAJBgNV
+BAYTAlVTMRAwDgYDVQQIEwdGbG9yaWRhMRswGQYDVQQHExJQYWxtIEJlYWNoIEdh
+cmRlbnMxFDASBgNVBAoTC1plcm9DLCBJbmMuMQwwCgYDVQQLEwNJY2UxFjAUBgNV
+BAMTDVplcm9DIFRlc3QgQ0ExHTAbBgkqhkiG9w0BCQEWDmluZm9AemVyb2MuY29t
+ggEAMA0GCSqGSIb3DQEBBAUAA4IBAQBT4FUXOM52g4HEnY8PefjorPt3f3RDG3Z4
+J55+sT45Z/9LPMynwrADxdNgJdzF3ad8pCXNmkgSN8Gv0QTvVeCWPIgTbtEfm40a
+aNXLvlAekK2pneby7vXMwgM1ZN6+0xNA3+tWSqFC48ye8qfkoSmWH/HLcU5/nuiu
++aU+N+mrd9/ZCwNiOW5xr3iezAV6T6oaZxEuXYlONmvc7Y6ZOLmQ8PNFQfqOAVXA
+88H49sKBLTcBhlqDMRPQJ0pWJs0kAmSYWGJBT2I9QiE63gUGf/yxHYt5ztfrTqzb
+Y9jlTlEhDtGTDr+vYT0QwaXvAb3Z+OPHrr5f6Bt62u/9JBiaNR6q
+-----END CERTIFICATE-----
diff --git a/cpp/test/IceSSL/certs/cacert2.pem b/cpp/test/IceSSL/certs/cacert2.pem
new file mode 100644
index 00000000000..b9ec5b9c980
--- /dev/null
+++ b/cpp/test/IceSSL/certs/cacert2.pem
@@ -0,0 +1,27 @@
+-----BEGIN CERTIFICATE-----
+MIIEozCCA4ugAwIBAgIBADANBgkqhkiG9w0BAQQFADCBlzELMAkGA1UEBhMCVVMx
+EDAOBgNVBAgTB0Zsb3JpZGExGzAZBgNVBAcTElBhbG0gQmVhY2ggR2FyZGVuczEU
+MBIGA1UEChMLWmVyb0MsIEluYy4xDDAKBgNVBAsTA0ljZTEWMBQGA1UEAxMNWmVy
+b0MgVGVzdCBDQTEdMBsGCSqGSIb3DQEJARYOaW5mb0B6ZXJvYy5jb20wHhcNMDYw
+MzI4MTgwOTU2WhcNMDYwNDI3MTgwOTU2WjCBlzELMAkGA1UEBhMCVVMxEDAOBgNV
+BAgTB0Zsb3JpZGExGzAZBgNVBAcTElBhbG0gQmVhY2ggR2FyZGVuczEUMBIGA1UE
+ChMLWmVyb0MsIEluYy4xDDAKBgNVBAsTA0ljZTEWMBQGA1UEAxMNWmVyb0MgVGVz
+dCBDQTEdMBsGCSqGSIb3DQEJARYOaW5mb0B6ZXJvYy5jb20wggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQDIIrVc/XClIjvbk10f/v/nKJEN0ygAMAQKtSVX
+cPtuMRRapHfSUrwXInFSBTF1k3ViV53ArSBNDyIb100WiWm1/Da5WP1ezxboP1uc
+dsyYv+1X6PdiP3KJ1rxnDJWfjzlU5qlCCzxLCqvy8xi60vlqPEkGVyo9LCsoqB5h
+G4aOY/Oh8YrPgzqJYae/lVbiI0y1GxqLJpwdW1iSs90MndGb4wFh0nD8Dd/KHacV
+rc7HUdjHTFkhyooQ2kA97v2Ndk0jZ6vwNmuhpbXRyK3/ZEU3idtQQlmDvuerz3lr
+aGrnR9EP0esRFXtZeOEVZNDGyual8LCFeiNIow1ztBR7rBhBAgMBAAGjgfcwgfQw
+DAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUvVq6itK5ltyRXGSfmZTiSEQsqdowgcQG
+A1UdIwSBvDCBuYAUvVq6itK5ltyRXGSfmZTiSEQsqdqhgZ2kgZowgZcxCzAJBgNV
+BAYTAlVTMRAwDgYDVQQIEwdGbG9yaWRhMRswGQYDVQQHExJQYWxtIEJlYWNoIEdh
+cmRlbnMxFDASBgNVBAoTC1plcm9DLCBJbmMuMQwwCgYDVQQLEwNJY2UxFjAUBgNV
+BAMTDVplcm9DIFRlc3QgQ0ExHTAbBgkqhkiG9w0BCQEWDmluZm9AemVyb2MuY29t
+ggEAMA0GCSqGSIb3DQEBBAUAA4IBAQCYe9MyLIAFbXZE3lgm+W5WA5t1InVrr+ph
+3eGmNyhvs8di1qjKz/CRY7rx2u29nFla0hW2zMV9DuVT+rR3J6qI0kmwNRZBrnPi
+JcTukFH7b4BZ3EVfXnfObILATZLMrlgG+H5+MFKhnuBZDcSx+UCthtmHRlr819K0
+3xGKSQ8YbUVaoDv8wl7pKBpOHst2L6tVy+4KMl7IOC9G9xVzcE1TElcY7GCF1lSX
+LPzsns2dH+o3zxAMpVBknKqTrrK5839al/mzIfHI6ynwyBXRKBEjMmo2CiAKnM85
+AmAEMFc+LyE6u5AvB6LiuQf5v83f6EBLQi6sWZ3cZb7blhUQ3MRA
+-----END CERTIFICATE-----
diff --git a/cpp/test/IceSSL/certs/cakey1.pem b/cpp/test/IceSSL/certs/cakey1.pem
new file mode 100644
index 00000000000..56061ebbcef
--- /dev/null
+++ b/cpp/test/IceSSL/certs/cakey1.pem
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEA6+8wxafzlX4PEEfvq7pQZLNKnY0vTa+9kwjZQPXd35nwkhu1
+AP+/DiCQjkuKPPESM3GRk9rgGgbgGoRYOo1dSDLtBY5rKE0bpF+gZgOjjRfF7TUS
+kQd8LQFFhZ+cqVKn+rK09OjO/tzfkwaqPTFQj8TUqMmhBTxzDVU95+dpT0SWP8nF
+7mrp/nkeDa0f7X9IdnRNKzuz8FW6H1EWh+b0o/Fmb/jnwrc4P7PKBLuA93GoXqDL
+4pvB4SHN/bVKx1YtiYPHwsg65yrXg5sNHrtw8gorGuZi36+jOTka7ZAnlhxqCL4r
+8I0aNoiDGebxMHIfCu3QY7dNWLdHq5bVOQloNQIDAQABAoIBAEx9VGOQSsE5iCqw
+F7yl/7BWDCe+AQr/ocdMhBqyW0dFwh+sSedUAp3S4uqvBNczFMKG3DqCKEtn1Tnj
+lDMPZ6GjmQJHJOiA7yhANGE+ZsS0Y1++6BEKyzBQDDkBASpH+NunGlGYNJueAgHJ
+lGGYXlTt7D/4dnKbIXW+H/7SIGso4up0MTNeE5t4dxDQWpymFdeISAd4qMG8dTVX
+9YEz0eFsZF4wuY2Brh/7Let2rDXEGmb+MnnALwinYVGwTBoikF6rBAlmdLQYyXrA
+C8N8xDSW5Lsa8hw/eY/egxW9IJUuLG2KJnTlEXGvTa9VS1VICZKdo4iaVlb4GA6j
+JfH175UCgYEA+UYHa2ATV1Px/8MUsvacW93+r1zyVX0TU6Wks9jkLWpeRCt/FYEw
+jtq53Xr4PSsXYILNNTcBwWr4HacKs7S+De4md0mwupRztO9hfEb2j/aCPMJ/6v0m
+kwvoq5v19GvPXY4tAfpneuveuhd2Ogx6oJUpGoB/4x3xSlSQosTyFP8CgYEA8k0D
+y3I3iRrYcOTyb9HmfyxeV/AipDhHMkU5HehJaDSYZtR4L48LgPNpvNdl17pGl0uF
++hK+ORSlseqFdVfLVi9a0uVU+Qhw3y8OoT8wcRsDYPcWGbi1BPSZjBmoSwSgn6hn
+1jKvhzu2uJp+8vGP9fOmuzv7Mim7MZAAFNMDPssCgYEAi+zXdVq1AKxKh7tF/z+X
+faobsOyHy50uICI3Vg1F6Ihw6etQpw2h6E63TrAccJmjwbUq49hA0AXvyRVfWIj4
+tnEcfpGK9vEmEkbdfhmHhkBl0x2LGKmJ4bkpnkspwU5TVLzeXuHk/Icyu1s4LlWa
+8FFKhWnkX+UK8SKPHg9XpJkCgYAGwxl5Aw4DuIkT1X/imQQKxo03fQ8qcBukjoQC
+jqoFy3n5XLKh+ScECUcJKyW/eIZh0IzDpuRCKY5aQcZJuRKGrDmnqxjM/mxP/js1
+StMqROu6OAsY2qvKoJzsaQbmWRG2gveq5a06Y/M8gatLUmyHG66qiQkApGOCBZfK
+/PyZMwKBgHKuwOZf/APOiIMIITOSsbU9UYVX9qiIqeWfLeyydsXhWzRLMkvMN9z9
+5N2Iew7LRXsg4BZyoO+GWhUy5IcLA4yArymq7pt3fFyZvF8hmgyOd1HEte+UNOAE
+b9xIuwHp2nEH3gRRKA1YwgxIji1qiXDyDGAx+EEgJyLkndLjCWlo
+-----END RSA PRIVATE KEY-----
diff --git a/cpp/test/IceSSL/certs/cakey2.pem b/cpp/test/IceSSL/certs/cakey2.pem
new file mode 100644
index 00000000000..23f03da7e4e
--- /dev/null
+++ b/cpp/test/IceSSL/certs/cakey2.pem
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEAyCK1XP1wpSI725NdH/7/5yiRDdMoADAECrUlV3D7bjEUWqR3
+0lK8FyJxUgUxdZN1YledwK0gTQ8iG9dNFolptfw2uVj9Xs8W6D9bnHbMmL/tV+j3
+Yj9yida8ZwyVn485VOapQgs8Swqr8vMYutL5ajxJBlcqPSwrKKgeYRuGjmPzofGK
+z4M6iWGnv5VW4iNMtRsaiyacHVtYkrPdDJ3Rm+MBYdJw/A3fyh2nFa3Ox1HYx0xZ
+IcqKENpAPe79jXZNI2er8DZroaW10cit/2RFN4nbUEJZg77nq895a2hq50fRD9Hr
+ERV7WXjhFWTQxsrmpfCwhXojSKMNc7QUe6wYQQIDAQABAoIBAQC7V+I2HfhoXFdz
+/8pYvTeHh23hZxw2sLvX2iIObHCwgbjv8K1JcLEpZtB1Wu8lhNeJK0M8rdNizxu6
+vBwpUJBoDqSbdDYZnflvhn+XQ43aHy9p72ZDzejGJwFN5XXaWxPr6c/fRu01wdOc
+JPutRvi6/ZvOF6IuiT4NXPKzLDUU68rHIG9LKUTpATo37XUJ3l3zL2fSYU/A3rfN
+Kw5NMI0pbQldinlfKaAoy8iDWfbfCwsoCPDzTR1IFMorhIbQppaQJ9eghmIc8qyw
+R1K5rn+jPrufFNYzpYEH39BB72PzsHMhBBvxKq1w0aEPWShTC2uNP/mUN5CTsjy5
+WdSUMwCRAoGBAPKPznU/OrpoNMH4AoXJrOVPSqpem5FE8OKu3mgVp1kJxq2JoR7a
+XYTNnIKaDI9KUDu4inf/uI8s6V4k45Cynu1jQuyrU+ikhoW89ETWKu8M12G+RyO2
++UjRouLetcLC6ibmziNL1phNqlxdkTX2oW5CVDUOzPh8SCn8STHWI7WfAoGBANM5
+Lp/wbMEmm6Ifm08Nu3VDEr3Zew8+LLLU6o6vfm5yhVb9DGuL0ZMcPEz2vLraJ4ti
+kNXQrE8HL2JSZxHDd5V4NYo0ax81c/D1NzZ/Zd1LkeF8JY0yBlkTSh12A+/0E0IZ
+KS6vmjIzODgIUjqii3TH6dYZNw29vPNGc0Gp7KYfAoGAOmSWPjGPkMp/UObErLKF
+VdrFzcfiyZEAMIIKdqIn3E53LtXAHO5SryLUd7hgJ6qrMAVYCFVed9FHCOv2gKIP
+knRf6xu/onThEZcQcvXf9hZwT06AT7+/uWEGRnl45j8IIX9Uxrh+G8Iurfe0eno6
+GJINNYyvmW5J7RmYAVBc3l8CgYAgll7iIBa3SfyS66tra+Py+HEoxyfcNyxwPrcd
+YmfwJEz8GbhT01N3DdEj0qFVdpjJQWC1DCe5XZNq6Omr7OtDLTOdae7o9rc3gq2N
+A+S0WpdcIWotuX0POxGhL/b1i0N5XCZlZIQ2oH5Y7re5AiDf2IP0GxnKTe6b3c+k
+XtH64wKBgQDH15B8/yA5Nl8Uz0BUGxTTR42WDQG08pxOYsuVWc3Z4ReOUHSGt3Bt
+cc7hPZ3YZO8tcybMTKEVSYIdIqf5GXcLiO4FtaJSwzye7i3KbnXo0j2j8yZGPE8M
+xgU5oCzJcjSZ1Jf4KS26QPVHzCqNSNapijw/DNK/C0/Gk8iRhuwgyQ==
+-----END RSA PRIVATE KEY-----
diff --git a/cpp/test/IceSSL/certs/client.cnf b/cpp/test/IceSSL/certs/client.cnf
new file mode 100644
index 00000000000..6bef1e2adfd
--- /dev/null
+++ b/cpp/test/IceSSL/certs/client.cnf
@@ -0,0 +1,85 @@
+# **********************************************************************
+#
+# Copyright (c) 2003-2005 ZeroC, Inc. All rights reserved.
+#
+# This copy of Ice is licensed to you under the terms described in the
+# ICE_LICENSE file included in this distribution.
+#
+# **********************************************************************
+
+#
+# ZeroC base OpenSSL configuration file.
+#
+
+###############################################################################
+###  CA Configuration
+###############################################################################
+
+[ ca ]
+default_ca = ice
+
+
+[ ice ]
+dir              = tmp	       # Where everything is kept.
+private_key      = cakey.pem   # The CA Private Key.
+certificate      = cacert.pem  # The CA Certificate.
+database         = $dir/index.txt           # Database index file.
+new_certs_dir    = $dir                     # Default loc for new certs.
+serial           = $dir/serial              # The current serial number.
+
+certs            = $dir                     # Where issued certs are kept.
+RANDFILE         = $dir/.rand               # Private random number file.
+
+default_days     = 3650                     # How long certs are valid.
+default_md       = md5                      # The Message Digest type.
+preserve         = yes                      # Keep passed DN ordering?
+
+policy           = ca_policy
+x509_extensions  = certificate_extensions
+
+
+[ ca_policy ]
+countryName            = match
+stateOrProvinceName    = match
+organizationName       = match
+organizationalUnitName = optional
+emailAddress           = optional
+commonName             = supplied
+
+
+[ certificate_extensions ]
+basicConstraints = CA:false
+
+# PKIX recommendation.
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid:always,issuer:always
+
+subjectAltName = DNS:client, IP:127.0.0.1
+
+[ req ]
+default_bits        = 1024
+default_keyfile     = c_rsa1024_priv.pem
+default_md          = md5
+prompt              = no
+distinguished_name  = root_ca_distinguished_name
+x509_extensions     = root_ca_extensions
+
+
+[ root_ca_distinguished_name ]
+countryName            = US
+stateOrProvinceName    = Florida
+localityName           = Palm Beach Gardens
+organizationName       = ZeroC, Inc.
+organizationalUnitName = Ice
+commonName             = Client
+emailAddress           = info@zeroc.com
+
+
+[ root_ca_extensions ]
+basicConstraints = CA:false
+
+# PKIX recommendation.
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid:always,issuer:always
+keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+
diff --git a/cpp/test/IceSSL/certs/dsaparam1024.pem b/cpp/test/IceSSL/certs/dsaparam1024.pem
new file mode 100644
index 00000000000..8b6941b0498
--- /dev/null
+++ b/cpp/test/IceSSL/certs/dsaparam1024.pem
@@ -0,0 +1,9 @@
+-----BEGIN DSA PARAMETERS-----
+MIIBHwKBgQDRqIk+hRip/xkMDFhb3SPSC9lUHFg2cGry7UpR/LQBobbaBx9+JTDL
+6iswzihT2Og/Ti8TAxCqhpjRGQRUrVThv+yb7DplfrKGiAby6xCD5BsJy6Ra0Hch
+qVeISqXkaJyAGF+PW81Oh2BRejQgFuYe9Np1b8uynHYN1JF2xeHv5wIVAKM3w9+f
+I7s7jtna4yLhgE66z8SpAoGBAJK1QvQwz3nCIawxq2b52an7vUbm78oGi9K0fBgz
+ugc7QREqNtFK8I1z7zoz42XR9rS9tqeE/Ncdjx+9d/X1R0miBiJauy2muodxHkPh
+40l1lSkUmUNDGE8Pm71VTG6+UShzs0ZSZ+zZ4JzmI/WxCglGJvfnP6DD3HYm4thB
+dXdW
+-----END DSA PARAMETERS-----
diff --git a/cpp/test/IceSSL/certs/f632d95f.0 b/cpp/test/IceSSL/certs/f632d95f.0
new file mode 100644
index 00000000000..2f0ad5b723c
--- /dev/null
+++ b/cpp/test/IceSSL/certs/f632d95f.0
@@ -0,0 +1,27 @@
+-----BEGIN CERTIFICATE-----
+MIIEozCCA4ugAwIBAgIBADANBgkqhkiG9w0BAQQFADCBlzELMAkGA1UEBhMCVVMx
+EDAOBgNVBAgTB0Zsb3JpZGExGzAZBgNVBAcTElBhbG0gQmVhY2ggR2FyZGVuczEU
+MBIGA1UEChMLWmVyb0MsIEluYy4xDDAKBgNVBAsTA0ljZTEWMBQGA1UEAxMNWmVy
+b0MgVGVzdCBDQTEdMBsGCSqGSIb3DQEJARYOaW5mb0B6ZXJvYy5jb20wHhcNMDYw
+MzI4MTgwOTUzWhcNMDYwNDI3MTgwOTUzWjCBlzELMAkGA1UEBhMCVVMxEDAOBgNV
+BAgTB0Zsb3JpZGExGzAZBgNVBAcTElBhbG0gQmVhY2ggR2FyZGVuczEUMBIGA1UE
+ChMLWmVyb0MsIEluYy4xDDAKBgNVBAsTA0ljZTEWMBQGA1UEAxMNWmVyb0MgVGVz
+dCBDQTEdMBsGCSqGSIb3DQEJARYOaW5mb0B6ZXJvYy5jb20wggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQDr7zDFp/OVfg8QR++rulBks0qdjS9Nr72TCNlA
+9d3fmfCSG7UA/78OIJCOS4o88RIzcZGT2uAaBuAahFg6jV1IMu0FjmsoTRukX6Bm
+A6ONF8XtNRKRB3wtAUWFn5ypUqf6srT06M7+3N+TBqo9MVCPxNSoyaEFPHMNVT3n
+52lPRJY/ycXuaun+eR4NrR/tf0h2dE0rO7PwVbofURaH5vSj8WZv+OfCtzg/s8oE
+u4D3caheoMvim8HhIc39tUrHVi2Jg8fCyDrnKteDmw0eu3DyCisa5mLfr6M5ORrt
+kCeWHGoIvivwjRo2iIMZ5vEwch8K7dBjt01Yt0erltU5CWg1AgMBAAGjgfcwgfQw
+DAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUo419/6hpHnxUWEZh/rdovCz8y94wgcQG
+A1UdIwSBvDCBuYAUo419/6hpHnxUWEZh/rdovCz8y96hgZ2kgZowgZcxCzAJBgNV
+BAYTAlVTMRAwDgYDVQQIEwdGbG9yaWRhMRswGQYDVQQHExJQYWxtIEJlYWNoIEdh
+cmRlbnMxFDASBgNVBAoTC1plcm9DLCBJbmMuMQwwCgYDVQQLEwNJY2UxFjAUBgNV
+BAMTDVplcm9DIFRlc3QgQ0ExHTAbBgkqhkiG9w0BCQEWDmluZm9AemVyb2MuY29t
+ggEAMA0GCSqGSIb3DQEBBAUAA4IBAQBT4FUXOM52g4HEnY8PefjorPt3f3RDG3Z4
+J55+sT45Z/9LPMynwrADxdNgJdzF3ad8pCXNmkgSN8Gv0QTvVeCWPIgTbtEfm40a
+aNXLvlAekK2pneby7vXMwgM1ZN6+0xNA3+tWSqFC48ye8qfkoSmWH/HLcU5/nuiu
++aU+N+mrd9/ZCwNiOW5xr3iezAV6T6oaZxEuXYlONmvc7Y6ZOLmQ8PNFQfqOAVXA
+88H49sKBLTcBhlqDMRPQJ0pWJs0kAmSYWGJBT2I9QiE63gUGf/yxHYt5ztfrTqzb
+Y9jlTlEhDtGTDr+vYT0QwaXvAb3Z+OPHrr5f6Bt62u/9JBiaNR6q
+-----END CERTIFICATE-----
diff --git a/cpp/test/IceSSL/certs/f632d95f.1 b/cpp/test/IceSSL/certs/f632d95f.1
new file mode 100644
index 00000000000..b9ec5b9c980
--- /dev/null
+++ b/cpp/test/IceSSL/certs/f632d95f.1
@@ -0,0 +1,27 @@
+-----BEGIN CERTIFICATE-----
+MIIEozCCA4ugAwIBAgIBADANBgkqhkiG9w0BAQQFADCBlzELMAkGA1UEBhMCVVMx
+EDAOBgNVBAgTB0Zsb3JpZGExGzAZBgNVBAcTElBhbG0gQmVhY2ggR2FyZGVuczEU
+MBIGA1UEChMLWmVyb0MsIEluYy4xDDAKBgNVBAsTA0ljZTEWMBQGA1UEAxMNWmVy
+b0MgVGVzdCBDQTEdMBsGCSqGSIb3DQEJARYOaW5mb0B6ZXJvYy5jb20wHhcNMDYw
+MzI4MTgwOTU2WhcNMDYwNDI3MTgwOTU2WjCBlzELMAkGA1UEBhMCVVMxEDAOBgNV
+BAgTB0Zsb3JpZGExGzAZBgNVBAcTElBhbG0gQmVhY2ggR2FyZGVuczEUMBIGA1UE
+ChMLWmVyb0MsIEluYy4xDDAKBgNVBAsTA0ljZTEWMBQGA1UEAxMNWmVyb0MgVGVz
+dCBDQTEdMBsGCSqGSIb3DQEJARYOaW5mb0B6ZXJvYy5jb20wggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQDIIrVc/XClIjvbk10f/v/nKJEN0ygAMAQKtSVX
+cPtuMRRapHfSUrwXInFSBTF1k3ViV53ArSBNDyIb100WiWm1/Da5WP1ezxboP1uc
+dsyYv+1X6PdiP3KJ1rxnDJWfjzlU5qlCCzxLCqvy8xi60vlqPEkGVyo9LCsoqB5h
+G4aOY/Oh8YrPgzqJYae/lVbiI0y1GxqLJpwdW1iSs90MndGb4wFh0nD8Dd/KHacV
+rc7HUdjHTFkhyooQ2kA97v2Ndk0jZ6vwNmuhpbXRyK3/ZEU3idtQQlmDvuerz3lr
+aGrnR9EP0esRFXtZeOEVZNDGyual8LCFeiNIow1ztBR7rBhBAgMBAAGjgfcwgfQw
+DAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUvVq6itK5ltyRXGSfmZTiSEQsqdowgcQG
+A1UdIwSBvDCBuYAUvVq6itK5ltyRXGSfmZTiSEQsqdqhgZ2kgZowgZcxCzAJBgNV
+BAYTAlVTMRAwDgYDVQQIEwdGbG9yaWRhMRswGQYDVQQHExJQYWxtIEJlYWNoIEdh
+cmRlbnMxFDASBgNVBAoTC1plcm9DLCBJbmMuMQwwCgYDVQQLEwNJY2UxFjAUBgNV
+BAMTDVplcm9DIFRlc3QgQ0ExHTAbBgkqhkiG9w0BCQEWDmluZm9AemVyb2MuY29t
+ggEAMA0GCSqGSIb3DQEBBAUAA4IBAQCYe9MyLIAFbXZE3lgm+W5WA5t1InVrr+ph
+3eGmNyhvs8di1qjKz/CRY7rx2u29nFla0hW2zMV9DuVT+rR3J6qI0kmwNRZBrnPi
+JcTukFH7b4BZ3EVfXnfObILATZLMrlgG+H5+MFKhnuBZDcSx+UCthtmHRlr819K0
+3xGKSQ8YbUVaoDv8wl7pKBpOHst2L6tVy+4KMl7IOC9G9xVzcE1TElcY7GCF1lSX
+LPzsns2dH+o3zxAMpVBknKqTrrK5839al/mzIfHI6ynwyBXRKBEjMmo2CiAKnM85
+AmAEMFc+LyE6u5AvB6LiuQf5v83f6EBLQi6sWZ3cZb7blhUQ3MRA
+-----END CERTIFICATE-----
diff --git a/cpp/test/IceSSL/certs/goodCert_1.pem b/cpp/test/IceSSL/certs/goodCert_1.pem
deleted file mode 100644
index db528aa1648..00000000000
--- a/cpp/test/IceSSL/certs/goodCert_1.pem
+++ /dev/null
@@ -1,74 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 2 (0x2)
-        Signature Algorithm: md5WithRSAEncryption
-        Issuer: C=US, ST=Florida, L=Palm Beach Gardens, O=ZeroC, Inc., OU=Ice, CN=ZeroC Test CA/emailAddress=info@zeroc.com
-        Validity
-            Not Before: Mar 15 17:51:49 2006 GMT
-            Not After : Mar 14 17:51:49 2011 GMT
-        Subject: C=US, ST=Florida, O=ZeroC, Inc., OU=Ice/emailAddress=info@zeroc.com, CN=Client
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-            RSA Public Key: (1024 bit)
-                Modulus (1024 bit):
-                    00:a6:61:97:35:de:03:33:db:41:90:d7:33:01:d4:
-                    fd:66:56:a2:e6:da:53:6a:ed:94:cc:17:fc:e4:50:
-                    d5:8f:d0:3c:87:27:aa:cf:f5:b2:a1:72:66:f7:36:
-                    6e:7f:ea:31:4d:67:e0:89:71:e4:d9:3b:b3:84:94:
-                    5d:08:44:b0:dc:4a:dd:45:f7:61:ae:8c:0f:d9:b8:
-                    66:e1:f0:70:7c:41:d4:f7:b8:85:1a:fd:18:4e:b5:
-                    54:1b:2e:6d:71:df:ac:66:5b:24:ce:33:46:94:fe:
-                    85:fc:bb:7f:19:f2:b9:86:da:1c:d9:10:f3:9e:be:
-                    88:c7:e1:89:57:5a:1d:b0:79
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Basic Constraints: 
-            CA:FALSE
-            X509v3 Subject Key Identifier: 
-            5A:7C:B0:53:25:B0:40:B2:D8:4D:8E:0C:EE:1C:FB:EC:12:8F:8C:D6
-            X509v3 Authority Key Identifier: 
-            keyid:F6:04:02:42:46:5A:F1:21:FD:71:42:D6:7B:C4:79:65:7E:1D:1E:86
-            DirName:/C=US/ST=Florida/L=Palm Beach Gardens/O=ZeroC, Inc./OU=Ice/CN=ZeroC Test CA/emailAddress=info@zeroc.com
-            serial:00
-
-    Signature Algorithm: md5WithRSAEncryption
-        87:64:9b:c7:9d:fc:5a:d9:01:11:87:6d:bd:12:74:a9:97:02:
-        e3:4b:9a:3b:d0:02:f1:b1:ad:84:1f:0f:ed:f4:54:93:bb:d0:
-        02:cf:c3:15:7e:c6:f3:72:0f:2c:95:b7:90:ea:33:be:79:06:
-        bf:cb:74:9b:85:74:c2:e2:f9:7c:28:f3:96:f0:0b:97:b4:11:
-        69:d9:85:ba:79:e8:49:54:96:02:47:32:34:12:81:04:65:04:
-        65:a3:50:ec:1b:b4:cc:fc:1e:a6:c2:9a:6c:ef:a4:be:ef:d8:
-        ba:7f:f5:e6:6d:65:3c:4a:fc:a2:d3:27:80:1e:19:2d:7a:9f:
-        f9:9d:de:c5:67:0a:20:99:98:65:02:38:06:be:ad:20:49:9d:
-        c5:46:92:46:13:01:f6:fb:07:ae:aa:c1:43:62:1c:4e:6b:c5:
-        55:18:e0:e1:09:3b:11:42:46:3b:a7:c9:56:06:4c:eb:15:74:
-        16:d4:0e:8d:b3:fd:b1:24:af:29:7e:97:b8:39:83:f0:7b:0b:
-        d1:50:a3:a6:a4:9e:a4:98:02:a6:25:62:6f:08:24:08:e3:53:
-        3c:c1:bb:bc:d1:79:88:9b:3e:78:ec:8b:5e:40:2f:bf:f6:aa:
-        ed:f2:25:12:3e:4c:29:92:33:0a:8c:12:61:f9:cb:67:e2:2d:
-        48:a7:89:ee
------BEGIN CERTIFICATE-----
-MIID9zCCAt+gAwIBAgIBAjANBgkqhkiG9w0BAQQFADCBlzELMAkGA1UEBhMCVVMx
-EDAOBgNVBAgTB0Zsb3JpZGExGzAZBgNVBAcTElBhbG0gQmVhY2ggR2FyZGVuczEU
-MBIGA1UEChMLWmVyb0MsIEluYy4xDDAKBgNVBAsTA0ljZTEWMBQGA1UEAxMNWmVy
-b0MgVGVzdCBDQTEdMBsGCSqGSIb3DQEJARYOaW5mb0B6ZXJvYy5jb20wHhcNMDYw
-MzE1MTc1MTQ5WhcNMTEwMzE0MTc1MTQ5WjBzMQswCQYDVQQGEwJVUzEQMA4GA1UE
-CBMHRmxvcmlkYTEUMBIGA1UEChMLWmVyb0MsIEluYy4xDDAKBgNVBAsTA0ljZTEd
-MBsGCSqGSIb3DQEJARYOaW5mb0B6ZXJvYy5jb20xDzANBgNVBAMTBkNsaWVudDCB
-nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEApmGXNd4DM9tBkNczAdT9Zlai5tpT
-au2UzBf85FDVj9A8hyeqz/WyoXJm9zZuf+oxTWfgiXHk2TuzhJRdCESw3ErdRfdh
-rowP2bhm4fBwfEHU97iFGv0YTrVUGy5tcd+sZlskzjNGlP6F/Lt/GfK5htoc2RDz
-nr6Ix+GJV1odsHkCAwEAAaOB9DCB8TAJBgNVHRMEAjAAMB0GA1UdDgQWBBRafLBT
-JbBAsthNjgzuHPvsEo+M1jCBxAYDVR0jBIG8MIG5gBT2BAJCRlrxIf1xQtZ7xHll
-fh0ehqGBnaSBmjCBlzELMAkGA1UEBhMCVVMxEDAOBgNVBAgTB0Zsb3JpZGExGzAZ
-BgNVBAcTElBhbG0gQmVhY2ggR2FyZGVuczEUMBIGA1UEChMLWmVyb0MsIEluYy4x
-DDAKBgNVBAsTA0ljZTEWMBQGA1UEAxMNWmVyb0MgVGVzdCBDQTEdMBsGCSqGSIb3
-DQEJARYOaW5mb0B6ZXJvYy5jb22CAQAwDQYJKoZIhvcNAQEEBQADggEBAIdkm8ed
-/FrZARGHbb0SdKmXAuNLmjvQAvGxrYQfD+30VJO70ALPwxV+xvNyDyyVt5DqM755
-Br/LdJuFdMLi+Xwo85bwC5e0EWnZhbp56ElUlgJHMjQSgQRlBGWjUOwbtMz8HqbC
-mmzvpL7v2Lp/9eZtZTxK/KLTJ4AeGS16n/md3sVnCiCZmGUCOAa+rSBJncVGkkYT
-Afb7B66qwUNiHE5rxVUY4OEJOxFCRjunyVYGTOsVdBbUDo2z/bEkryl+l7g5g/B7
-C9FQo6aknqSYAqYlYm8IJAjjUzzBu7zReYibPnjsi15AL7/2qu3yJRI+TCmSMwqM
-EmH5y2fiLUinie4=
------END CERTIFICATE-----
diff --git a/cpp/test/IceSSL/certs/goodCert_2.pem b/cpp/test/IceSSL/certs/goodCert_2.pem
deleted file mode 100644
index e10ddf847ac..00000000000
--- a/cpp/test/IceSSL/certs/goodCert_2.pem
+++ /dev/null
@@ -1,74 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 1 (0x1)
-        Signature Algorithm: md5WithRSAEncryption
-        Issuer: C=US, ST=Florida, L=Palm Beach Gardens, O=ZeroC, Inc., OU=Ice, CN=ZeroC Test CA/emailAddress=info@zeroc.com
-        Validity
-            Not Before: Mar 15 17:51:49 2006 GMT
-            Not After : Mar 14 17:51:49 2011 GMT
-        Subject: C=US, ST=Florida, O=ZeroC, Inc., OU=Ice/emailAddress=info@zeroc.com, CN=Server
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-            RSA Public Key: (1024 bit)
-                Modulus (1024 bit):
-                    00:e1:6b:89:02:6f:57:9f:91:36:2f:79:18:f6:77:
-                    40:22:65:81:6c:87:f7:f8:5f:7d:ce:79:74:e1:da:
-                    f8:e9:85:59:ca:41:4b:5f:4a:bb:05:0b:93:64:0e:
-                    54:64:10:ec:b4:a9:a0:16:94:4f:6b:3c:89:b8:4a:
-                    af:4c:7d:2d:27:a8:29:09:72:1b:8d:e8:6f:4c:29:
-                    0d:07:68:76:4f:df:5b:0f:7b:59:79:d7:b2:89:ea:
-                    63:49:b4:76:ab:27:88:44:6b:34:10:e3:25:cd:b0:
-                    4b:c9:dc:5b:84:1b:52:63:9f:a7:ae:b8:4a:6f:df:
-                    f2:b0:e8:c1:fc:ec:3e:e0:51
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Basic Constraints: 
-            CA:FALSE
-            X509v3 Subject Key Identifier: 
-            40:C5:B7:F0:4D:C4:C2:27:02:AD:7E:A9:1B:7C:86:62:F6:21:68:55
-            X509v3 Authority Key Identifier: 
-            keyid:F6:04:02:42:46:5A:F1:21:FD:71:42:D6:7B:C4:79:65:7E:1D:1E:86
-            DirName:/C=US/ST=Florida/L=Palm Beach Gardens/O=ZeroC, Inc./OU=Ice/CN=ZeroC Test CA/emailAddress=info@zeroc.com
-            serial:00
-
-    Signature Algorithm: md5WithRSAEncryption
-        4f:2a:7f:f8:ec:16:74:33:ed:cd:1a:98:8a:4b:e7:50:06:d9:
-        23:96:25:f0:92:bd:1b:67:38:a4:50:0e:1b:04:40:7b:bc:82:
-        a2:bd:e1:97:3e:74:6e:d5:e9:2a:e7:24:de:7f:1d:47:04:47:
-        7f:ac:d1:f8:c2:9e:f7:df:18:bb:8a:cd:ee:ac:1d:81:1a:5d:
-        5e:1f:b3:71:25:00:cd:15:1b:a6:9a:11:9f:02:3c:c5:b1:40:
-        5f:51:35:b1:8c:79:95:69:5a:07:99:86:61:bf:a7:21:c0:4a:
-        d1:77:4a:71:b9:61:6d:48:48:5f:98:83:93:3e:a9:3a:3b:a8:
-        08:84:f9:d8:56:12:bb:29:31:72:57:40:af:eb:da:de:c3:e9:
-        3b:f8:d9:7f:b8:77:d0:a0:0b:da:07:c0:53:05:0b:bb:34:3d:
-        da:04:30:0d:b7:9e:8c:77:6c:ea:cc:ba:bb:51:1d:90:95:d5:
-        00:d2:c3:f0:e4:e4:52:6e:17:18:30:2d:7d:94:1c:93:8d:5d:
-        4a:d9:7c:bc:ad:d9:f2:4c:8e:37:73:8d:d4:b0:eb:cd:f1:8b:
-        53:03:19:88:40:6f:6b:1d:34:98:a7:6e:f6:8d:0d:72:ce:57:
-        1b:b5:99:4c:92:ce:44:95:3d:d2:86:c6:9f:79:4f:df:54:56:
-        f8:bd:e8:4d
------BEGIN CERTIFICATE-----
-MIID9zCCAt+gAwIBAgIBATANBgkqhkiG9w0BAQQFADCBlzELMAkGA1UEBhMCVVMx
-EDAOBgNVBAgTB0Zsb3JpZGExGzAZBgNVBAcTElBhbG0gQmVhY2ggR2FyZGVuczEU
-MBIGA1UEChMLWmVyb0MsIEluYy4xDDAKBgNVBAsTA0ljZTEWMBQGA1UEAxMNWmVy
-b0MgVGVzdCBDQTEdMBsGCSqGSIb3DQEJARYOaW5mb0B6ZXJvYy5jb20wHhcNMDYw
-MzE1MTc1MTQ5WhcNMTEwMzE0MTc1MTQ5WjBzMQswCQYDVQQGEwJVUzEQMA4GA1UE
-CBMHRmxvcmlkYTEUMBIGA1UEChMLWmVyb0MsIEluYy4xDDAKBgNVBAsTA0ljZTEd
-MBsGCSqGSIb3DQEJARYOaW5mb0B6ZXJvYy5jb20xDzANBgNVBAMTBlNlcnZlcjCB
-nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA4WuJAm9Xn5E2L3kY9ndAImWBbIf3
-+F99znl04dr46YVZykFLX0q7BQuTZA5UZBDstKmgFpRPazyJuEqvTH0tJ6gpCXIb
-jehvTCkNB2h2T99bD3tZedeyiepjSbR2qyeIRGs0EOMlzbBLydxbhBtSY5+nrrhK
-b9/ysOjB/Ow+4FECAwEAAaOB9DCB8TAJBgNVHRMEAjAAMB0GA1UdDgQWBBRAxbfw
-TcTCJwKtfqkbfIZi9iFoVTCBxAYDVR0jBIG8MIG5gBT2BAJCRlrxIf1xQtZ7xHll
-fh0ehqGBnaSBmjCBlzELMAkGA1UEBhMCVVMxEDAOBgNVBAgTB0Zsb3JpZGExGzAZ
-BgNVBAcTElBhbG0gQmVhY2ggR2FyZGVuczEUMBIGA1UEChMLWmVyb0MsIEluYy4x
-DDAKBgNVBAsTA0ljZTEWMBQGA1UEAxMNWmVyb0MgVGVzdCBDQTEdMBsGCSqGSIb3
-DQEJARYOaW5mb0B6ZXJvYy5jb22CAQAwDQYJKoZIhvcNAQEEBQADggEBAE8qf/js
-FnQz7c0amIpL51AG2SOWJfCSvRtnOKRQDhsEQHu8gqK94Zc+dG7V6SrnJN5/HUcE
-R3+s0fjCnvffGLuKze6sHYEaXV4fs3ElAM0VG6aaEZ8CPMWxQF9RNbGMeZVpWgeZ
-hmG/pyHAStF3SnG5YW1ISF+Yg5M+qTo7qAiE+dhWErspMXJXQK/r2t7D6Tv42X+4
-d9CgC9oHwFMFC7s0PdoEMA23nox3bOrMurtRHZCV1QDSw/Dk5FJuFxgwLX2UHJON
-XUrZfLyt2fJMjjdzjdSw683xi1MDGYhAb2sdNJinbvaNDXLOVxu1mUySzkSVPdKG
-xp95T99UVvi96E0=
------END CERTIFICATE-----
diff --git a/cpp/test/IceSSL/certs/goodKey_1.pem b/cpp/test/IceSSL/certs/goodKey_1.pem
deleted file mode 100644
index 67db8be940e..00000000000
--- a/cpp/test/IceSSL/certs/goodKey_1.pem
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXQIBAAKBgQCmYZc13gMz20GQ1zMB1P1mVqLm2lNq7ZTMF/zkUNWP0DyHJ6rP
-9bKhcmb3Nm5/6jFNZ+CJceTZO7OElF0IRLDcSt1F92GujA/ZuGbh8HB8QdT3uIUa
-/RhOtVQbLm1x36xmWyTOM0aU/oX8u38Z8rmG2hzZEPOevojH4YlXWh2weQIDAQAB
-AoGAEH8ooPysUJ3yuEu+EPZvUZBRgpYvIzD/SeUu++xP4HyDI9t5AjmYRo2zS9un
-xSMRVF1yU+5pBGj4+bJELyewaV5B6R5DWaqesBxabjdwNrjV5tj3hlOIvJ9qCtrs
-sK7s1supNtRouWZB03lpGa8AbeiAuhd1NBDoitzxYGiO7SECQQDYcWNA9jLvZXo/
-IWUdqEaxlzHe4zz9jIEf2SH/r4j7+DzeW/LvV3yhRedarkztXU+2oK3hbT5LUgEe
-rrSSjLGFAkEAxMn9VoJ+Ssj+rJ+a2U4SsgTlfapnm9SaIDWf3xl7smXaM5XHbJvl
-lSU5u2fOCo5e+KzW8rlf+Q9jgGv04oo7ZQJBAMkue8dCEI4ckMhlTguHAk7H7n7y
-URqLounrdYKnsngigNFePizh8OImi6jqIm7vMMzcBUNnu2NfUdMnKIifZdECQEk1
-j+7oGw29WqljsxrWpbPeiHXIuETLwg7rhC9ebps+sv9v4EHyeWWT9LdYddmNf51p
-x4mDF0YzyGOVRgQlQtUCQQDKxoGy/jG/hRps94Tg24u50sJvvK+7wfLJAxaGL96V
-W7slvcY4PBB7zzTOtzkWf//i+ALXHknXd9zSzYqVok2m
------END RSA PRIVATE KEY-----
diff --git a/cpp/test/IceSSL/certs/goodKey_2.pem b/cpp/test/IceSSL/certs/goodKey_2.pem
deleted file mode 100644
index 808ef1c0d87..00000000000
--- a/cpp/test/IceSSL/certs/goodKey_2.pem
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXAIBAAKBgQDha4kCb1efkTYveRj2d0AiZYFsh/f4X33OeXTh2vjphVnKQUtf
-SrsFC5NkDlRkEOy0qaAWlE9rPIm4Sq9MfS0nqCkJchuN6G9MKQ0HaHZP31sPe1l5
-17KJ6mNJtHarJ4hEazQQ4yXNsEvJ3FuEG1Jjn6euuEpv3/Kw6MH87D7gUQIDAQAB
-AoGBAJCGQ4d+H228ykLRn0GV31auQbZ1znQ9tQlGMbwEioYd6x2Tk2F7JkDr1QnX
-bh/iAgEqp+sSF4EnhRzVNWMS9nk8c57SH+SCTev4KysjYoUl1RpU9X2n5dFBifSY
-J8saC5QXh8ZWxKckAeZHrdEezLigoIEQAL3SY0NyShPJt1QBAkEA88dms6q4az83
-7b/uyIfjRu2ZDe9z8kUXn/aua6y/h1qn51DikjFobnwaEVy0Tvka71rqhB1pvigo
-qejFqhtI8QJBAOy4hWEGNYgwP3n/4ejZmKrWhdqCgvtHZaV3D4sMv7YFrfIOHEEe
-tymOaJW7p2Z+Qerqjh9geJ4lsOwvx4h0DWECQHrE6C8BgkDYpKUCbRHmhYpZ7CO9
-fOn868nupKaraAWVnUt8S66OXWaO713hDxlakLsMUWDZo0BV3yy6gpmJhjECQHT3
-zDgf+E2eAY+H55nGA1DPBX7uJEiDg+9ZwF1l5EjNz6CeZkmrIrgu/PCXs+TKGEo6
-shVA9vi2CRD7nu2G4qECQGAG4AZnG10WEdTb48kBJ1BXiFr5SHPKkPXh2187HfnE
-JUGFX76iVQTXtVL1PZLbiOjYOZb4OA7SeDbKCI2zZIs=
------END RSA PRIVATE KEY-----
diff --git a/cpp/test/IceSSL/certs/makecerts b/cpp/test/IceSSL/certs/makecerts
new file mode 100755
index 00000000000..6c3e287afec
--- /dev/null
+++ b/cpp/test/IceSSL/certs/makecerts
@@ -0,0 +1,170 @@
+#!/bin/sh
+# **********************************************************************
+#
+# Copyright (c) 2003-2005 ZeroC, Inc. All rights reserved.
+#
+# This copy of Ice is licensed to you under the terms described in the
+# ICE_LICENSE file included in this distribution.
+#
+# **********************************************************************
+
+TMP=tmp
+
+#
+# Generate RSA certificates and keys.
+#
+if ! [ -f cakey1.pem ]; then
+
+    if [ -d $TMP ]; then
+	rm -rf $TMP
+    fi
+    mkdir $TMP
+    echo '01' > $TMP/serial
+    touch $TMP/index.txt
+
+    #
+    # Generate CA certificates. Also make copies of the certificates using their
+    # hash values as filenames, which allows OpenSSL to find them at run time.
+    #
+    openssl req -config test_ca.cnf -x509 -newkey rsa -keyout cakey1.pem -out cacert1.pem -outform PEM -nodes
+    openssl req -config test_ca.cnf -x509 -newkey rsa -keyout cakey2.pem -out cacert2.pem -outform PEM -nodes
+    cp cacert1.pem `openssl x509 -hash -noout -in cacert1.pem`.0
+    cp cacert2.pem `openssl x509 -hash -noout -in cacert2.pem`.1
+
+    #
+    # Create a server certificate and key (no password).
+    #
+    rm -rf $TMP
+    mkdir $TMP
+    echo '01' > $TMP/serial
+    touch $TMP/index.txt
+    openssl req -config server.cnf -newkey rsa -nodes -keyout s_rsa_nopass_ca1_priv.pem \
+        -keyform PEM -out $TMP/req.pem
+    openssl ca -config server.cnf -batch -in $TMP/req.pem -out s_rsa_nopass_ca1_pub.pem \
+	-cert cacert1.pem -keyfile cakey1.pem
+
+    #
+    # Create a server certificate and key (with password).
+    #
+    rm -rf $TMP
+    mkdir $TMP
+    echo '01' > $TMP/serial
+    touch $TMP/index.txt
+    openssl req -config server.cnf -newkey rsa -passout pass:server -keyout s_rsa_pass_ca1_priv.pem \
+        -keyform PEM -out $TMP/req.pem
+    openssl ca -config server.cnf -batch -in $TMP/req.pem -out s_rsa_pass_ca1_pub.pem \
+	-cert cacert1.pem -keyfile cakey1.pem -key server
+
+    #
+    # Create an expired server certificate and key (no password).
+    #
+    rm -rf $TMP
+    mkdir $TMP
+    echo '01' > $TMP/serial
+    touch $TMP/index.txt
+    openssl req -config server.cnf -newkey rsa -nodes -keyout s_rsa_nopass_ca1_exp_priv.pem \
+        -keyform PEM -out $TMP/req.pem
+    openssl ca -config server.cnf -batch -in $TMP/req.pem -out s_rsa_nopass_ca1_exp_pub.pem \
+	-cert cacert1.pem -keyfile cakey1.pem -enddate 051231000000Z
+
+    #
+    # Create a client certificate and key (no password).
+    #
+    rm -rf $TMP
+    mkdir $TMP
+    echo '01' > $TMP/serial
+    touch $TMP/index.txt
+    openssl req -config client.cnf -newkey rsa -nodes -keyout c_rsa_nopass_ca1_priv.pem \
+        -keyform PEM -out $TMP/req.pem
+    openssl ca -config client.cnf -batch -in $TMP/req.pem -out c_rsa_nopass_ca1_pub.pem \
+	-cert cacert1.pem -keyfile cakey1.pem
+
+    #
+    # Create a client certificate and key (with password).
+    #
+    rm -rf $TMP
+    mkdir $TMP
+    echo '01' > $TMP/serial
+    touch $TMP/index.txt
+    openssl req -config client.cnf -newkey rsa -passout pass:client -keyout c_rsa_pass_ca1_priv.pem \
+        -keyform PEM -out $TMP/req.pem
+    openssl ca -config client.cnf -batch -in $TMP/req.pem -out c_rsa_pass_ca1_pub.pem \
+	-cert cacert1.pem -keyfile cakey1.pem -key server
+
+    #
+    # Create an expired client certificate and key (no password).
+    #
+    rm -rf $TMP
+    mkdir $TMP
+    echo '01' > $TMP/serial
+    touch $TMP/index.txt
+    openssl req -config client.cnf -newkey rsa -nodes -keyout c_rsa_nopass_ca1_exp_priv.pem \
+        -keyform PEM -out $TMP/req.pem
+    openssl ca -config client.cnf -batch -in $TMP/req.pem -out c_rsa_nopass_ca1_exp_pub.pem \
+	-cert cacert1.pem -keyfile cakey1.pem -enddate 051231000000Z
+
+    #
+    # Create a server certificate and key (no password) using a different CA.
+    #
+    rm -rf $TMP
+    mkdir $TMP
+    echo '01' > $TMP/serial
+    touch $TMP/index.txt
+    openssl req -config server.cnf -newkey rsa -nodes -keyout s_rsa_nopass_ca2_priv.pem \
+        -keyform PEM -out $TMP/req.pem
+    openssl ca -config server.cnf -batch -in $TMP/req.pem -out s_rsa_nopass_ca2_pub.pem \
+	-cert cacert2.pem -keyfile cakey2.pem
+
+    #
+    # Create a client certificate and key (no password) using a different CA.
+    #
+    rm -rf $TMP
+    mkdir $TMP
+    echo '01' > $TMP/serial
+    touch $TMP/index.txt
+    openssl req -config client.cnf -newkey rsa -nodes -keyout c_rsa_nopass_ca2_priv.pem \
+	-keyform PEM -out $TMP/req.pem
+    openssl ca -config client.cnf -batch -in $TMP/req.pem -out c_rsa_nopass_ca2_pub.pem \
+	-cert cacert2.pem -keyfile cakey2.pem
+
+    rm -f dsaparam1024.pem
+fi
+
+#
+# Generate DSA parameters and keys.
+#
+if ! [ -f dsaparam1024.pem ]; then
+
+    if [ -d $TMP ]; then
+	rm -rf $TMP
+    fi
+    mkdir $TMP
+    echo '01' > $TMP/serial
+    touch $TMP/index.txt
+
+    openssl dsaparam -out dsaparam1024.pem -outform PEM 1024
+
+    #
+    # Create a server certificate and key (no password).
+    #
+    rm -rf $TMP
+    mkdir $TMP
+    echo '01' > $TMP/serial
+    touch $TMP/index.txt
+    openssl req -config server.cnf -newkey dsa:dsaparam1024.pem -nodes -keyout s_dsa_nopass_ca1_priv.pem \
+        -keyform PEM -out $TMP/req.pem
+    openssl ca -config server.cnf -batch -in $TMP/req.pem -out s_dsa_nopass_ca1_pub.pem \
+	-cert cacert1.pem -keyfile cakey1.pem
+
+    #
+    # Create a client certificate and key (no password).
+    #
+    rm -rf $TMP
+    mkdir $TMP
+    echo '01' > $TMP/serial
+    touch $TMP/index.txt
+    openssl req -config client.cnf -newkey dsa:dsaparam1024.pem -nodes -keyout c_dsa_nopass_ca1_priv.pem \
+        -keyform PEM -out $TMP/req.pem
+    openssl ca -config client.cnf -batch -in $TMP/req.pem -out c_dsa_nopass_ca1_pub.pem \
+	-cert cacert1.pem -keyfile cakey1.pem
+fi
diff --git a/cpp/test/IceSSL/certs/s_dsa_nopass_ca1_priv.pem b/cpp/test/IceSSL/certs/s_dsa_nopass_ca1_priv.pem
new file mode 100644
index 00000000000..08574ce2352
--- /dev/null
+++ b/cpp/test/IceSSL/certs/s_dsa_nopass_ca1_priv.pem
@@ -0,0 +1,12 @@
+-----BEGIN DSA PRIVATE KEY-----
+MIIBuwIBAAKBgQDRqIk+hRip/xkMDFhb3SPSC9lUHFg2cGry7UpR/LQBobbaBx9+
+JTDL6iswzihT2Og/Ti8TAxCqhpjRGQRUrVThv+yb7DplfrKGiAby6xCD5BsJy6Ra
+0HchqVeISqXkaJyAGF+PW81Oh2BRejQgFuYe9Np1b8uynHYN1JF2xeHv5wIVAKM3
+w9+fI7s7jtna4yLhgE66z8SpAoGBAJK1QvQwz3nCIawxq2b52an7vUbm78oGi9K0
+fBgzugc7QREqNtFK8I1z7zoz42XR9rS9tqeE/Ncdjx+9d/X1R0miBiJauy2muodx
+HkPh40l1lSkUmUNDGE8Pm71VTG6+UShzs0ZSZ+zZ4JzmI/WxCglGJvfnP6DD3HYm
+4thBdXdWAoGAW/+6i/QH/FpLMrCS1r9jnG2gUNee4iLDgI6sRuZVXrCP/Zsl6jV9
+dGzGarSKBjq/zfKqjW+qQ4nDNSQ/pXRr912jO3c9lqsu1xvpdQ9TMvEG+/V7DAX9
+9YkojFMIeuK6IhzIbC4X/G2te+CpdsYMVylPcr7IyWgO5kWjiJQUYeMCFBhUp1WA
+NZcS6kNHvgBTroogX3kl
+-----END DSA PRIVATE KEY-----
diff --git a/cpp/test/IceSSL/certs/s_dsa_nopass_ca1_pub.pem b/cpp/test/IceSSL/certs/s_dsa_nopass_ca1_pub.pem
new file mode 100644
index 00000000000..a3b0cad40f8
--- /dev/null
+++ b/cpp/test/IceSSL/certs/s_dsa_nopass_ca1_pub.pem
@@ -0,0 +1,104 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 1 (0x1)
+        Signature Algorithm: md5WithRSAEncryption
+        Issuer: C=US, ST=Florida, L=Palm Beach Gardens, O=ZeroC, Inc., OU=Ice, CN=ZeroC Test CA/emailAddress=info@zeroc.com
+        Validity
+            Not Before: Mar 28 18:10:00 2006 GMT
+            Not After : Mar 25 18:10:00 2016 GMT
+        Subject: C=US, ST=Florida, O=ZeroC, Inc., OU=Ice/emailAddress=info@zeroc.com, CN=Server
+        Subject Public Key Info:
+            Public Key Algorithm: dsaEncryption
+            DSA Public Key:
+                pub: 
+                    5b:ff:ba:8b:f4:07:fc:5a:4b:32:b0:92:d6:bf:63:
+                    9c:6d:a0:50:d7:9e:e2:22:c3:80:8e:ac:46:e6:55:
+                    5e:b0:8f:fd:9b:25:ea:35:7d:74:6c:c6:6a:b4:8a:
+                    06:3a:bf:cd:f2:aa:8d:6f:aa:43:89:c3:35:24:3f:
+                    a5:74:6b:f7:5d:a3:3b:77:3d:96:ab:2e:d7:1b:e9:
+                    75:0f:53:32:f1:06:fb:f5:7b:0c:05:fd:f5:89:28:
+                    8c:53:08:7a:e2:ba:22:1c:c8:6c:2e:17:fc:6d:ad:
+                    7b:e0:a9:76:c6:0c:57:29:4f:72:be:c8:c9:68:0e:
+                    e6:45:a3:88:94:14:61:e3
+                P:   
+                    00:d1:a8:89:3e:85:18:a9:ff:19:0c:0c:58:5b:dd:
+                    23:d2:0b:d9:54:1c:58:36:70:6a:f2:ed:4a:51:fc:
+                    b4:01:a1:b6:da:07:1f:7e:25:30:cb:ea:2b:30:ce:
+                    28:53:d8:e8:3f:4e:2f:13:03:10:aa:86:98:d1:19:
+                    04:54:ad:54:e1:bf:ec:9b:ec:3a:65:7e:b2:86:88:
+                    06:f2:eb:10:83:e4:1b:09:cb:a4:5a:d0:77:21:a9:
+                    57:88:4a:a5:e4:68:9c:80:18:5f:8f:5b:cd:4e:87:
+                    60:51:7a:34:20:16:e6:1e:f4:da:75:6f:cb:b2:9c:
+                    76:0d:d4:91:76:c5:e1:ef:e7
+                Q:   
+                    00:a3:37:c3:df:9f:23:bb:3b:8e:d9:da:e3:22:e1:
+                    80:4e:ba:cf:c4:a9
+                G:   
+                    00:92:b5:42:f4:30:cf:79:c2:21:ac:31:ab:66:f9:
+                    d9:a9:fb:bd:46:e6:ef:ca:06:8b:d2:b4:7c:18:33:
+                    ba:07:3b:41:11:2a:36:d1:4a:f0:8d:73:ef:3a:33:
+                    e3:65:d1:f6:b4:bd:b6:a7:84:fc:d7:1d:8f:1f:bd:
+                    77:f5:f5:47:49:a2:06:22:5a:bb:2d:a6:ba:87:71:
+                    1e:43:e1:e3:49:75:95:29:14:99:43:43:18:4f:0f:
+                    9b:bd:55:4c:6e:be:51:28:73:b3:46:52:67:ec:d9:
+                    e0:9c:e6:23:f5:b1:0a:09:46:26:f7:e7:3f:a0:c3:
+                    dc:76:26:e2:d8:41:75:77:56
+        X509v3 extensions:
+            X509v3 Basic Constraints: 
+            CA:FALSE
+            X509v3 Subject Key Identifier: 
+            5F:EA:28:E5:A1:47:D1:65:90:15:19:BA:B8:AF:CC:C8:34:3D:84:83
+            X509v3 Authority Key Identifier: 
+            keyid:A3:8D:7D:FF:A8:69:1E:7C:54:58:46:61:FE:B7:68:BC:2C:FC:CB:DE
+            DirName:/C=US/ST=Florida/L=Palm Beach Gardens/O=ZeroC, Inc./OU=Ice/CN=ZeroC Test CA/emailAddress=info@zeroc.com
+            serial:00
+
+            X509v3 Subject Alternative Name: 
+            DNS:server, IP Address:127.0.0.1
+    Signature Algorithm: md5WithRSAEncryption
+        c8:10:fb:07:49:82:f4:87:de:13:73:80:73:fb:90:e1:3b:c9:
+        d2:33:79:fc:48:95:6f:7a:a8:15:96:55:a9:2d:a3:43:c5:d9:
+        b0:5f:94:38:88:dc:a8:5e:9f:61:2d:a4:46:56:5b:92:ed:b4:
+        72:45:a5:0a:38:48:7b:28:20:29:ec:d4:24:ab:ca:68:00:a8:
+        26:0f:de:c0:b1:5a:11:c7:3f:09:09:12:8c:df:40:cd:d1:08:
+        63:4a:c2:e0:35:f3:1d:ad:e5:1c:2d:e2:a0:41:04:e9:d0:47:
+        fc:13:fd:79:55:c3:a7:db:1b:d5:11:b0:8b:ba:6a:2b:66:27:
+        7a:02:66:61:09:71:da:17:0e:ec:c6:2e:46:ae:1d:15:65:23:
+        41:00:5f:69:d0:88:38:98:08:fb:d9:69:e8:a3:ff:a2:d1:60:
+        31:1a:dc:32:e2:2c:7d:9c:6a:4b:94:db:86:c1:21:63:12:59:
+        b7:48:fe:a4:f4:57:dd:97:68:05:8c:04:04:8a:b0:88:ef:16:
+        51:24:80:46:a0:d4:ed:dc:1b:70:26:b2:cd:c0:38:61:e1:1e:
+        3a:6f:52:20:96:3e:8f:ac:65:6d:93:87:4a:1d:f8:37:bc:09:
+        e4:d4:2c:6b:17:68:fe:2d:f9:73:50:4c:a7:e7:20:dc:61:f2:
+        86:65:66:80
+-----BEGIN CERTIFICATE-----
+MIIFKzCCBBOgAwIBAgIBATANBgkqhkiG9w0BAQQFADCBlzELMAkGA1UEBhMCVVMx
+EDAOBgNVBAgTB0Zsb3JpZGExGzAZBgNVBAcTElBhbG0gQmVhY2ggR2FyZGVuczEU
+MBIGA1UEChMLWmVyb0MsIEluYy4xDDAKBgNVBAsTA0ljZTEWMBQGA1UEAxMNWmVy
+b0MgVGVzdCBDQTEdMBsGCSqGSIb3DQEJARYOaW5mb0B6ZXJvYy5jb20wHhcNMDYw
+MzI4MTgxMDAwWhcNMTYwMzI1MTgxMDAwWjBzMQswCQYDVQQGEwJVUzEQMA4GA1UE
+CBMHRmxvcmlkYTEUMBIGA1UEChMLWmVyb0MsIEluYy4xDDAKBgNVBAsTA0ljZTEd
+MBsGCSqGSIb3DQEJARYOaW5mb0B6ZXJvYy5jb20xDzANBgNVBAMTBlNlcnZlcjCC
+AbcwggEsBgcqhkjOOAQBMIIBHwKBgQDRqIk+hRip/xkMDFhb3SPSC9lUHFg2cGry
+7UpR/LQBobbaBx9+JTDL6iswzihT2Og/Ti8TAxCqhpjRGQRUrVThv+yb7DplfrKG
+iAby6xCD5BsJy6Ra0HchqVeISqXkaJyAGF+PW81Oh2BRejQgFuYe9Np1b8uynHYN
+1JF2xeHv5wIVAKM3w9+fI7s7jtna4yLhgE66z8SpAoGBAJK1QvQwz3nCIawxq2b5
+2an7vUbm78oGi9K0fBgzugc7QREqNtFK8I1z7zoz42XR9rS9tqeE/Ncdjx+9d/X1
+R0miBiJauy2muodxHkPh40l1lSkUmUNDGE8Pm71VTG6+UShzs0ZSZ+zZ4JzmI/Wx
+CglGJvfnP6DD3HYm4thBdXdWA4GEAAKBgFv/uov0B/xaSzKwkta/Y5xtoFDXnuIi
+w4COrEbmVV6wj/2bJeo1fXRsxmq0igY6v83yqo1vqkOJwzUkP6V0a/ddozt3PZar
+Ltcb6XUPUzLxBvv1ewwF/fWJKIxTCHriuiIcyGwuF/xtrXvgqXbGDFcpT3K+yMlo
+DuZFo4iUFGHjo4IBDjCCAQowCQYDVR0TBAIwADAdBgNVHQ4EFgQUX+oo5aFH0WWQ
+FRm6uK/MyDQ9hIMwgcQGA1UdIwSBvDCBuYAUo419/6hpHnxUWEZh/rdovCz8y96h
+gZ2kgZowgZcxCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdGbG9yaWRhMRswGQYDVQQH
+ExJQYWxtIEJlYWNoIEdhcmRlbnMxFDASBgNVBAoTC1plcm9DLCBJbmMuMQwwCgYD
+VQQLEwNJY2UxFjAUBgNVBAMTDVplcm9DIFRlc3QgQ0ExHTAbBgkqhkiG9w0BCQEW
+DmluZm9AemVyb2MuY29tggEAMBcGA1UdEQQQMA6CBnNlcnZlcocEfwAAATANBgkq
+hkiG9w0BAQQFAAOCAQEAyBD7B0mC9IfeE3OAc/uQ4TvJ0jN5/EiVb3qoFZZVqS2j
+Q8XZsF+UOIjcqF6fYS2kRlZbku20ckWlCjhIeyggKezUJKvKaACoJg/ewLFaEcc/
+CQkSjN9AzdEIY0rC4DXzHa3lHC3ioEEE6dBH/BP9eVXDp9sb1RGwi7pqK2YnegJm
+YQlx2hcO7MYuRq4dFWUjQQBfadCIOJgI+9lp6KP/otFgMRrcMuIsfZxqS5TbhsEh
+YxJZt0j+pPRX3ZdoBYwEBIqwiO8WUSSARqDU7dwbcCayzcA4YeEeOm9SIJY+j6xl
+bZOHSh34N7wJ5NQsaxdo/i35c1BMp+cg3GHyhmVmgA==
+-----END CERTIFICATE-----
diff --git a/cpp/test/IceSSL/certs/s_rsa_nopass_ca1_exp_priv.pem b/cpp/test/IceSSL/certs/s_rsa_nopass_ca1_exp_priv.pem
new file mode 100644
index 00000000000..cda0d0e5da0
--- /dev/null
+++ b/cpp/test/IceSSL/certs/s_rsa_nopass_ca1_exp_priv.pem
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQDJGpWZGGfBrI0nlSKYsPS8ozlsEdbakt1i0FmTj0Fw2wPPWSro
+1JgxGlLgpE0VPumrWAhrVQcv9Uua1TQfSuj7hBwbo/3rF8PvqwivDM7bjxQZYXnq
++PW5CiGwzvms3+DHElYurPfjJkd3Hl/H/CwMH1ER4D5BMWWWVFigZ0R7CQIDAQAB
+AoGAdVXbfy3sK+ZfnX64ZtqokP+zW0i1UWZrYWIrQZtOFWjUOkDOdnbELbIsNQHo
+L8M7V0vP7b/4p5S5fidzd+afNEbA2si8Wf+Vb6IKBXeV2QOwoOP2qB2U+pTaejG8
+M8uE+4anmUm7Ki5KFJgfEFIk9QTWE89GQwp9bWSHyczb9eECQQD8foa9umnsz291
+l6EJSVNVofvS9I7RLJw0dIyOKS4Qh6BQz0R/dIPym9hQbSA2FB80jkhYLPnbp7vY
+3EUbvuQdAkEAy+Vk9AjCLQHsM4Cd9PwfK8OFjS9bS/9rsD6kTHKRo03Nn1Jmd3Lg
+T2YidxqRRVQQk1TWzh9gQwGRChsypw5m3QJBAKVsW+jHzgg5a2PWgMntwWxUIQF3
++m2u1XREe6XT8vsfcHghI1aBxsTXN+SRak4j5sHvChTC+rvfa+HLhneEHD0CQEo4
+RndOeOBJQuG8f8Mdw3r6wTKTeng/kcOmCciKK9l2CNNl+0af2mcMlp8kXJ0P7Li0
+uTxuz2uUtmcnX1jQNUECQQCAIQ0srCPIQC6alLHprL6e/+uPXbcBsZJ4QHXFzKSh
+jFxJy2T6uH2Eu8r0zVbULOXwMf12+sqG9VQ6ffUaX5dz
+-----END RSA PRIVATE KEY-----
diff --git a/cpp/test/IceSSL/certs/s_rsa_nopass_ca1_exp_pub.pem b/cpp/test/IceSSL/certs/s_rsa_nopass_ca1_exp_pub.pem
new file mode 100644
index 00000000000..b51bfb4350c
--- /dev/null
+++ b/cpp/test/IceSSL/certs/s_rsa_nopass_ca1_exp_pub.pem
@@ -0,0 +1,76 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 1 (0x1)
+        Signature Algorithm: md5WithRSAEncryption
+        Issuer: C=US, ST=Florida, L=Palm Beach Gardens, O=ZeroC, Inc., OU=Ice, CN=ZeroC Test CA/emailAddress=info@zeroc.com
+        Validity
+            Not Before: Mar 28 18:09:56 2006 GMT
+            Not After : Dec 31 00:00:00 2005 GMT
+        Subject: C=US, ST=Florida, O=ZeroC, Inc., OU=Ice/emailAddress=info@zeroc.com, CN=Server
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (1024 bit)
+                Modulus (1024 bit):
+                    00:c9:1a:95:99:18:67:c1:ac:8d:27:95:22:98:b0:
+                    f4:bc:a3:39:6c:11:d6:da:92:dd:62:d0:59:93:8f:
+                    41:70:db:03:cf:59:2a:e8:d4:98:31:1a:52:e0:a4:
+                    4d:15:3e:e9:ab:58:08:6b:55:07:2f:f5:4b:9a:d5:
+                    34:1f:4a:e8:fb:84:1c:1b:a3:fd:eb:17:c3:ef:ab:
+                    08:af:0c:ce:db:8f:14:19:61:79:ea:f8:f5:b9:0a:
+                    21:b0:ce:f9:ac:df:e0:c7:12:56:2e:ac:f7:e3:26:
+                    47:77:1e:5f:c7:fc:2c:0c:1f:51:11:e0:3e:41:31:
+                    65:96:54:58:a0:67:44:7b:09
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Basic Constraints: 
+            CA:FALSE
+            X509v3 Subject Key Identifier: 
+            6D:C8:C2:15:B3:15:4C:BE:11:42:AD:60:0F:28:EF:E1:27:C7:5E:5A
+            X509v3 Authority Key Identifier: 
+            keyid:A3:8D:7D:FF:A8:69:1E:7C:54:58:46:61:FE:B7:68:BC:2C:FC:CB:DE
+            DirName:/C=US/ST=Florida/L=Palm Beach Gardens/O=ZeroC, Inc./OU=Ice/CN=ZeroC Test CA/emailAddress=info@zeroc.com
+            serial:00
+
+            X509v3 Subject Alternative Name: 
+            DNS:server, IP Address:127.0.0.1
+    Signature Algorithm: md5WithRSAEncryption
+        e5:83:ab:70:ff:ec:a9:e0:7d:6f:9b:4c:7b:ca:a4:1e:ce:50:
+        1b:84:29:d8:dc:53:e7:82:33:18:f2:a9:c9:c6:9f:c7:07:cf:
+        15:b8:b4:e5:a5:ca:83:45:50:25:69:2a:f0:e4:ae:5c:a5:65:
+        99:73:66:9b:38:c2:c0:a4:e2:3e:4b:3e:18:d2:b7:7b:32:03:
+        e2:c9:7a:a7:f6:ad:6b:80:12:0c:04:69:fb:5d:76:e8:bd:9d:
+        7f:4e:b2:13:24:7a:2b:bb:25:84:5f:f4:2b:62:50:db:28:ea:
+        a1:0b:15:e6:bf:b4:21:ef:25:f4:62:7e:99:af:89:6c:81:f8:
+        a3:5d:bb:7e:6e:f9:a1:91:ee:59:4a:bb:01:42:87:a9:fe:de:
+        75:ab:d1:fc:5c:1a:5f:3b:b5:57:a6:0f:a3:d1:db:eb:c2:e1:
+        56:ac:03:12:2d:3a:03:0a:fc:87:a9:1d:09:78:8b:24:78:79:
+        9d:52:3d:55:4c:8f:24:76:0e:52:f5:a7:44:13:5d:6f:da:e1:
+        56:f6:df:19:e4:4d:5d:3a:d5:6c:87:2a:a2:69:3a:5f:64:d7:
+        09:c2:e9:96:d5:a6:eb:b9:cc:1a:d2:7c:a6:3a:50:e4:5e:83:
+        3c:10:40:37:85:ae:94:80:d6:03:7b:ac:5d:3c:ca:95:01:b4:
+        27:ca:2e:35
+-----BEGIN CERTIFICATE-----
+MIIEEjCCAvqgAwIBAgIBATANBgkqhkiG9w0BAQQFADCBlzELMAkGA1UEBhMCVVMx
+EDAOBgNVBAgTB0Zsb3JpZGExGzAZBgNVBAcTElBhbG0gQmVhY2ggR2FyZGVuczEU
+MBIGA1UEChMLWmVyb0MsIEluYy4xDDAKBgNVBAsTA0ljZTEWMBQGA1UEAxMNWmVy
+b0MgVGVzdCBDQTEdMBsGCSqGSIb3DQEJARYOaW5mb0B6ZXJvYy5jb20wHhcNMDYw
+MzI4MTgwOTU2WhcNMDUxMjMxMDAwMDAwWjBzMQswCQYDVQQGEwJVUzEQMA4GA1UE
+CBMHRmxvcmlkYTEUMBIGA1UEChMLWmVyb0MsIEluYy4xDDAKBgNVBAsTA0ljZTEd
+MBsGCSqGSIb3DQEJARYOaW5mb0B6ZXJvYy5jb20xDzANBgNVBAMTBlNlcnZlcjCB
+nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAyRqVmRhnwayNJ5UimLD0vKM5bBHW
+2pLdYtBZk49BcNsDz1kq6NSYMRpS4KRNFT7pq1gIa1UHL/VLmtU0H0ro+4QcG6P9
+6xfD76sIrwzO248UGWF56vj1uQohsM75rN/gxxJWLqz34yZHdx5fx/wsDB9REeA+
+QTFlllRYoGdEewkCAwEAAaOCAQ4wggEKMAkGA1UdEwQCMAAwHQYDVR0OBBYEFG3I
+whWzFUy+EUKtYA8o7+Enx15aMIHEBgNVHSMEgbwwgbmAFKONff+oaR58VFhGYf63
+aLws/MveoYGdpIGaMIGXMQswCQYDVQQGEwJVUzEQMA4GA1UECBMHRmxvcmlkYTEb
+MBkGA1UEBxMSUGFsbSBCZWFjaCBHYXJkZW5zMRQwEgYDVQQKEwtaZXJvQywgSW5j
+LjEMMAoGA1UECxMDSWNlMRYwFAYDVQQDEw1aZXJvQyBUZXN0IENBMR0wGwYJKoZI
+hvcNAQkBFg5pbmZvQHplcm9jLmNvbYIBADAXBgNVHREEEDAOggZzZXJ2ZXKHBH8A
+AAEwDQYJKoZIhvcNAQEEBQADggEBAOWDq3D/7KngfW+bTHvKpB7OUBuEKdjcU+eC
+MxjyqcnGn8cHzxW4tOWlyoNFUCVpKvDkrlylZZlzZps4wsCk4j5LPhjSt3syA+LJ
+eqf2rWuAEgwEaftddui9nX9OshMkeiu7JYRf9CtiUNso6qELFea/tCHvJfRifpmv
+iWyB+KNdu35u+aGR7llKuwFCh6n+3nWr0fxcGl87tVemD6PR2+vC4VasAxItOgMK
+/IepHQl4iyR4eZ1SPVVMjyR2DlL1p0QTXW/a4Vb23xnkTV061WyHKqJpOl9k1wnC
+6ZbVpuu5zBrSfKY6UORegzwQQDeFrpSA1gN7rF08ypUBtCfKLjU=
+-----END CERTIFICATE-----
diff --git a/cpp/test/IceSSL/certs/s_rsa_nopass_ca1_priv.pem b/cpp/test/IceSSL/certs/s_rsa_nopass_ca1_priv.pem
new file mode 100644
index 00000000000..755d58f138c
--- /dev/null
+++ b/cpp/test/IceSSL/certs/s_rsa_nopass_ca1_priv.pem
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQDM6oAR9/Q9GkmglDBZGum8bSyUg9Gj2wzGplAykI7zh5t7WSkG
+K2Dv4ntwZzy6BVOEw3KDdHH6Flmhfjxzt6cyRzPYtIJAoABM3aezuYFTTuSsaSxR
+BZg1tGB4vGIr9zdXSEHvc/01efdIb3Xv4gRHPL54ttNAb2+JbMWDK/TwzQIDAQAB
+AoGBAImsN3VbEMYIplTzmvQSx9znwJ7bXXroDdJdJN6EDvcBMe4SfiR9+nfQwzxG
+sB8OuwkkwwgcsQLkBz4f8P+R8Qr6fYMJAnNdcu4cmUpOjHVLdrqgt0cdYgC6rAbS
+Kq7D98yhHOkhOE53nNI8OelucM0AjizbWbr9KUZvtgqbKCMBAkEA+30jlV+xnvQ8
+lZXA9Do5DmbKOX1oPDpbi+Noy5jyqrGXyXUvL9aQ6CCFsbKvqYFiNTbvEWa8q/5n
+LNbPf6jsDQJBANCXfpOfiTg7krM0NJk/wSPPirX0S6yt4eYKb0jd0tJmbg1XMdOA
+IRcl/XmRhOgDkcUG4xNNBg1KePMPxr35J8ECQQCiuxPWaUh/CZ1WUcO8hRw8ZGkA
+kFRtfHmWaD18WOjVaPtF4az58IZtnfXEyVH/hfgtZPGHOgpl5MWQbyNvgLfVAkA+
+NG9y5qitNFbTSkZFTVXzr/jVujy3CkPLrmDxgfVU+WboY5BgWl2D4bhtgI/6ANZ/
+w0YEg3vCiur20UWbcaoBAkAtjAk0AoebwGh8qF3z12U1loz/eHVAnQBRZUEGEGhU
+NmO0JnFZfHDVfP8f7Ur/h8iEFWT2bDE/aRS5uc/XNEMB
+-----END RSA PRIVATE KEY-----
diff --git a/cpp/test/IceSSL/certs/s_rsa_nopass_ca1_pub.pem b/cpp/test/IceSSL/certs/s_rsa_nopass_ca1_pub.pem
new file mode 100644
index 00000000000..032b0771f6d
--- /dev/null
+++ b/cpp/test/IceSSL/certs/s_rsa_nopass_ca1_pub.pem
@@ -0,0 +1,76 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 1 (0x1)
+        Signature Algorithm: md5WithRSAEncryption
+        Issuer: C=US, ST=Florida, L=Palm Beach Gardens, O=ZeroC, Inc., OU=Ice, CN=ZeroC Test CA/emailAddress=info@zeroc.com
+        Validity
+            Not Before: Mar 28 18:09:56 2006 GMT
+            Not After : Mar 25 18:09:56 2016 GMT
+        Subject: C=US, ST=Florida, O=ZeroC, Inc., OU=Ice/emailAddress=info@zeroc.com, CN=Server
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (1024 bit)
+                Modulus (1024 bit):
+                    00:cc:ea:80:11:f7:f4:3d:1a:49:a0:94:30:59:1a:
+                    e9:bc:6d:2c:94:83:d1:a3:db:0c:c6:a6:50:32:90:
+                    8e:f3:87:9b:7b:59:29:06:2b:60:ef:e2:7b:70:67:
+                    3c:ba:05:53:84:c3:72:83:74:71:fa:16:59:a1:7e:
+                    3c:73:b7:a7:32:47:33:d8:b4:82:40:a0:00:4c:dd:
+                    a7:b3:b9:81:53:4e:e4:ac:69:2c:51:05:98:35:b4:
+                    60:78:bc:62:2b:f7:37:57:48:41:ef:73:fd:35:79:
+                    f7:48:6f:75:ef:e2:04:47:3c:be:78:b6:d3:40:6f:
+                    6f:89:6c:c5:83:2b:f4:f0:cd
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Basic Constraints: 
+            CA:FALSE
+            X509v3 Subject Key Identifier: 
+            B2:10:15:F0:FA:28:6C:F6:59:4B:75:21:A7:5C:B3:D4:E4:38:38:F8
+            X509v3 Authority Key Identifier: 
+            keyid:A3:8D:7D:FF:A8:69:1E:7C:54:58:46:61:FE:B7:68:BC:2C:FC:CB:DE
+            DirName:/C=US/ST=Florida/L=Palm Beach Gardens/O=ZeroC, Inc./OU=Ice/CN=ZeroC Test CA/emailAddress=info@zeroc.com
+            serial:00
+
+            X509v3 Subject Alternative Name: 
+            DNS:server, IP Address:127.0.0.1
+    Signature Algorithm: md5WithRSAEncryption
+        38:2f:0c:79:31:36:fe:4e:ed:65:7e:3d:52:b4:41:d4:b4:e0:
+        ee:60:d1:cc:dd:4b:77:63:1d:d2:78:1e:c1:c3:99:79:9f:8e:
+        3b:de:8d:34:70:2c:57:c7:86:51:e6:7b:f7:09:6a:42:5f:98:
+        f6:42:6c:40:6f:03:99:a2:ee:4d:b0:10:6b:66:fe:88:29:38:
+        ae:8c:c4:79:5c:1b:3f:67:51:7b:5a:0e:61:25:e9:85:61:c4:
+        06:57:4e:dc:2d:30:2e:bc:34:b3:ac:1e:da:63:3f:4f:63:22:
+        5a:11:71:cc:0d:e5:81:b6:ef:cf:91:4e:e3:44:0c:39:60:d9:
+        5e:1a:a2:d4:b7:7b:ef:06:81:ad:00:a0:fd:c7:45:81:48:20:
+        54:b5:b9:2a:ff:09:3c:75:19:9c:bf:2b:03:49:c5:28:23:5a:
+        b4:df:00:9b:da:19:91:95:71:77:44:61:ed:54:4e:23:f6:97:
+        da:53:94:01:73:b2:03:d7:86:e4:c6:13:b3:46:c5:79:b3:49:
+        3a:69:75:1b:0c:be:3e:5e:56:3d:bd:8e:5f:72:8a:bc:68:2d:
+        8b:07:fd:de:0c:1e:2b:93:56:a0:84:10:3c:37:99:27:c1:12:
+        9d:37:da:0d:1d:55:32:d3:af:b6:df:a2:4b:20:26:15:82:7f:
+        65:02:60:fa
+-----BEGIN CERTIFICATE-----
+MIIEEjCCAvqgAwIBAgIBATANBgkqhkiG9w0BAQQFADCBlzELMAkGA1UEBhMCVVMx
+EDAOBgNVBAgTB0Zsb3JpZGExGzAZBgNVBAcTElBhbG0gQmVhY2ggR2FyZGVuczEU
+MBIGA1UEChMLWmVyb0MsIEluYy4xDDAKBgNVBAsTA0ljZTEWMBQGA1UEAxMNWmVy
+b0MgVGVzdCBDQTEdMBsGCSqGSIb3DQEJARYOaW5mb0B6ZXJvYy5jb20wHhcNMDYw
+MzI4MTgwOTU2WhcNMTYwMzI1MTgwOTU2WjBzMQswCQYDVQQGEwJVUzEQMA4GA1UE
+CBMHRmxvcmlkYTEUMBIGA1UEChMLWmVyb0MsIEluYy4xDDAKBgNVBAsTA0ljZTEd
+MBsGCSqGSIb3DQEJARYOaW5mb0B6ZXJvYy5jb20xDzANBgNVBAMTBlNlcnZlcjCB
+nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAzOqAEff0PRpJoJQwWRrpvG0slIPR
+o9sMxqZQMpCO84ebe1kpBitg7+J7cGc8ugVThMNyg3Rx+hZZoX48c7enMkcz2LSC
+QKAATN2ns7mBU07krGksUQWYNbRgeLxiK/c3V0hB73P9NXn3SG917+IERzy+eLbT
+QG9viWzFgyv08M0CAwEAAaOCAQ4wggEKMAkGA1UdEwQCMAAwHQYDVR0OBBYEFLIQ
+FfD6KGz2WUt1Iadcs9TkODj4MIHEBgNVHSMEgbwwgbmAFKONff+oaR58VFhGYf63
+aLws/MveoYGdpIGaMIGXMQswCQYDVQQGEwJVUzEQMA4GA1UECBMHRmxvcmlkYTEb
+MBkGA1UEBxMSUGFsbSBCZWFjaCBHYXJkZW5zMRQwEgYDVQQKEwtaZXJvQywgSW5j
+LjEMMAoGA1UECxMDSWNlMRYwFAYDVQQDEw1aZXJvQyBUZXN0IENBMR0wGwYJKoZI
+hvcNAQkBFg5pbmZvQHplcm9jLmNvbYIBADAXBgNVHREEEDAOggZzZXJ2ZXKHBH8A
+AAEwDQYJKoZIhvcNAQEEBQADggEBADgvDHkxNv5O7WV+PVK0QdS04O5g0czdS3dj
+HdJ4HsHDmXmfjjvejTRwLFfHhlHme/cJakJfmPZCbEBvA5mi7k2wEGtm/ogpOK6M
+xHlcGz9nUXtaDmEl6YVhxAZXTtwtMC68NLOsHtpjP09jIloRccwN5YG278+RTuNE
+DDlg2V4aotS3e+8Gga0AoP3HRYFIIFS1uSr/CTx1GZy/KwNJxSgjWrTfAJvaGZGV
+cXdEYe1UTiP2l9pTlAFzsgPXhuTGE7NGxXmzSTppdRsMvj5eVj29jl9yirxoLYsH
+/d4MHiuTVqCEEDw3mSfBEp032g0dVTLTr7bfoksgJhWCf2UCYPo=
+-----END CERTIFICATE-----
diff --git a/cpp/test/IceSSL/certs/s_rsa_nopass_ca2_priv.pem b/cpp/test/IceSSL/certs/s_rsa_nopass_ca2_priv.pem
new file mode 100644
index 00000000000..939685211e7
--- /dev/null
+++ b/cpp/test/IceSSL/certs/s_rsa_nopass_ca2_priv.pem
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQDVFwbbRCG5853J4c3wmgg36GC8t26q+v47p1yMic7z06r9zwbp
+5TPCcL7jjNFxCBUGi3CTJbNwLexgH9fqZ52vCmCqwuvD20DqooXm1Z10soDwxA0Q
+lK5By+4OqSkV2YyVJ0E6E0gjyG0o7IR1fAH4gOKkGEJItWiG1q+b0qiMdQIDAQAB
+AoGAXR1o05vcGQPJqZRQh5jninay/wQxCeoP+kVR/d+iXY3bJHm5DbAohAj8gTbh
+tsDPX0LDeKl61cRbjE2d7kJE9pHger7zHpENEaEtxtA9pcd8gIhgY5i2fo95fLm4
+0EvXa6wpoBCGzN2++r6yi4gQxhTWcoE3tfZW2gIMwfqx5kECQQD3MaxLNdyGYjQC
+yl7jg41WETGivnLtJZpiU/rfyDjIooAyu832pcnoNZlXy1i6jJCgtUmCZL3bG4xO
+wxqy5LPtAkEA3K5V/LoFHYWaBDI+SWo2jVA6FulaZ3T+iLEe5WptpHLx5kKyxAV5
+Ws9qRZBrTsQtKqvnE5DsUzRkjzGITFY5qQJBAI7IS2v6BZI94SsHd73U++uN7OzD
+MyEWClHnjk56mYoSixhC8Joac0DEzPkwROUkUlnxvS8rP5rzE51fBun0PpUCQEjN
+xxZydD+SFQavYLctsEOcpR1r7ORWx6Zm8K91Fij7tuxlMr7So3+fEAtVIuHAfLoo
+LjrZQ+4LSeWnzLSKeckCQDDBZmUgzltfVEI+NLUEBbxLm12noc42Kar5SAXXhDIH
+wwA+pxHqfZh7FwgByKLT+yvAfSiqWMpAq5vAjC7XvP4=
+-----END RSA PRIVATE KEY-----
diff --git a/cpp/test/IceSSL/certs/s_rsa_nopass_ca2_pub.pem b/cpp/test/IceSSL/certs/s_rsa_nopass_ca2_pub.pem
new file mode 100644
index 00000000000..56b42af056c
--- /dev/null
+++ b/cpp/test/IceSSL/certs/s_rsa_nopass_ca2_pub.pem
@@ -0,0 +1,76 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 1 (0x1)
+        Signature Algorithm: md5WithRSAEncryption
+        Issuer: C=US, ST=Florida, L=Palm Beach Gardens, O=ZeroC, Inc., OU=Ice, CN=ZeroC Test CA/emailAddress=info@zeroc.com
+        Validity
+            Not Before: Mar 28 18:09:57 2006 GMT
+            Not After : Mar 25 18:09:57 2016 GMT
+        Subject: C=US, ST=Florida, O=ZeroC, Inc., OU=Ice/emailAddress=info@zeroc.com, CN=Server
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (1024 bit)
+                Modulus (1024 bit):
+                    00:d5:17:06:db:44:21:b9:f3:9d:c9:e1:cd:f0:9a:
+                    08:37:e8:60:bc:b7:6e:aa:fa:fe:3b:a7:5c:8c:89:
+                    ce:f3:d3:aa:fd:cf:06:e9:e5:33:c2:70:be:e3:8c:
+                    d1:71:08:15:06:8b:70:93:25:b3:70:2d:ec:60:1f:
+                    d7:ea:67:9d:af:0a:60:aa:c2:eb:c3:db:40:ea:a2:
+                    85:e6:d5:9d:74:b2:80:f0:c4:0d:10:94:ae:41:cb:
+                    ee:0e:a9:29:15:d9:8c:95:27:41:3a:13:48:23:c8:
+                    6d:28:ec:84:75:7c:01:f8:80:e2:a4:18:42:48:b5:
+                    68:86:d6:af:9b:d2:a8:8c:75
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Basic Constraints: 
+            CA:FALSE
+            X509v3 Subject Key Identifier: 
+            EC:AA:CA:77:2D:3E:F0:4B:21:BD:A3:BC:41:E4:57:B0:38:BE:58:0E
+            X509v3 Authority Key Identifier: 
+            keyid:BD:5A:BA:8A:D2:B9:96:DC:91:5C:64:9F:99:94:E2:48:44:2C:A9:DA
+            DirName:/C=US/ST=Florida/L=Palm Beach Gardens/O=ZeroC, Inc./OU=Ice/CN=ZeroC Test CA/emailAddress=info@zeroc.com
+            serial:00
+
+            X509v3 Subject Alternative Name: 
+            DNS:server, IP Address:127.0.0.1
+    Signature Algorithm: md5WithRSAEncryption
+        77:d1:04:70:ab:2d:6e:47:c6:a0:12:8d:46:5b:a0:1c:ed:c7:
+        81:35:bf:6a:22:21:52:bc:02:18:b9:6e:d2:e4:e9:30:5e:65:
+        ec:2a:8e:cd:d1:29:87:c0:a1:48:be:94:f1:3d:b3:34:0b:e1:
+        d7:bc:ef:96:2a:c0:8b:77:30:77:63:ab:d8:28:15:07:53:ef:
+        c8:11:af:cd:0b:33:49:6c:b2:1f:18:1b:ab:e5:32:5f:ca:8f:
+        6f:9d:f6:af:0c:aa:2d:0e:e2:bf:12:4b:37:84:0c:f7:21:a8:
+        6d:4f:44:d4:5a:c5:60:1b:e4:87:d3:7d:bf:b9:85:fb:37:68:
+        48:dd:cb:84:e5:2b:c0:99:83:c9:ae:9c:f5:32:50:0c:b3:28:
+        50:fe:6a:72:f6:f6:80:6c:76:96:a4:db:c7:63:78:7e:fe:d6:
+        1e:33:10:1a:bd:19:dc:8a:f0:27:e5:64:81:ea:8c:f4:db:73:
+        f7:4b:e9:f1:99:ee:c4:b1:0c:1c:b9:37:52:f8:66:ef:a1:91:
+        fc:96:65:c7:75:65:15:83:96:c3:12:1d:46:bd:c1:02:f1:8f:
+        de:37:12:fc:73:7a:3a:a3:70:4d:6f:40:3c:30:82:f0:f0:07:
+        3a:1b:a9:67:24:43:a9:74:f9:36:ec:5d:da:8c:f3:fe:29:51:
+        39:3a:e5:f7
+-----BEGIN CERTIFICATE-----
+MIIEEjCCAvqgAwIBAgIBATANBgkqhkiG9w0BAQQFADCBlzELMAkGA1UEBhMCVVMx
+EDAOBgNVBAgTB0Zsb3JpZGExGzAZBgNVBAcTElBhbG0gQmVhY2ggR2FyZGVuczEU
+MBIGA1UEChMLWmVyb0MsIEluYy4xDDAKBgNVBAsTA0ljZTEWMBQGA1UEAxMNWmVy
+b0MgVGVzdCBDQTEdMBsGCSqGSIb3DQEJARYOaW5mb0B6ZXJvYy5jb20wHhcNMDYw
+MzI4MTgwOTU3WhcNMTYwMzI1MTgwOTU3WjBzMQswCQYDVQQGEwJVUzEQMA4GA1UE
+CBMHRmxvcmlkYTEUMBIGA1UEChMLWmVyb0MsIEluYy4xDDAKBgNVBAsTA0ljZTEd
+MBsGCSqGSIb3DQEJARYOaW5mb0B6ZXJvYy5jb20xDzANBgNVBAMTBlNlcnZlcjCB
+nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA1RcG20QhufOdyeHN8JoIN+hgvLdu
+qvr+O6dcjInO89Oq/c8G6eUzwnC+44zRcQgVBotwkyWzcC3sYB/X6medrwpgqsLr
+w9tA6qKF5tWddLKA8MQNEJSuQcvuDqkpFdmMlSdBOhNII8htKOyEdXwB+IDipBhC
+SLVohtavm9KojHUCAwEAAaOCAQ4wggEKMAkGA1UdEwQCMAAwHQYDVR0OBBYEFOyq
+ynctPvBLIb2jvEHkV7A4vlgOMIHEBgNVHSMEgbwwgbmAFL1auorSuZbckVxkn5mU
+4khELKnaoYGdpIGaMIGXMQswCQYDVQQGEwJVUzEQMA4GA1UECBMHRmxvcmlkYTEb
+MBkGA1UEBxMSUGFsbSBCZWFjaCBHYXJkZW5zMRQwEgYDVQQKEwtaZXJvQywgSW5j
+LjEMMAoGA1UECxMDSWNlMRYwFAYDVQQDEw1aZXJvQyBUZXN0IENBMR0wGwYJKoZI
+hvcNAQkBFg5pbmZvQHplcm9jLmNvbYIBADAXBgNVHREEEDAOggZzZXJ2ZXKHBH8A
+AAEwDQYJKoZIhvcNAQEEBQADggEBAHfRBHCrLW5HxqASjUZboBztx4E1v2oiIVK8
+Ahi5btLk6TBeZewqjs3RKYfAoUi+lPE9szQL4de875YqwIt3MHdjq9goFQdT78gR
+r80LM0lssh8YG6vlMl/Kj2+d9q8Mqi0O4r8SSzeEDPchqG1PRNRaxWAb5IfTfb+5
+hfs3aEjdy4TlK8CZg8munPUyUAyzKFD+anL29oBsdpak28djeH7+1h4zEBq9GdyK
+8CflZIHqjPTbc/dL6fGZ7sSxDBy5N1L4Zu+hkfyWZcd1ZRWDlsMSHUa9wQLxj943
+EvxzejqjcE1vQDwwgvDwBzobqWckQ6l0+TbsXdqM8/4pUTk65fc=
+-----END CERTIFICATE-----
diff --git a/cpp/test/IceSSL/certs/s_rsa_pass_ca1_priv.pem b/cpp/test/IceSSL/certs/s_rsa_pass_ca1_priv.pem
new file mode 100644
index 00000000000..caa69449055
--- /dev/null
+++ b/cpp/test/IceSSL/certs/s_rsa_pass_ca1_priv.pem
@@ -0,0 +1,18 @@
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,ACC1D4981240C7FC
+
+2j4kmVaHJUn8Kw+5e7SgA6ywb6z6qTRZmhE9E5KxgCd3WFtkWbOspIzT9/Am8rJK
+6nyf/Q1F8fQXBkWzWd4MY4OwnUuVCMobabBhpWvq7FoShK8Sr+1VJKu8sjyikemw
+Vm+tqK9H5R7UmVTSuCbu4zwBZYyp4MSMmSM04HL88/o2PhmTzhyTWS457TtMW1oo
+/RGbMkjEAyi62uqPp5juf+1BtvQndmxwxVnnY5kl1jCLnp7/LbFwToZhwxkSqm+y
+xjmzWUCAPe3/yy/e+HhnRSa5M6m2B4he3PP3NSI0ju0u5NYxRH3w/gTc3LHGL0V7
+YNIDer3pNgLGoVxZmtTr0tydgUCbKD73PWw9SUEtLwi0b5z+MfnXL01Rh4Vj5nPC
+E0uVT+iMQPDJJ0zzXBlUjDNLzgdmTxPpoCaz2hthOBMyfM+jP5xe51ZL7vNciyHR
+P/eMVfj5Dr8W2/N7U0BKk/z3/R6VXbNK+SZN8nnZPvOEAdYs6BvrJMv5TUj3/mZr
+qXuRWTeGdidBcKlP2X5gEBgfH94eNilFPA5h2ccyaHuREolWtiJ+S7pWYF4EThRy
+MhH6g52FA7mIbvjOcfuuYgoBab1afMskrMd24oWy1CCIn7+HCOkHyLHG68GWwhGX
+S/cBG40/6V7t4JhUfLZe38HjJTm3bsS39jFbW7rOiZ7jzNq+XOzvncH82Xetx3GU
+AnBieWWJlHTume/8PzzTGIsVOf09YZfd6LVJHePVa4/o2OXCggdNf79b1jMyJ+ia
+8uv0ymMTK3GRsev+9tXv6B42cWqkMSsCcq6vi1GDziU=
+-----END RSA PRIVATE KEY-----
diff --git a/cpp/test/IceSSL/certs/s_rsa_pass_ca1_pub.pem b/cpp/test/IceSSL/certs/s_rsa_pass_ca1_pub.pem
new file mode 100644
index 00000000000..83077d6525d
--- /dev/null
+++ b/cpp/test/IceSSL/certs/s_rsa_pass_ca1_pub.pem
@@ -0,0 +1,76 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 1 (0x1)
+        Signature Algorithm: md5WithRSAEncryption
+        Issuer: C=US, ST=Florida, L=Palm Beach Gardens, O=ZeroC, Inc., OU=Ice, CN=ZeroC Test CA/emailAddress=info@zeroc.com
+        Validity
+            Not Before: Mar 28 18:09:56 2006 GMT
+            Not After : Mar 25 18:09:56 2016 GMT
+        Subject: C=US, ST=Florida, O=ZeroC, Inc., OU=Ice/emailAddress=info@zeroc.com, CN=Server
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (1024 bit)
+                Modulus (1024 bit):
+                    00:c6:fe:39:df:e9:b1:c0:9c:d8:41:4c:ae:69:c3:
+                    0c:88:26:6d:71:95:34:f2:19:22:23:f2:d4:c9:47:
+                    c9:fd:b7:fb:1c:91:7e:b5:01:94:ba:b7:f9:fb:69:
+                    6a:aa:dc:e7:5e:a1:ec:7e:5d:92:15:cf:90:35:bd:
+                    39:20:1e:6b:ba:71:a7:fb:9f:c0:d4:1f:90:4b:7c:
+                    d1:6a:7a:cb:4b:2d:cc:6a:cc:2e:6c:9f:34:a9:ad:
+                    2d:aa:40:86:18:19:9a:57:ed:8b:d9:6e:d8:e8:0a:
+                    19:9d:12:de:19:67:c8:26:fc:a9:21:01:fe:3d:41:
+                    b7:bb:bb:b3:8a:3f:41:61:01
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Basic Constraints: 
+            CA:FALSE
+            X509v3 Subject Key Identifier: 
+            36:E7:80:CD:7C:6C:38:62:1F:28:11:A4:BA:FF:43:4A:9C:FE:D7:38
+            X509v3 Authority Key Identifier: 
+            keyid:A3:8D:7D:FF:A8:69:1E:7C:54:58:46:61:FE:B7:68:BC:2C:FC:CB:DE
+            DirName:/C=US/ST=Florida/L=Palm Beach Gardens/O=ZeroC, Inc./OU=Ice/CN=ZeroC Test CA/emailAddress=info@zeroc.com
+            serial:00
+
+            X509v3 Subject Alternative Name: 
+            DNS:server, IP Address:127.0.0.1
+    Signature Algorithm: md5WithRSAEncryption
+        3f:b8:5b:fd:c5:7d:0c:33:b6:c3:36:56:f2:51:22:45:43:c4:
+        89:cd:b3:d3:a5:e6:96:7a:cf:66:6d:12:e7:83:b8:61:3b:48:
+        24:8c:51:e2:ef:38:45:49:64:70:c6:c4:ef:06:84:76:b8:21:
+        8a:04:b7:d9:3b:22:d8:68:e2:06:e6:c1:4a:d9:1e:1c:cb:39:
+        58:fa:3f:07:cb:e5:82:c8:5d:97:56:f1:ea:ab:0f:da:64:09:
+        7c:75:ea:6e:ed:b3:4b:45:73:4e:b1:75:74:a3:ef:44:77:32:
+        e3:e9:cf:1e:ab:69:89:66:ed:14:c5:ae:30:e7:0f:4c:03:58:
+        7e:65:ee:67:6e:73:80:81:36:84:74:41:4b:8d:26:65:e2:db:
+        9c:29:80:8a:f9:cd:71:76:0d:06:3b:4f:cb:c6:ed:08:19:56:
+        26:39:5b:5c:bb:66:a1:75:58:02:1b:3b:cb:bd:6f:5c:56:ec:
+        f5:e9:71:bb:cd:fb:f6:bd:8c:8e:db:e3:7e:59:39:37:99:4d:
+        b7:1a:64:30:ba:43:08:69:7a:f8:05:15:04:7b:02:00:cc:15:
+        d1:c3:78:4e:9a:bd:fb:e2:35:4b:0d:08:8c:4f:ad:52:9e:8f:
+        05:ed:12:57:7c:07:5e:26:20:bb:78:0e:d1:c7:3b:c4:fd:4b:
+        a1:27:85:82
+-----BEGIN CERTIFICATE-----
+MIIEEjCCAvqgAwIBAgIBATANBgkqhkiG9w0BAQQFADCBlzELMAkGA1UEBhMCVVMx
+EDAOBgNVBAgTB0Zsb3JpZGExGzAZBgNVBAcTElBhbG0gQmVhY2ggR2FyZGVuczEU
+MBIGA1UEChMLWmVyb0MsIEluYy4xDDAKBgNVBAsTA0ljZTEWMBQGA1UEAxMNWmVy
+b0MgVGVzdCBDQTEdMBsGCSqGSIb3DQEJARYOaW5mb0B6ZXJvYy5jb20wHhcNMDYw
+MzI4MTgwOTU2WhcNMTYwMzI1MTgwOTU2WjBzMQswCQYDVQQGEwJVUzEQMA4GA1UE
+CBMHRmxvcmlkYTEUMBIGA1UEChMLWmVyb0MsIEluYy4xDDAKBgNVBAsTA0ljZTEd
+MBsGCSqGSIb3DQEJARYOaW5mb0B6ZXJvYy5jb20xDzANBgNVBAMTBlNlcnZlcjCB
+nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAxv453+mxwJzYQUyuacMMiCZtcZU0
+8hkiI/LUyUfJ/bf7HJF+tQGUurf5+2lqqtznXqHsfl2SFc+QNb05IB5runGn+5/A
+1B+QS3zRanrLSy3MaswubJ80qa0tqkCGGBmaV+2L2W7Y6AoZnRLeGWfIJvypIQH+
+PUG3u7uzij9BYQECAwEAAaOCAQ4wggEKMAkGA1UdEwQCMAAwHQYDVR0OBBYEFDbn
+gM18bDhiHygRpLr/Q0qc/tc4MIHEBgNVHSMEgbwwgbmAFKONff+oaR58VFhGYf63
+aLws/MveoYGdpIGaMIGXMQswCQYDVQQGEwJVUzEQMA4GA1UECBMHRmxvcmlkYTEb
+MBkGA1UEBxMSUGFsbSBCZWFjaCBHYXJkZW5zMRQwEgYDVQQKEwtaZXJvQywgSW5j
+LjEMMAoGA1UECxMDSWNlMRYwFAYDVQQDEw1aZXJvQyBUZXN0IENBMR0wGwYJKoZI
+hvcNAQkBFg5pbmZvQHplcm9jLmNvbYIBADAXBgNVHREEEDAOggZzZXJ2ZXKHBH8A
+AAEwDQYJKoZIhvcNAQEEBQADggEBAD+4W/3FfQwztsM2VvJRIkVDxInNs9Ol5pZ6
+z2ZtEueDuGE7SCSMUeLvOEVJZHDGxO8GhHa4IYoEt9k7Itho4gbmwUrZHhzLOVj6
+PwfL5YLIXZdW8eqrD9pkCXx16m7ts0tFc06xdXSj70R3MuPpzx6raYlm7RTFrjDn
+D0wDWH5l7mduc4CBNoR0QUuNJmXi25wpgIr5zXF2DQY7T8vG7QgZViY5W1y7ZqF1
+WAIbO8u9b1xW7PXpcbvN+/a9jI7b435ZOTeZTbcaZDC6QwhpevgFFQR7AgDMFdHD
+eE6avfviNUsNCIxPrVKejwXtEld8B14mILt4DtHHO8T9S6EnhYI=
+-----END CERTIFICATE-----
diff --git a/cpp/test/IceSSL/certs/server.cnf b/cpp/test/IceSSL/certs/server.cnf
new file mode 100644
index 00000000000..7561151cb46
--- /dev/null
+++ b/cpp/test/IceSSL/certs/server.cnf
@@ -0,0 +1,82 @@
+# **********************************************************************
+#
+# Copyright (c) 2003-2005 ZeroC, Inc. All rights reserved.
+#
+# This copy of Ice is licensed to you under the terms described in the
+# ICE_LICENSE file included in this distribution.
+#
+# **********************************************************************
+
+#
+# ZeroC base OpenSSL configuration file.
+#
+
+###############################################################################
+###  CA Configuration
+###############################################################################
+
+[ ca ]
+default_ca = ice
+
+
+[ ice ]
+dir              = tmp	       # Where everything is kept.
+database         = $dir/index.txt           # Database index file.
+new_certs_dir    = $dir                     # Default loc for new certs.
+serial           = $dir/serial              # The current serial number.
+
+certs            = $dir                     # Where issued certs are kept.
+RANDFILE         = $dir/.rand               # Private random number file.
+
+default_days     = 3650                     # How long certs are valid.
+default_md       = md5                      # The Message Digest type.
+preserve         = yes                      # Keep passed DN ordering?
+
+policy           = ca_policy
+x509_extensions  = certificate_extensions
+
+
+[ ca_policy ]
+countryName            = match
+stateOrProvinceName    = match
+organizationName       = match
+organizationalUnitName = optional
+emailAddress           = optional
+commonName             = supplied
+
+
+[ certificate_extensions ]
+basicConstraints = CA:false
+
+# PKIX recommendation.
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid:always,issuer:always
+
+subjectAltName = DNS:server, IP:127.0.0.1
+
+[ req ]
+default_bits        = 1024
+default_md          = md5
+prompt              = no
+distinguished_name  = root_ca_distinguished_name
+x509_extensions     = root_ca_extensions
+
+
+[ root_ca_distinguished_name ]
+countryName            = US
+stateOrProvinceName    = Florida
+localityName           = Palm Beach Gardens
+organizationName       = ZeroC, Inc.
+organizationalUnitName = Ice
+commonName             = Server
+emailAddress           = info@zeroc.com
+
+
+[ root_ca_extensions ]
+basicConstraints = CA:false
+
+# PKIX recommendation.
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid:always,issuer:always
+keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+
diff --git a/cpp/test/IceSSL/certs/sslconfig.dtd b/cpp/test/IceSSL/certs/sslconfig.dtd
deleted file mode 100644
index 4e8e79d89c0..00000000000
--- a/cpp/test/IceSSL/certs/sslconfig.dtd
+++ /dev/null
@@ -1,43 +0,0 @@
-<!ELEMENT SSLConfig (client?,server?)>  

-<!ELEMENT client (general, certauthority?, basecerts)>  

-<!ELEMENT server (general, certauthority?, basecerts, tempcerts?)>  

-<!ELEMENT general EMPTY>  

-<!ELEMENT certauthority EMPTY> 

-<!ELEMENT basecerts (rsacert?,dsacert?,dhparams?)>  

-<!ELEMENT tempcerts (rsacert*,dhparams*)>  

-  

-<!ATTLIST general  

-        version (SSLv23|SSLv3|TLSv1) "SSLv23"  

-        cipherlist CDATA #IMPLIED  

-        context CDATA #IMPLIED  

-        verifymode CDATA "none"  

-        verifydepth CDATA "10"  

-        randombytes CDATA #IMPLIED>  

-  

-<!ATTLIST certauthority 

-        file CDATA #IMPLIED 

-        path CDATA #IMPLIED>  

-  

-<!ELEMENT rsacert (public,private)>  

-<!ATTLIST rsacert  

-        keysize CDATA #REQUIRED>  

-  

-<!ELEMENT dsacert (public,private)>  

-<!ATTLIST dsacert  

-        keysize CDATA #REQUIRED>  

-  

-<!ELEMENT dhparams EMPTY>  

-<!ATTLIST dhparams  

-        keysize CDATA #REQUIRED  

-        encoding CDATA #FIXED "PEM"  

-        filename CDATA #REQUIRED>  

-  

-<!ELEMENT public EMPTY>  

-<!ATTLIST public  

-        encoding CDATA #FIXED "PEM"  

-        filename CDATA #REQUIRED>  

-  

-<!ELEMENT private EMPTY>  

-<!ATTLIST private  

-        encoding CDATA #FIXED "PEM"  

-        filename CDATA #REQUIRED>

diff --git a/cpp/test/IceSSL/certs/sslconfig_1.xml b/cpp/test/IceSSL/certs/sslconfig_1.xml
deleted file mode 100644
index 4d6bae9d2e0..00000000000
--- a/cpp/test/IceSSL/certs/sslconfig_1.xml
+++ /dev/null
@@ -1,14 +0,0 @@
-<?xml version="1.0" encoding="ISO-8859-1" standalone="no" ?> 
-<!DOCTYPE SSLConfig SYSTEM "sslconfig.dtd"> 
-<SSLConfig> 
-    <client> 
-        <general version="SSLv23" cipherlist="RC4-MD5" verifymode="peer" verifydepth="10" /> 
-        <certauthority file="cacert.pem" />
-        <basecerts> 
-            <rsacert keysize="1024"> 
-                <public  encoding="PEM" filename="badCert.pem" /> 
-                <private encoding="PEM" filename="badKey.pem" /> 
-            </rsacert> 
-        </basecerts> 
-    </client> 
-</SSLConfig>
diff --git a/cpp/test/IceSSL/certs/sslconfig_2.xml b/cpp/test/IceSSL/certs/sslconfig_2.xml
deleted file mode 100644
index fb361270579..00000000000
--- a/cpp/test/IceSSL/certs/sslconfig_2.xml
+++ /dev/null
@@ -1,14 +0,0 @@
-<?xml version="1.0" encoding="ISO-8859-1" standalone="no" ?> 
-<!DOCTYPE SSLConfig SYSTEM "sslconfig.dtd"> 
-<SSLConfig> 
-    <client> 
-        <general version="SSLv23" cipherlist="RC4-MD5" verifymode="peer" verifydepth="10" /> 
-        <certauthority file="cacert.pem" />
-        <basecerts> 
-            <rsacert keysize="1024"> 
-                <public  encoding="PEM" filename="goodCert_1.pem" /> 
-                <private encoding="PEM" filename="badKey.pem" /> 
-            </rsacert> 
-        </basecerts> 
-    </client> 
-</SSLConfig>
diff --git a/cpp/test/IceSSL/certs/sslconfig_3.xml b/cpp/test/IceSSL/certs/sslconfig_3.xml
deleted file mode 100644
index be7c6665951..00000000000
--- a/cpp/test/IceSSL/certs/sslconfig_3.xml
+++ /dev/null
@@ -1,14 +0,0 @@
-<?xml version="1.0" encoding="ISO-8859-1" standalone="no" ?> 
-<!DOCTYPE SSLConfig SYSTEM "sslconfig.dtd"> 
-<SSLConfig> 
-    <client> 
-        <general version="SSLv23" cipherlist="RC4-MD5" verifymode="peer" verifydepth="10" /> 
-        <certauthority file="cacert.pem" />
-        <basecerts> 
-            <rsacert keysize="1024"> 
-                <public  encoding="PEM" filename="badCert.pem" /> 
-                <private encoding="PEM" filename="goodKey_1.pem" /> 
-            </rsacert> 
-        </basecerts> 
-    </client> 
-</SSLConfig>
diff --git a/cpp/test/IceSSL/certs/sslconfig_4.xml b/cpp/test/IceSSL/certs/sslconfig_4.xml
deleted file mode 100644
index c9af36cb392..00000000000
--- a/cpp/test/IceSSL/certs/sslconfig_4.xml
+++ /dev/null
@@ -1,14 +0,0 @@
-<?xml version="1.0" encoding="ISO-8859-1" standalone="no" ?> 
-<!DOCTYPE SSLConfig SYSTEM "sslconfig.dtd"> 
-<SSLConfig> 
-    <client> 
-        <general version="SSLv23" cipherlist="RC4-MD5" verifymode="peer" verifydepth="10" /> 
-        <certauthority file="cacert.pem" />
-        <basecerts> 
-            <rsacert keysize="1024"> 
-                <public  encoding="PEM" filename="goodCert_2.pem" /> 
-                <private encoding="PEM" filename="goodKey_1.pem" /> 
-            </rsacert> 
-        </basecerts> 
-    </client> 
-</SSLConfig>
diff --git a/cpp/test/IceSSL/certs/sslconfig_5.xml b/cpp/test/IceSSL/certs/sslconfig_5.xml
deleted file mode 100644
index c1de8e1d58c..00000000000
--- a/cpp/test/IceSSL/certs/sslconfig_5.xml
+++ /dev/null
@@ -1,14 +0,0 @@
-<?xml version="1.0" encoding="ISO-8859-1" standalone="no" ?> 
-<!DOCTYPE SSLConfig SYSTEM "sslconfig.dtd"> 
-<SSLConfig> 
-    <client> 
-        <general version="SSLv23" cipherlist="RC4-MD5" verifymode="peer" verifydepth="10" /> 
-        <certauthority file="cacert.pem" />
-        <basecerts> 
-            <rsacert keysize="1024"> 
-                <public  encoding="PEM" filename="goodCert_1.pem" /> 
-                <private encoding="PEM" filename="goodKey_2.pem" /> 
-            </rsacert> 
-        </basecerts> 
-    </client> 
-</SSLConfig>
diff --git a/cpp/test/IceSSL/certs/sslconfig_6.xml b/cpp/test/IceSSL/certs/sslconfig_6.xml
deleted file mode 100644
index ca36f7df390..00000000000
--- a/cpp/test/IceSSL/certs/sslconfig_6.xml
+++ /dev/null
@@ -1,14 +0,0 @@
-<?xml version="1.0" encoding="ISO-8859-1" standalone="no" ?> 
-<!DOCTYPE SSLConfig SYSTEM "sslconfig.dtd"> 
-<SSLConfig> 
-    <client> 
-        <general version="SSLv23" cipherlist="RC4-MD5" verifymode="peer" verifydepth="10" /> 
-        <certauthority file="cacert.pem" />
-        <basecerts> 
-            <rsacert keysize="1024"> 
-                <public  encoding="PEM" filename="goodCert_1.pem" /> 
-                <private encoding="PEM" filename="goodKey_1.pem" /> 
-            </rsacert> 
-        </basecerts> 
-    </client> 
-</SSLConfig>
diff --git a/cpp/test/IceSSL/certs/sslconfig_7.xml b/cpp/test/IceSSL/certs/sslconfig_7.xml
deleted file mode 100644
index 29104b02040..00000000000
--- a/cpp/test/IceSSL/certs/sslconfig_7.xml
+++ /dev/null
@@ -1,13 +0,0 @@
-<?xml version="1.0" encoding="ISO-8859-1" standalone="no" ?> 
-<!DOCTYPE SSLConfig SYSTEM "sslconfig.dtd"> 
-<SSLConfig> 
-    <client> 
-        <general version="SSLv23" cipherlist="RC4-MD5" verifymode="peer" verifydepth="2" /> 
-        <basecerts> 
-            <rsacert keysize="1024"> 
-                <public  encoding="PEM" filename="goodCert_1.pem" /> 
-                <private encoding="PEM" filename="goodKey_1.pem" /> 
-            </rsacert> 
-        </basecerts> 
-    </client> 
-</SSLConfig>
diff --git a/cpp/test/IceSSL/certs/sslconfig_8.xml b/cpp/test/IceSSL/certs/sslconfig_8.xml
deleted file mode 100644
index bdf8a0404a6..00000000000
--- a/cpp/test/IceSSL/certs/sslconfig_8.xml
+++ /dev/null
@@ -1,14 +0,0 @@
-<?xml version="1.0" encoding="ISO-8859-1" standalone="no" ?> 

-<!DOCTYPE SSLConfig SYSTEM "sslconfig.dtd"> 

-<SSLConfig> 

-    <server> 

-        <general version="SSLv23" cipherlist="RC4-MD5" verifymode="peer|client_once|fail_no_cert" verifydepth="2" /> 

-        <certauthority file="cacert.pem" />

-        <basecerts> 

-            <rsacert keysize="1024"> 

-                <public  encoding="PEM" filename="goodCert_2.pem" /> 

-                <private encoding="PEM" filename="goodKey_2.pem" /> 

-            </rsacert>

-        </basecerts>

-    </server> 

-</SSLConfig>

diff --git a/cpp/test/IceSSL/certs/test_ca.cnf b/cpp/test/IceSSL/certs/test_ca.cnf
new file mode 100644
index 00000000000..e3068e2ceb3
--- /dev/null
+++ b/cpp/test/IceSSL/certs/test_ca.cnf
@@ -0,0 +1,52 @@
+# **********************************************************************
+#
+# Copyright (c) 2003-2005 ZeroC, Inc. All rights reserved.
+#
+# This copy of Ice is licensed to you under the terms described in the
+# ICE_LICENSE file included in this distribution.
+#
+# **********************************************************************
+
+#
+# ZeroC base OpenSSL configuration file.
+#
+
+###############################################################################
+###  Self Signed Root Certificate
+###############################################################################
+
+[ ca ]
+default_ca = ice
+
+
+[ ice ]
+default_days     = 3650    # How long certs are valid.
+default_md       = md5     # The Message Digest type.
+preserve         = no      # Keep passed DN ordering?
+
+
+[ req ]
+default_bits        = 2048
+default_md          = md5
+prompt              = no
+distinguished_name  = root_ca_distinguished_name
+x509_extensions     = root_ca_extensions
+
+
+[ root_ca_distinguished_name ]
+countryName            = US
+stateOrProvinceName    = Florida
+localityName           = Palm Beach Gardens
+organizationName       = ZeroC, Inc.
+organizationalUnitName = Ice
+commonName             = ZeroC Test CA
+emailAddress           = info@zeroc.com
+
+
+[ root_ca_extensions ]
+basicConstraints = CA:true
+
+# PKIX recommendation.
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid:always,issuer:always
+
diff --git a/cpp/test/IceSSL/configuration/.depend b/cpp/test/IceSSL/configuration/.depend
index c5f73d07f93..511c5dbba31 100644
--- a/cpp/test/IceSSL/configuration/.depend
+++ b/cpp/test/IceSSL/configuration/.depend
@@ -1 +1,7 @@
-Configuration.o: Configuration.cpp ../../../include/Ice/Ice.h ../../../include/Ice/GCRecMutex.h ../../../include/IceUtil/RecMutex.h ../../../include/IceUtil/Config.h ../../../include/IceUtil/Lock.h ../../../include/IceUtil/ThreadException.h ../../../include/IceUtil/Exception.h ../../../include/Ice/Config.h ../../../include/Ice/GCShared.h ../../../include/Ice/GC.h ../../../include/IceUtil/Thread.h ../../../include/IceUtil/Shared.h ../../../include/IceUtil/Handle.h ../../../include/IceUtil/Mutex.h ../../../include/IceUtil/Monitor.h ../../../include/IceUtil/Cond.h ../../../include/IceUtil/Time.h ../../../include/Ice/Initialize.h ../../../include/Ice/CommunicatorF.h ../../../include/Ice/LocalObjectF.h ../../../include/Ice/Handle.h ../../../include/Ice/ProxyF.h ../../../include/Ice/ProxyHandle.h ../../../include/Ice/ObjectF.h ../../../include/Ice/Exception.h ../../../include/Ice/LocalObject.h ../../../include/Ice/UndefSysMacros.h ../../../include/Ice/PropertiesF.h ../../../include/Ice/InstanceF.h ../../../include/Ice/BuiltinSequences.h ../../../include/Ice/Proxy.h ../../../include/Ice/ProxyFactoryF.h ../../../include/Ice/ConnectionIF.h ../../../include/Ice/EndpointIF.h ../../../include/Ice/Endpoint.h ../../../include/Ice/ObjectAdapterF.h ../../../include/Ice/ReferenceF.h ../../../include/Ice/OutgoingAsyncF.h ../../../include/Ice/Current.h ../../../include/Ice/ConnectionF.h ../../../include/Ice/Identity.h ../../../include/Ice/StreamF.h ../../../include/Ice/LocalException.h ../../../include/Ice/Properties.h ../../../include/Ice/Logger.h ../../../include/Ice/LoggerUtil.h ../../../include/Ice/LoggerF.h ../../../include/Ice/Stats.h ../../../include/Ice/Communicator.h ../../../include/Ice/StatsF.h ../../../include/Ice/ObjectFactoryF.h ../../../include/Ice/RouterF.h ../../../include/Ice/LocatorF.h ../../../include/Ice/PluginF.h ../../../include/Ice/ObjectFactory.h ../../../include/Ice/ObjectAdapter.h ../../../include/Ice/ServantLocatorF.h ../../../include/Ice/FacetMap.h ../../../include/Ice/ServantLocator.h ../../../include/Ice/Object.h ../../../include/Ice/IncomingAsyncF.h ../../../include/Ice/IdentityUtil.h ../../../include/Ice/OutgoingAsync.h ../../../include/Ice/IncomingAsync.h ../../../include/Ice/Incoming.h ../../../include/Ice/ServantManagerF.h ../../../include/Ice/BasicStream.h ../../../include/Ice/Buffer.h ../../../include/Ice/Process.h ../../../include/Ice/Outgoing.h ../../../include/Ice/Direct.h ../../../include/Ice/Application.h ../../../include/Ice/Connection.h ../../../include/Ice/Functional.h ../../../include/IceUtil/Functional.h ../../../include/Ice/Stream.h ../../include/TestCommon.h ../../../include/IceSSL/Exception.h ../../../include/IceSSL/Plugin.h ../../../include/Ice/Plugin.h ../../../include/IceSSL/CertificateVerifierF.h
+Test.o: Test.cpp ./Test.h ../../../include/Ice/LocalObjectF.h ../../../include/Ice/Handle.h ../../../include/IceUtil/Handle.h ../../../include/IceUtil/Exception.h ../../../include/IceUtil/Config.h ../../../include/Ice/Config.h ../../../include/Ice/ProxyHandle.h ../../../include/Ice/ProxyF.h ../../../include/Ice/ObjectF.h ../../../include/Ice/Exception.h ../../../include/Ice/LocalObject.h ../../../include/IceUtil/Shared.h ../../../include/Ice/Proxy.h ../../../include/IceUtil/Mutex.h ../../../include/IceUtil/Lock.h ../../../include/IceUtil/ThreadException.h ../../../include/Ice/ProxyFactoryF.h ../../../include/Ice/ConnectionIF.h ../../../include/Ice/EndpointIF.h ../../../include/Ice/Endpoint.h ../../../include/Ice/UndefSysMacros.h ../../../include/Ice/ObjectAdapterF.h ../../../include/Ice/ReferenceF.h ../../../include/Ice/OutgoingAsyncF.h ../../../include/Ice/Current.h ../../../include/Ice/ConnectionF.h ../../../include/Ice/Identity.h ../../../include/Ice/StreamF.h ../../../include/Ice/CommunicatorF.h ../../../include/Ice/Object.h ../../../include/Ice/GCShared.h ../../../include/Ice/GCRecMutex.h ../../../include/IceUtil/RecMutex.h ../../../include/Ice/IncomingAsyncF.h ../../../include/Ice/Outgoing.h ../../../include/IceUtil/Monitor.h ../../../include/IceUtil/Cond.h ../../../include/IceUtil/Time.h ../../../include/Ice/BasicStream.h ../../../include/Ice/InstanceF.h ../../../include/Ice/ObjectFactoryF.h ../../../include/Ice/Buffer.h ../../../include/Ice/Protocol.h ../../../include/IceUtil/AutoArray.h ../../../include/Ice/Incoming.h ../../../include/Ice/ServantLocatorF.h ../../../include/Ice/ServantManagerF.h ../../../include/Ice/Direct.h ../../../include/Ice/LocalException.h ../../../include/Ice/BuiltinSequences.h ../../../include/Ice/ObjectFactory.h ../../../include/IceUtil/Iterator.h
+Client.o: Client.cpp ../../../include/Ice/Ice.h ../../../include/Ice/GCRecMutex.h ../../../include/IceUtil/RecMutex.h ../../../include/IceUtil/Config.h ../../../include/IceUtil/Lock.h ../../../include/IceUtil/ThreadException.h ../../../include/IceUtil/Exception.h ../../../include/Ice/Config.h ../../../include/Ice/GCShared.h ../../../include/Ice/GC.h ../../../include/IceUtil/Thread.h ../../../include/IceUtil/Shared.h ../../../include/IceUtil/Handle.h ../../../include/IceUtil/Mutex.h ../../../include/IceUtil/Monitor.h ../../../include/IceUtil/Cond.h ../../../include/IceUtil/Time.h ../../../include/Ice/Initialize.h ../../../include/Ice/CommunicatorF.h ../../../include/Ice/LocalObjectF.h ../../../include/Ice/Handle.h ../../../include/Ice/ProxyHandle.h ../../../include/Ice/ProxyF.h ../../../include/Ice/ObjectF.h ../../../include/Ice/Exception.h ../../../include/Ice/LocalObject.h ../../../include/Ice/UndefSysMacros.h ../../../include/Ice/PropertiesF.h ../../../include/Ice/InstanceF.h ../../../include/Ice/LoggerF.h ../../../include/Ice/StreamF.h ../../../include/Ice/BuiltinSequences.h ../../../include/Ice/Proxy.h ../../../include/Ice/ProxyFactoryF.h ../../../include/Ice/ConnectionIF.h ../../../include/Ice/EndpointIF.h ../../../include/Ice/Endpoint.h ../../../include/Ice/ObjectAdapterF.h ../../../include/Ice/ReferenceF.h ../../../include/Ice/OutgoingAsyncF.h ../../../include/Ice/Current.h ../../../include/Ice/ConnectionF.h ../../../include/Ice/Identity.h ../../../include/Ice/LocalException.h ../../../include/Ice/Properties.h ../../../include/Ice/Logger.h ../../../include/Ice/LoggerUtil.h ../../../include/Ice/Stats.h ../../../include/Ice/Communicator.h ../../../include/Ice/StatsF.h ../../../include/Ice/ObjectFactoryF.h ../../../include/Ice/RouterF.h ../../../include/Ice/LocatorF.h ../../../include/Ice/PluginF.h ../../../include/Ice/ObjectFactory.h ../../../include/Ice/ObjectAdapter.h ../../../include/Ice/Object.h ../../../include/Ice/IncomingAsyncF.h ../../../include/Ice/Outgoing.h ../../../include/Ice/BasicStream.h ../../../include/Ice/Buffer.h ../../../include/Ice/Protocol.h ../../../include/IceUtil/AutoArray.h ../../../include/Ice/Incoming.h ../../../include/Ice/ServantLocatorF.h ../../../include/Ice/ServantManagerF.h ../../../include/Ice/IncomingAsync.h ../../../include/Ice/Direct.h ../../../include/Ice/UserExceptionFactory.h ../../../include/Ice/FactoryTable.h ../../../include/Ice/FactoryTableDef.h ../../../include/IceUtil/StaticMutex.h ../../../include/Ice/UserExceptionFactoryF.h ../../../include/Ice/FacetMap.h ../../../include/Ice/Locator.h ../../../include/Ice/ProcessF.h ../../../include/Ice/ServantLocator.h ../../../include/Ice/IdentityUtil.h ../../../include/Ice/OutgoingAsync.h ../../../include/Ice/Process.h ../../../include/Ice/Application.h ../../../include/Ice/Connection.h ../../../include/Ice/Functional.h ../../../include/IceUtil/Functional.h ../../../include/Ice/Stream.h
+AllTests.o: AllTests.cpp ../../../include/Ice/Ice.h ../../../include/Ice/GCRecMutex.h ../../../include/IceUtil/RecMutex.h ../../../include/IceUtil/Config.h ../../../include/IceUtil/Lock.h ../../../include/IceUtil/ThreadException.h ../../../include/IceUtil/Exception.h ../../../include/Ice/Config.h ../../../include/Ice/GCShared.h ../../../include/Ice/GC.h ../../../include/IceUtil/Thread.h ../../../include/IceUtil/Shared.h ../../../include/IceUtil/Handle.h ../../../include/IceUtil/Mutex.h ../../../include/IceUtil/Monitor.h ../../../include/IceUtil/Cond.h ../../../include/IceUtil/Time.h ../../../include/Ice/Initialize.h ../../../include/Ice/CommunicatorF.h ../../../include/Ice/LocalObjectF.h ../../../include/Ice/Handle.h ../../../include/Ice/ProxyHandle.h ../../../include/Ice/ProxyF.h ../../../include/Ice/ObjectF.h ../../../include/Ice/Exception.h ../../../include/Ice/LocalObject.h ../../../include/Ice/UndefSysMacros.h ../../../include/Ice/PropertiesF.h ../../../include/Ice/InstanceF.h ../../../include/Ice/LoggerF.h ../../../include/Ice/StreamF.h ../../../include/Ice/BuiltinSequences.h ../../../include/Ice/Proxy.h ../../../include/Ice/ProxyFactoryF.h ../../../include/Ice/ConnectionIF.h ../../../include/Ice/EndpointIF.h ../../../include/Ice/Endpoint.h ../../../include/Ice/ObjectAdapterF.h ../../../include/Ice/ReferenceF.h ../../../include/Ice/OutgoingAsyncF.h ../../../include/Ice/Current.h ../../../include/Ice/ConnectionF.h ../../../include/Ice/Identity.h ../../../include/Ice/LocalException.h ../../../include/Ice/Properties.h ../../../include/Ice/Logger.h ../../../include/Ice/LoggerUtil.h ../../../include/Ice/Stats.h ../../../include/Ice/Communicator.h ../../../include/Ice/StatsF.h ../../../include/Ice/ObjectFactoryF.h ../../../include/Ice/RouterF.h ../../../include/Ice/LocatorF.h ../../../include/Ice/PluginF.h ../../../include/Ice/ObjectFactory.h ../../../include/Ice/ObjectAdapter.h ../../../include/Ice/Object.h ../../../include/Ice/IncomingAsyncF.h ../../../include/Ice/Outgoing.h ../../../include/Ice/BasicStream.h ../../../include/Ice/Buffer.h ../../../include/Ice/Protocol.h ../../../include/IceUtil/AutoArray.h ../../../include/Ice/Incoming.h ../../../include/Ice/ServantLocatorF.h ../../../include/Ice/ServantManagerF.h ../../../include/Ice/IncomingAsync.h ../../../include/Ice/Direct.h ../../../include/Ice/UserExceptionFactory.h ../../../include/Ice/FactoryTable.h ../../../include/Ice/FactoryTableDef.h ../../../include/IceUtil/StaticMutex.h ../../../include/Ice/UserExceptionFactoryF.h ../../../include/Ice/FacetMap.h ../../../include/Ice/Locator.h ../../../include/Ice/ProcessF.h ../../../include/Ice/ServantLocator.h ../../../include/Ice/IdentityUtil.h ../../../include/Ice/OutgoingAsync.h ../../../include/Ice/Process.h ../../../include/Ice/Application.h ../../../include/Ice/Connection.h ../../../include/Ice/Functional.h ../../../include/IceUtil/Functional.h ../../../include/Ice/Stream.h ../../../include/IceSSL/Plugin.h ../../../include/Ice/Plugin.h ../../include/TestCommon.h ./Test.h
+Test.o: Test.cpp ./Test.h ../../../include/Ice/LocalObjectF.h ../../../include/Ice/Handle.h ../../../include/IceUtil/Handle.h ../../../include/IceUtil/Exception.h ../../../include/IceUtil/Config.h ../../../include/Ice/Config.h ../../../include/Ice/ProxyHandle.h ../../../include/Ice/ProxyF.h ../../../include/Ice/ObjectF.h ../../../include/Ice/Exception.h ../../../include/Ice/LocalObject.h ../../../include/IceUtil/Shared.h ../../../include/Ice/Proxy.h ../../../include/IceUtil/Mutex.h ../../../include/IceUtil/Lock.h ../../../include/IceUtil/ThreadException.h ../../../include/Ice/ProxyFactoryF.h ../../../include/Ice/ConnectionIF.h ../../../include/Ice/EndpointIF.h ../../../include/Ice/Endpoint.h ../../../include/Ice/UndefSysMacros.h ../../../include/Ice/ObjectAdapterF.h ../../../include/Ice/ReferenceF.h ../../../include/Ice/OutgoingAsyncF.h ../../../include/Ice/Current.h ../../../include/Ice/ConnectionF.h ../../../include/Ice/Identity.h ../../../include/Ice/StreamF.h ../../../include/Ice/CommunicatorF.h ../../../include/Ice/Object.h ../../../include/Ice/GCShared.h ../../../include/Ice/GCRecMutex.h ../../../include/IceUtil/RecMutex.h ../../../include/Ice/IncomingAsyncF.h ../../../include/Ice/Outgoing.h ../../../include/IceUtil/Monitor.h ../../../include/IceUtil/Cond.h ../../../include/IceUtil/Time.h ../../../include/Ice/BasicStream.h ../../../include/Ice/InstanceF.h ../../../include/Ice/ObjectFactoryF.h ../../../include/Ice/Buffer.h ../../../include/Ice/Protocol.h ../../../include/IceUtil/AutoArray.h ../../../include/Ice/Incoming.h ../../../include/Ice/ServantLocatorF.h ../../../include/Ice/ServantManagerF.h ../../../include/Ice/Direct.h ../../../include/Ice/LocalException.h ../../../include/Ice/BuiltinSequences.h ../../../include/Ice/ObjectFactory.h ../../../include/IceUtil/Iterator.h
+TestI.o: TestI.cpp ../../../include/Ice/Ice.h ../../../include/Ice/GCRecMutex.h ../../../include/IceUtil/RecMutex.h ../../../include/IceUtil/Config.h ../../../include/IceUtil/Lock.h ../../../include/IceUtil/ThreadException.h ../../../include/IceUtil/Exception.h ../../../include/Ice/Config.h ../../../include/Ice/GCShared.h ../../../include/Ice/GC.h ../../../include/IceUtil/Thread.h ../../../include/IceUtil/Shared.h ../../../include/IceUtil/Handle.h ../../../include/IceUtil/Mutex.h ../../../include/IceUtil/Monitor.h ../../../include/IceUtil/Cond.h ../../../include/IceUtil/Time.h ../../../include/Ice/Initialize.h ../../../include/Ice/CommunicatorF.h ../../../include/Ice/LocalObjectF.h ../../../include/Ice/Handle.h ../../../include/Ice/ProxyHandle.h ../../../include/Ice/ProxyF.h ../../../include/Ice/ObjectF.h ../../../include/Ice/Exception.h ../../../include/Ice/LocalObject.h ../../../include/Ice/UndefSysMacros.h ../../../include/Ice/PropertiesF.h ../../../include/Ice/InstanceF.h ../../../include/Ice/LoggerF.h ../../../include/Ice/StreamF.h ../../../include/Ice/BuiltinSequences.h ../../../include/Ice/Proxy.h ../../../include/Ice/ProxyFactoryF.h ../../../include/Ice/ConnectionIF.h ../../../include/Ice/EndpointIF.h ../../../include/Ice/Endpoint.h ../../../include/Ice/ObjectAdapterF.h ../../../include/Ice/ReferenceF.h ../../../include/Ice/OutgoingAsyncF.h ../../../include/Ice/Current.h ../../../include/Ice/ConnectionF.h ../../../include/Ice/Identity.h ../../../include/Ice/LocalException.h ../../../include/Ice/Properties.h ../../../include/Ice/Logger.h ../../../include/Ice/LoggerUtil.h ../../../include/Ice/Stats.h ../../../include/Ice/Communicator.h ../../../include/Ice/StatsF.h ../../../include/Ice/ObjectFactoryF.h ../../../include/Ice/RouterF.h ../../../include/Ice/LocatorF.h ../../../include/Ice/PluginF.h ../../../include/Ice/ObjectFactory.h ../../../include/Ice/ObjectAdapter.h ../../../include/Ice/Object.h ../../../include/Ice/IncomingAsyncF.h ../../../include/Ice/Outgoing.h ../../../include/Ice/BasicStream.h ../../../include/Ice/Buffer.h ../../../include/Ice/Protocol.h ../../../include/IceUtil/AutoArray.h ../../../include/Ice/Incoming.h ../../../include/Ice/ServantLocatorF.h ../../../include/Ice/ServantManagerF.h ../../../include/Ice/IncomingAsync.h ../../../include/Ice/Direct.h ../../../include/Ice/UserExceptionFactory.h ../../../include/Ice/FactoryTable.h ../../../include/Ice/FactoryTableDef.h ../../../include/IceUtil/StaticMutex.h ../../../include/Ice/UserExceptionFactoryF.h ../../../include/Ice/FacetMap.h ../../../include/Ice/Locator.h ../../../include/Ice/ProcessF.h ../../../include/Ice/ServantLocator.h ../../../include/Ice/IdentityUtil.h ../../../include/Ice/OutgoingAsync.h ../../../include/Ice/Process.h ../../../include/Ice/Application.h ../../../include/Ice/Connection.h ../../../include/Ice/Functional.h ../../../include/IceUtil/Functional.h ../../../include/Ice/Stream.h ./TestI.h ./Test.h
+Server.o: Server.cpp ../../../include/Ice/Ice.h ../../../include/Ice/GCRecMutex.h ../../../include/IceUtil/RecMutex.h ../../../include/IceUtil/Config.h ../../../include/IceUtil/Lock.h ../../../include/IceUtil/ThreadException.h ../../../include/IceUtil/Exception.h ../../../include/Ice/Config.h ../../../include/Ice/GCShared.h ../../../include/Ice/GC.h ../../../include/IceUtil/Thread.h ../../../include/IceUtil/Shared.h ../../../include/IceUtil/Handle.h ../../../include/IceUtil/Mutex.h ../../../include/IceUtil/Monitor.h ../../../include/IceUtil/Cond.h ../../../include/IceUtil/Time.h ../../../include/Ice/Initialize.h ../../../include/Ice/CommunicatorF.h ../../../include/Ice/LocalObjectF.h ../../../include/Ice/Handle.h ../../../include/Ice/ProxyHandle.h ../../../include/Ice/ProxyF.h ../../../include/Ice/ObjectF.h ../../../include/Ice/Exception.h ../../../include/Ice/LocalObject.h ../../../include/Ice/UndefSysMacros.h ../../../include/Ice/PropertiesF.h ../../../include/Ice/InstanceF.h ../../../include/Ice/LoggerF.h ../../../include/Ice/StreamF.h ../../../include/Ice/BuiltinSequences.h ../../../include/Ice/Proxy.h ../../../include/Ice/ProxyFactoryF.h ../../../include/Ice/ConnectionIF.h ../../../include/Ice/EndpointIF.h ../../../include/Ice/Endpoint.h ../../../include/Ice/ObjectAdapterF.h ../../../include/Ice/ReferenceF.h ../../../include/Ice/OutgoingAsyncF.h ../../../include/Ice/Current.h ../../../include/Ice/ConnectionF.h ../../../include/Ice/Identity.h ../../../include/Ice/LocalException.h ../../../include/Ice/Properties.h ../../../include/Ice/Logger.h ../../../include/Ice/LoggerUtil.h ../../../include/Ice/Stats.h ../../../include/Ice/Communicator.h ../../../include/Ice/StatsF.h ../../../include/Ice/ObjectFactoryF.h ../../../include/Ice/RouterF.h ../../../include/Ice/LocatorF.h ../../../include/Ice/PluginF.h ../../../include/Ice/ObjectFactory.h ../../../include/Ice/ObjectAdapter.h ../../../include/Ice/Object.h ../../../include/Ice/IncomingAsyncF.h ../../../include/Ice/Outgoing.h ../../../include/Ice/BasicStream.h ../../../include/Ice/Buffer.h ../../../include/Ice/Protocol.h ../../../include/IceUtil/AutoArray.h ../../../include/Ice/Incoming.h ../../../include/Ice/ServantLocatorF.h ../../../include/Ice/ServantManagerF.h ../../../include/Ice/IncomingAsync.h ../../../include/Ice/Direct.h ../../../include/Ice/UserExceptionFactory.h ../../../include/Ice/FactoryTable.h ../../../include/Ice/FactoryTableDef.h ../../../include/IceUtil/StaticMutex.h ../../../include/Ice/UserExceptionFactoryF.h ../../../include/Ice/FacetMap.h ../../../include/Ice/Locator.h ../../../include/Ice/ProcessF.h ../../../include/Ice/ServantLocator.h ../../../include/Ice/IdentityUtil.h ../../../include/Ice/OutgoingAsync.h ../../../include/Ice/Process.h ../../../include/Ice/Application.h ../../../include/Ice/Connection.h ../../../include/Ice/Functional.h ../../../include/IceUtil/Functional.h ../../../include/Ice/Stream.h ./TestI.h ./Test.h
+Test.cpp: Test.ice
diff --git a/cpp/test/IceSSL/configuration/AllTests.cpp b/cpp/test/IceSSL/configuration/AllTests.cpp
new file mode 100644
index 00000000000..f08674c7d19
--- /dev/null
+++ b/cpp/test/IceSSL/configuration/AllTests.cpp
@@ -0,0 +1,838 @@
+// **********************************************************************
+//
+// Copyright (c) 2003-2006 ZeroC, Inc. All rights reserved.
+//
+// This copy of Ice is licensed to you under the terms described in the
+// ICE_LICENSE file included in this distribution.
+//
+// **********************************************************************
+
+#include <Ice/Ice.h>
+#include <IceSSL/Plugin.h>
+#include <TestCommon.h>
+#include <Test.h>
+
+using namespace std;
+using namespace Ice;
+
+class PasswordPromptI : public IceSSL::PasswordPrompt
+{
+public:
+
+    PasswordPromptI(const string& password) : _password(password), _count(0)
+    {
+    }
+
+    virtual string getPassword()
+    {
+	++_count; 
+	return _password;
+    }
+
+    int count() const
+    {
+	return _count;
+    }
+
+private:
+
+    string _password;
+    int _count;
+};
+typedef IceUtil::Handle<PasswordPromptI> PasswordPromptIPtr;
+
+class CertificateVerifierI : public IceSSL::CertificateVerifier
+{
+public:
+
+    CertificateVerifierI()
+    {
+	reset();
+    }
+
+    virtual void verify(IceSSL::VerifyInfo& info)
+    {
+	if(info.cert)
+	{
+	    test(find(info.dnsNames.begin(), info.dnsNames.end(), "server") != info.dnsNames.end());
+	    test(find(info.ipAddresses.begin(), info.ipAddresses.end(), "127.0.0.1") != info.ipAddresses.end());
+	}
+
+	_incoming = info.incoming;
+	_hadCert = info.cert != 0;
+	_invoked = true;
+
+	if(_throwException)
+	{
+	    throw SecurityException(__FILE__, __LINE__);
+	}
+    }
+
+    void reset()
+    {
+	_throwException = false;
+       	_invoked = false;
+	_incoming = false;
+	_hadCert = false;
+    }
+
+    void throwException(bool b)
+    {
+	_throwException = b;
+    }
+
+    bool invoked() const
+    {
+	return _invoked;
+    }
+
+    bool incoming() const
+    {
+	return _incoming;
+    }
+
+    bool hadCert() const
+    {
+	return _hadCert;
+    }
+
+private:
+
+    bool _throwException;
+    bool _invoked;
+    bool _incoming;
+    bool _hadCert;
+};
+typedef IceUtil::Handle<CertificateVerifierI> CertificateVerifierIPtr;
+
+static PropertiesPtr
+createClientProps(const string& defaultHost)
+{
+    PropertiesPtr result = createProperties();
+    result->setProperty("Ice.Plugin.IceSSL", "IceSSL:create");
+    if(!defaultHost.empty())
+    {
+	result->setProperty("Ice.Default.Host", defaultHost);
+    }
+    return result;
+}
+
+static Test::Properties
+createServerProps(const string& defaultHost)
+{
+    Test::Properties result;
+    result["Ice.Plugin.IceSSL"] = "IceSSL:create";
+    if(!defaultHost.empty())
+    {
+	result["Ice.Default.Host"] = defaultHost;
+    }
+    return result;
+}
+
+void
+allTests(const CommunicatorPtr& communicator, const string& testDir)
+{
+    string factoryRef = "factory:tcp -p 12010 -t 10000";
+    ObjectPrx base = communicator->stringToProxy(factoryRef);
+    test(base);
+    Test::ServerFactoryPrx factory = Test::ServerFactoryPrx::checkedCast(base);
+
+    string defaultHost = communicator->getProperties()->getProperty("Ice.Default.Host");
+    string defaultDir = testDir + "/../certs";
+#ifdef _WIN32
+    string sep = ";";
+#else
+    string sep = ":";
+#endif
+
+    int argc = 0;
+    char* argv[] = { "" };
+
+    cout << "testing manual initialization... " << flush;
+    {
+	PropertiesPtr props = createClientProps(defaultHost);
+	props->setProperty("IceSSL.DelayInit", "1");
+	CommunicatorPtr comm = initializeWithProperties(argc, argv, props);
+	ObjectPrx p = comm->stringToProxy("dummy:ssl -p 9999");
+	try
+	{
+	    p->ice_ping();
+	    test(false);
+	}
+	catch(const PluginInitializationException&)
+	{
+	    // Expected.
+	}
+	catch(const LocalException&)
+	{
+	    test(false);
+	}
+	comm->destroy();
+    }
+    {
+	PropertiesPtr props = createClientProps(defaultHost);
+	props->setProperty("IceSSL.DelayInit", "1");
+	props->setProperty("IceSSL.Client.Ciphers", "ADH");
+	props->setProperty("IceSSL.Client.VerifyPeer", "0");
+	CommunicatorPtr comm = initializeWithProperties(argc, argv, props);
+	IceSSL::PluginPtr plugin =
+	    IceSSL::PluginPtr::dynamicCast(comm->getPluginManager()->getPlugin("IceSSL"));
+	test(plugin);
+	plugin->initialize();
+	ObjectPrx obj = comm->stringToProxy(factoryRef);
+	test(obj);
+	Test::ServerFactoryPrx fact = Test::ServerFactoryPrx::checkedCast(obj);
+	Test::Properties d = createServerProps(defaultHost);
+	d["IceSSL.Server.Ciphers"] = "ADH";
+	d["IceSSL.Server.VerifyPeer"] = "0";
+	Test::ServerPrx server = fact->createServer(d);
+	try
+	{
+	    server->ice_ping();
+	    fact->destroyServer(server);
+	}
+	catch(const LocalException&)
+	{
+	    test(false);
+	}
+	comm->destroy();
+    }
+    cout << "ok" << endl;
+
+    cout << "testing certificate verification... " << flush;
+    {
+	//
+	// Test IceSSL.Server.VerifyPeer=0. Client does not have a certificate,
+	// but it still verifies the server's.
+	//
+	PropertiesPtr props = createClientProps(defaultHost);
+	props->setProperty("IceSSL.Client.VerifyPeer", "0");
+	props->setProperty("IceSSL.Client.CertAuthFile", "cacert1.pem");
+	props->setProperty("IceSSL.Client.DefaultDir", defaultDir);
+	CommunicatorPtr comm = initializeWithProperties(argc, argv, props);
+	Test::ServerFactoryPrx fact = Test::ServerFactoryPrx::checkedCast(comm->stringToProxy(factoryRef));
+	test(fact);
+	Test::Properties d = createServerProps(defaultHost);
+	d["IceSSL.Server.DefaultDir"] = defaultDir;
+	d["IceSSL.Server.CertAuthFile"] = "cacert1.pem";
+	d["IceSSL.Server.CertFile"] = "s_rsa_nopass_ca1_pub.pem";
+	d["IceSSL.Server.KeyFile"] = "s_rsa_nopass_ca1_priv.pem";
+	d["IceSSL.Server.VerifyPeer"] = "0";
+	Test::ServerPrx server = fact->createServer(d);
+	try
+	{
+	    server->ice_ping();
+	}
+	catch(const LocalException&)
+	{
+	    test(false);
+	}
+	fact->destroyServer(server);
+
+	//
+	// Test IceSSL.Server.VerifyPeer=1. Client does not have a certificate.
+	//
+	d = createServerProps(defaultHost);
+	d["IceSSL.Server.DefaultDir"] = defaultDir;
+	d["IceSSL.Server.CertAuthFile"] = "cacert1.pem";
+	d["IceSSL.Server.CertFile"] = "s_rsa_nopass_ca1_pub.pem";
+	d["IceSSL.Server.KeyFile"] = "s_rsa_nopass_ca1_priv.pem";
+	d["IceSSL.Server.VerifyPeer"] = "1";
+	server = fact->createServer(d);
+	try
+	{
+	    server->ice_ping();
+	}
+	catch(const LocalException&)
+	{
+	    test(false);
+	}
+	fact->destroyServer(server);
+
+	//
+	// Test IceSSL.Server.VerifyPeer=2. This should fail because the client
+	// does not supply a certificate.
+	//
+	d = createServerProps(defaultHost);
+	d["IceSSL.Server.DefaultDir"] = defaultDir;
+	d["IceSSL.Server.CertAuthFile"] = "cacert1.pem";
+	d["IceSSL.Server.CertFile"] = "s_rsa_nopass_ca1_pub.pem";
+	d["IceSSL.Server.KeyFile"] = "s_rsa_nopass_ca1_priv.pem";
+	d["IceSSL.Server.VerifyPeer"] = "2";
+	server = fact->createServer(d);
+	try
+	{
+	    server->ice_ping();
+	    test(false);
+	}
+	catch(const ProtocolException&)
+	{
+	    // Expected.
+	}
+	catch(const LocalException&)
+	{
+	    test(false);
+	}
+	fact->destroyServer(server);
+
+	comm->destroy();
+
+	//
+	// Test IceSSL.Server.VerifyPeer=1. Client has a certificate.
+	//
+	props->setProperty("IceSSL.Client.CertFile", "c_rsa_nopass_ca1_pub.pem");
+	props->setProperty("IceSSL.Client.KeyFile", "c_rsa_nopass_ca1_priv.pem");
+	comm = initializeWithProperties(argc, argv, props);
+	fact = Test::ServerFactoryPrx::checkedCast(comm->stringToProxy(factoryRef));
+	test(fact);
+	d = createServerProps(defaultHost);
+	d["IceSSL.Server.DefaultDir"] = defaultDir;
+	d["IceSSL.Server.CertAuthFile"] = "cacert1.pem";
+	d["IceSSL.Server.CertFile"] = "s_rsa_nopass_ca1_pub.pem";
+	d["IceSSL.Server.KeyFile"] = "s_rsa_nopass_ca1_priv.pem";
+	d["IceSSL.Server.VerifyPeer"] = "1";
+	server = fact->createServer(d);
+	try
+	{
+	    server->ice_ping();
+	}
+	catch(const LocalException&)
+	{
+	    test(false);
+	}
+	fact->destroyServer(server);
+
+	//
+	// Test IceSSL.Server.VerifyPeer=2. Client has a certificate.
+	//
+	d = createServerProps(defaultHost);
+	d["IceSSL.Server.DefaultDir"] = defaultDir;
+	d["IceSSL.Server.CertAuthFile"] = "cacert1.pem";
+	d["IceSSL.Server.CertFile"] = "s_rsa_nopass_ca1_pub.pem";
+	d["IceSSL.Server.KeyFile"] = "s_rsa_nopass_ca1_priv.pem";
+	d["IceSSL.Server.VerifyPeer"] = "2";
+	server = fact->createServer(d);
+	try
+	{
+	    server->ice_ping();
+	}
+	catch(const LocalException&)
+	{
+	    test(false);
+	}
+	fact->destroyServer(server);
+
+	comm->destroy();
+
+	//
+	// Test IceSSL.Server.VerifyPeer=1. This should fail because the
+	// client doesn't trust the server's CA.
+	//
+	props->setProperty("IceSSL.Client.CertAuthFile", "cacert2.pem");
+	props->setProperty("IceSSL.Client.CertFile", "c_rsa_nopass_ca2_pub.pem");
+	props->setProperty("IceSSL.Client.KeyFile", "c_rsa_nopass_ca2_priv.pem");
+	comm = initializeWithProperties(argc, argv, props);
+	fact = Test::ServerFactoryPrx::checkedCast(comm->stringToProxy(factoryRef));
+	test(fact);
+	d = createServerProps(defaultHost);
+	d["IceSSL.Server.DefaultDir"] = defaultDir;
+	d["IceSSL.Server.CertAuthFile"] = "cacert1.pem";
+	d["IceSSL.Server.CertFile"] = "s_rsa_nopass_ca1_pub.pem";
+	d["IceSSL.Server.KeyFile"] = "s_rsa_nopass_ca1_priv.pem";
+	d["IceSSL.Server.VerifyPeer"] = "1";
+	server = fact->createServer(d);
+	try
+	{
+	    server->ice_ping();
+	    test(false);
+	}
+	catch(const ProtocolException&)
+	{
+	    // Expected.
+	}
+	catch(const LocalException&)
+	{
+	    test(false);
+	}
+	fact->destroyServer(server);
+
+	comm->destroy();
+
+	//
+	// Test IceSSL.Server.VerifyPeer=1. This should fail because the
+	// server doesn't trust the client's CA.
+	//
+	props->setProperty("IceSSL.Client.CertAuthFile", "cacert1.pem");
+	props->setProperty("IceSSL.Client.CertFile", "c_rsa_nopass_ca2_pub.pem");
+	props->setProperty("IceSSL.Client.KeyFile", "c_rsa_nopass_ca2_priv.pem");
+	comm = initializeWithProperties(argc, argv, props);
+	fact = Test::ServerFactoryPrx::checkedCast(comm->stringToProxy(factoryRef));
+	test(fact);
+	d = createServerProps(defaultHost);
+	d["IceSSL.Server.DefaultDir"] = defaultDir;
+	d["IceSSL.Server.CertAuthFile"] = "cacert1.pem";
+	d["IceSSL.Server.CertFile"] = "s_rsa_nopass_ca1_pub.pem";
+	d["IceSSL.Server.KeyFile"] = "s_rsa_nopass_ca1_priv.pem";
+	d["IceSSL.Server.VerifyPeer"] = "1";
+	server = fact->createServer(d);
+	try
+	{
+	    server->ice_ping();
+	    test(false);
+	}
+	catch(const ProtocolException&)
+	{
+	    // Expected.
+	}
+	catch(const LocalException&)
+	{
+	    test(false);
+	}
+	fact->destroyServer(server);
+
+	comm->destroy();
+    }
+    cout << "ok" << endl;
+
+    cout << "testing custom certificate verifier... " << flush;
+    {
+	//
+	// ADH is allowed but will not have a certificate.
+	//
+	PropertiesPtr props = createClientProps(defaultHost);
+	props->setProperty("IceSSL.Client.Ciphers", "ADH");
+	props->setProperty("IceSSL.Client.VerifyPeer", "0");
+	CommunicatorPtr comm = initializeWithProperties(argc, argv, props);
+	IceSSL::PluginPtr plugin =
+	    IceSSL::PluginPtr::dynamicCast(comm->getPluginManager()->getPlugin("IceSSL"));
+	test(plugin);
+	CertificateVerifierIPtr verifier = new CertificateVerifierI;
+	plugin->setCertificateVerifier(verifier);
+
+	Test::ServerFactoryPrx fact = Test::ServerFactoryPrx::checkedCast(comm->stringToProxy(factoryRef));
+	test(fact);
+	Test::Properties d = createServerProps(defaultHost);
+	d["IceSSL.Server.Ciphers"] = "ADH";
+	d["IceSSL.Server.VerifyPeer"] = "0";
+	Test::ServerPrx server = fact->createServer(d);
+	try
+	{
+	    server->ice_ping();
+	}
+	catch(const LocalException&)
+	{
+	    test(false);
+	}
+	test(verifier->invoked());
+	test(!verifier->incoming());
+	test(!verifier->hadCert());
+
+	//
+	// Have the verifier raise an exception. Close the connection explicitly
+	// to force a new connection to be established.
+	//
+	verifier->reset();
+	verifier->throwException(true);
+	server->ice_connection()->close(false);
+	try
+	{
+	    server->ice_ping();
+	    test(false);
+	}
+	catch(const SecurityException&)
+	{
+	    // Expected.
+	}
+	catch(const LocalException&)
+	{
+	    test(false);
+	}
+	test(verifier->invoked());
+	test(!verifier->incoming());
+	test(!verifier->hadCert());
+	verifier->throwException(false);
+	fact->destroyServer(server);
+
+	comm->destroy();
+    }
+    cout << "ok" << endl;
+
+    cout << "testing protocols... " << flush;
+    {
+	//
+	// This should fail because the client and server have no protocol
+	// in common.
+	//
+	PropertiesPtr props = createClientProps(defaultHost);
+	props->setProperty("IceSSL.Client.Ciphers", "ADH");
+	props->setProperty("IceSSL.Client.VerifyPeer", "0");
+	props->setProperty("IceSSL.Client.Protocols", "ssl3");
+	CommunicatorPtr comm = initializeWithProperties(argc, argv, props);
+	Test::ServerFactoryPrx fact = Test::ServerFactoryPrx::checkedCast(comm->stringToProxy(factoryRef));
+	test(fact);
+	Test::Properties d = createServerProps(defaultHost);
+	d["IceSSL.Server.Ciphers"] = "ADH";
+	d["IceSSL.Server.VerifyPeer"] = "0";
+	d["IceSSL.Server.Protocols"] = "tls1";
+	Test::ServerPrx server = fact->createServer(d);
+	try
+	{
+	    server->ice_ping();
+	    test(false);
+	}
+	catch(const ConnectionLostException&)
+	{
+	    // Expected.
+	}
+	catch(const LocalException&)
+	{
+	    test(false);
+	}
+	comm->destroy();
+
+	//
+	// This should succeed.
+	//
+	comm = initializeWithProperties(argc, argv, props);
+	fact = Test::ServerFactoryPrx::checkedCast(comm->stringToProxy(factoryRef));
+	test(fact);
+	d = createServerProps(defaultHost);
+	d["IceSSL.Server.Ciphers"] = "ADH";
+	d["IceSSL.Server.VerifyPeer"] = "0";
+	d["IceSSL.Server.Protocols"] = "tls1, ssl3";
+	server = fact->createServer(d);
+	try
+	{
+	    server->ice_ping();
+	}
+	catch(const LocalException&)
+	{
+	    test(false);
+	}
+	comm->destroy();
+    }
+    cout << "ok" << endl;
+
+    cout << "testing expired certificates... " << flush;
+    {
+	//
+	// This should fail because the server's certificate is expired.
+	//
+	PropertiesPtr props = createClientProps(defaultHost);
+	props->setProperty("IceSSL.Client.DefaultDir", defaultDir);
+	props->setProperty("IceSSL.Client.CertAuthFile", "cacert1.pem");
+	props->setProperty("IceSSL.Client.CertFile", "c_rsa_nopass_ca1_pub.pem");
+	props->setProperty("IceSSL.Client.KeyFile", "c_rsa_nopass_ca1_priv.pem");
+	CommunicatorPtr comm = initializeWithProperties(argc, argv, props);
+	Test::ServerFactoryPrx fact = Test::ServerFactoryPrx::checkedCast(comm->stringToProxy(factoryRef));
+	test(fact);
+	Test::Properties d = createServerProps(defaultHost);
+	d["IceSSL.Server.DefaultDir"] = defaultDir;
+	d["IceSSL.Server.CertAuthFile"] = "cacert1.pem";
+	d["IceSSL.Server.CertFile"] = "s_rsa_nopass_ca1_exp_pub.pem";
+	d["IceSSL.Server.KeyFile"] = "s_rsa_nopass_ca1_exp_priv.pem";
+	Test::ServerPrx server = fact->createServer(d);
+	try
+	{
+	    server->ice_ping();
+	    test(false);
+	}
+	catch(const ProtocolException&)
+	{
+	    // Expected.
+	}
+	catch(const LocalException&)
+	{
+	    test(false);
+	}
+	fact->destroyServer(server);
+	comm->destroy();
+
+	//
+	// This should fail because the client's certificate is expired.
+	//
+	props->setProperty("IceSSL.Client.CertFile", "c_rsa_nopass_ca1_exp_pub.pem");
+	props->setProperty("IceSSL.Client.KeyFile", "c_rsa_nopass_ca1_exp_priv.pem");
+	comm = initializeWithProperties(argc, argv, props);
+	fact = Test::ServerFactoryPrx::checkedCast(comm->stringToProxy(factoryRef));
+	test(fact);
+	d = createServerProps(defaultHost);
+	d["IceSSL.Server.DefaultDir"] = defaultDir;
+	d["IceSSL.Server.CertAuthFile"] = "cacert1.pem";
+	d["IceSSL.Server.CertFile"] = "s_rsa_nopass_ca1_pub.pem";
+	d["IceSSL.Server.KeyFile"] = "s_rsa_nopass_ca1_priv.pem";
+	server = fact->createServer(d);
+	try
+	{
+	    server->ice_ping();
+	    test(false);
+	}
+	catch(const ProtocolException&)
+	{
+	    // Expected.
+	}
+	catch(const LocalException&)
+	{
+	    test(false);
+	}
+	fact->destroyServer(server);
+	comm->destroy();
+    }
+    cout << "ok" << endl;
+
+    cout << "testing CA certificate directory... " << flush;
+    {
+	//
+	// Don't specify CertAuthFile explicitly; we let OpenSSL find the CA
+	// certificate in the default directory.
+	//
+	PropertiesPtr props = createClientProps(defaultHost);
+	props->setProperty("IceSSL.Client.DefaultDir", defaultDir);
+	props->setProperty("IceSSL.Client.CertFile", "c_rsa_nopass_ca1_pub.pem");
+	props->setProperty("IceSSL.Client.KeyFile", "c_rsa_nopass_ca1_priv.pem");
+	CommunicatorPtr comm = initializeWithProperties(argc, argv, props);
+	Test::ServerFactoryPrx fact = Test::ServerFactoryPrx::checkedCast(comm->stringToProxy(factoryRef));
+	test(fact);
+	Test::Properties d = createServerProps(defaultHost);
+	d["IceSSL.Server.DefaultDir"] = defaultDir;
+	d["IceSSL.Server.CertFile"] = "s_rsa_nopass_ca1_pub.pem";
+	d["IceSSL.Server.KeyFile"] = "s_rsa_nopass_ca1_priv.pem";
+	Test::ServerPrx server = fact->createServer(d);
+	try
+	{
+	    server->ice_ping();
+	}
+	catch(const LocalException&)
+	{
+	    test(false);
+	}
+	fact->destroyServer(server);
+	comm->destroy();
+    }
+    cout << "ok" << endl;
+
+    cout << "testing password prompt... " << flush;
+    {
+	//
+	// Use the correct password.
+	//
+	PropertiesPtr props = createClientProps(defaultHost);
+	props->setProperty("IceSSL.Client.DefaultDir", defaultDir);
+	props->setProperty("IceSSL.Client.CertFile", "c_rsa_pass_ca1_pub.pem");
+	props->setProperty("IceSSL.Client.KeyFile", "c_rsa_pass_ca1_priv.pem");
+	props->setProperty("IceSSL.DelayInit", "1");
+	CommunicatorPtr comm = initializeWithProperties(argc, argv, props);
+	IceSSL::PluginPtr plugin =
+	    IceSSL::PluginPtr::dynamicCast(comm->getPluginManager()->getPlugin("IceSSL"));
+	test(plugin);
+	PasswordPromptIPtr prompt = new PasswordPromptI("client");
+	plugin->setPasswordPrompt(prompt);
+	plugin->initialize();
+	test(prompt->count() == 1);
+	Test::ServerFactoryPrx fact = Test::ServerFactoryPrx::checkedCast(comm->stringToProxy(factoryRef));
+	test(fact);
+	Test::Properties d = createServerProps(defaultHost);
+	d["IceSSL.Server.DefaultDir"] = defaultDir;
+	d["IceSSL.Server.CertFile"] = "s_rsa_nopass_ca1_pub.pem";
+	d["IceSSL.Server.KeyFile"] = "s_rsa_nopass_ca1_priv.pem";
+	Test::ServerPrx server = fact->createServer(d);
+	try
+	{
+	    server->ice_ping();
+	}
+	catch(const LocalException&)
+	{
+	    test(false);
+	}
+	fact->destroyServer(server);
+	comm->destroy();
+
+	//
+	// Use an incorrect password and check that retries are attempted.
+	//
+	props = createClientProps(defaultHost);
+	props->setProperty("IceSSL.Client.DefaultDir", defaultDir);
+	props->setProperty("IceSSL.Client.CertFile", "c_rsa_pass_ca1_pub.pem");
+	props->setProperty("IceSSL.Client.KeyFile", "c_rsa_pass_ca1_priv.pem");
+	props->setProperty("IceSSL.Client.PasswordRetryMax", "4");
+	props->setProperty("IceSSL.DelayInit", "1");
+	comm = initializeWithProperties(argc, argv, props);
+	plugin = IceSSL::PluginPtr::dynamicCast(comm->getPluginManager()->getPlugin("IceSSL"));
+	test(plugin);
+	prompt = new PasswordPromptI("invalid");
+	plugin->setPasswordPrompt(prompt);
+	try
+	{
+	    plugin->initialize();
+	}
+	catch(const PluginInitializationException&)
+	{
+	    // Expected.
+	}
+	catch(const LocalException&)
+	{
+	    test(false);
+	}
+	test(prompt->count() == 4);
+	comm->destroy();
+    }
+    cout << "ok" << endl;
+
+    cout << "testing ciphers... " << flush;
+    {
+	//
+	// The server has a certificate but the client doesn't. They should
+	// negotiate to use ADH since we explicitly enable it.
+	//
+	PropertiesPtr props = createClientProps(defaultHost);
+	props->setProperty("IceSSL.Client.Ciphers", "ADH");
+	CommunicatorPtr comm = initializeWithProperties(argc, argv, props);
+	Test::ServerFactoryPrx fact = Test::ServerFactoryPrx::checkedCast(comm->stringToProxy(factoryRef));
+	test(fact);
+	Test::Properties d = createServerProps(defaultHost);
+	d["IceSSL.Server.DefaultDir"] = defaultDir;
+	d["IceSSL.Server.CertFile"] = "s_rsa_nopass_ca1_pub.pem";
+	d["IceSSL.Server.KeyFile"] = "s_rsa_nopass_ca1_priv.pem";
+	d["IceSSL.Server.Ciphers"] = "RSA:ADH";
+	d["IceSSL.Server.VerifyPeer"] = "1";
+	Test::ServerPrx server = fact->createServer(d);
+	try
+	{
+	    server->ice_ping();
+	}
+	catch(const LocalException& ex)
+	{
+	    cout << ex << endl;
+	    test(false);
+	}
+	fact->destroyServer(server);
+	comm->destroy();
+    }
+    {
+	//
+	// Configure a server with RSA and DSA certificates.
+	//
+	// First try a client with a DSA certificate.
+	//
+	PropertiesPtr props = createClientProps(defaultHost);
+	props->setProperty("IceSSL.Client.DefaultDir", defaultDir);
+	props->setProperty("IceSSL.Client.CertFile", "c_dsa_nopass_ca1_pub.pem");
+	props->setProperty("IceSSL.Client.KeyFile", "c_dsa_nopass_ca1_priv.pem");
+	props->setProperty("IceSSL.Client.Ciphers", "DEFAULT:DSS");
+	CommunicatorPtr comm = initializeWithProperties(argc, argv, props);
+	Test::ServerFactoryPrx fact = Test::ServerFactoryPrx::checkedCast(comm->stringToProxy(factoryRef));
+	test(fact);
+	Test::Properties d = createServerProps(defaultHost);
+	d["IceSSL.Server.DefaultDir"] = defaultDir;
+	d["IceSSL.Server.CertFile"] = "s_rsa_nopass_ca1_pub.pem" + sep + "s_dsa_nopass_ca1_pub.pem";
+	d["IceSSL.Server.KeyFile"] = "s_rsa_nopass_ca1_priv.pem" + sep + "s_dsa_nopass_ca1_priv.pem";
+	d["IceSSL.Server.Ciphers"] = "DEFAULT:DSS";
+	d["IceSSL.Server.VerifyPeer"] = "1";
+	Test::ServerPrx server = fact->createServer(d);
+	try
+	{
+	    server->ice_ping();
+	}
+	catch(const LocalException&)
+	{
+	    test(false);
+	}
+	fact->destroyServer(server);
+	comm->destroy();
+
+	//
+	// Next try a client with an RSA certificate.
+	//
+	props = createClientProps(defaultHost);
+	props->setProperty("IceSSL.Client.DefaultDir", defaultDir);
+	props->setProperty("IceSSL.Client.CertFile", "c_rsa_nopass_ca1_pub.pem");
+	props->setProperty("IceSSL.Client.KeyFile", "c_rsa_nopass_ca1_priv.pem");
+	comm = initializeWithProperties(argc, argv, props);
+	fact = Test::ServerFactoryPrx::checkedCast(comm->stringToProxy(factoryRef));
+	test(fact);
+	d = createServerProps(defaultHost);
+	d["IceSSL.Server.DefaultDir"] = defaultDir;
+	d["IceSSL.Server.CertFile"] = "s_rsa_nopass_ca1_pub.pem" + sep + "s_dsa_nopass_ca1_pub.pem";
+	d["IceSSL.Server.KeyFile"] = "s_rsa_nopass_ca1_priv.pem" + sep + "s_dsa_nopass_ca1_priv.pem";
+	d["IceSSL.Server.Ciphers"] = "DEFAULT:DSS";
+	d["IceSSL.Server.VerifyPeer"] = "1";
+	server = fact->createServer(d);
+	try
+	{
+	    server->ice_ping();
+	}
+	catch(const LocalException&)
+	{
+	    test(false);
+	}
+	fact->destroyServer(server);
+	comm->destroy();
+
+	//
+	// Next try a client with ADH. This should fail.
+	//
+	props = createClientProps(defaultHost);
+	props->setProperty("IceSSL.Client.Ciphers", "ADH");
+	comm = initializeWithProperties(argc, argv, props);
+	fact = Test::ServerFactoryPrx::checkedCast(comm->stringToProxy(factoryRef));
+	test(fact);
+	d = createServerProps(defaultHost);
+	d["IceSSL.Server.DefaultDir"] = defaultDir;
+	d["IceSSL.Server.CertFile"] = "s_rsa_nopass_ca1_pub.pem" + sep + "s_dsa_nopass_ca1_pub.pem";
+	d["IceSSL.Server.KeyFile"] = "s_rsa_nopass_ca1_priv.pem" + sep + "s_dsa_nopass_ca1_priv.pem";
+	d["IceSSL.Server.Ciphers"] = "DEFAULT:DSS";
+	d["IceSSL.Server.VerifyPeer"] = "1";
+	server = fact->createServer(d);
+	try
+	{
+	    server->ice_ping();
+	    test(false);
+	}
+	catch(const ProtocolException&)
+	{
+	    // Expected.
+	}
+	catch(const LocalException&)
+	{
+	    test(false);
+	}
+	fact->destroyServer(server);
+	comm->destroy();
+    }
+    {
+	//
+	// Configure a server with RSA and a client with DSA. This should fail.
+	//
+	PropertiesPtr props = createClientProps(defaultHost);
+	props->setProperty("IceSSL.Client.DefaultDir", defaultDir);
+	props->setProperty("IceSSL.Client.CertFile", "c_dsa_nopass_ca1_pub.pem");
+	props->setProperty("IceSSL.Client.KeyFile", "c_dsa_nopass_ca1_priv.pem");
+	props->setProperty("IceSSL.Client.Ciphers", "DSS");
+	CommunicatorPtr comm = initializeWithProperties(argc, argv, props);
+	Test::ServerFactoryPrx fact = Test::ServerFactoryPrx::checkedCast(comm->stringToProxy(factoryRef));
+	test(fact);
+	Test::Properties d = createServerProps(defaultHost);
+	d["IceSSL.Server.DefaultDir"] = defaultDir;
+	d["IceSSL.Server.CertFile"] = "s_rsa_nopass_ca1_pub.pem";
+	d["IceSSL.Server.KeyFile"] = "s_rsa_nopass_ca1_priv.pem";
+	Test::ServerPrx server = fact->createServer(d);
+	try
+	{
+	    server->ice_ping();
+	    test(false);
+	}
+	catch(const ProtocolException&)
+	{
+	    // Expected.
+	}
+	catch(const LocalException&)
+	{
+	    test(false);
+	}
+	fact->destroyServer(server);
+	comm->destroy();
+    }
+    cout << "ok" << endl;
+
+    factory->shutdown();
+}
diff --git a/cpp/test/IceSSL/configuration/Client.cpp b/cpp/test/IceSSL/configuration/Client.cpp
new file mode 100644
index 00000000000..bf6e9e23137
--- /dev/null
+++ b/cpp/test/IceSSL/configuration/Client.cpp
@@ -0,0 +1,61 @@
+// **********************************************************************
+//
+// Copyright (c) 2003-2006 ZeroC, Inc. All rights reserved.
+//
+// This copy of Ice is licensed to you under the terms described in the
+// ICE_LICENSE file included in this distribution.
+//
+// **********************************************************************
+
+#include <Ice/Ice.h>
+
+using namespace std;
+
+int
+run(int argc, char* argv[], const Ice::CommunicatorPtr& communicator)
+{
+    if(argc < 2)
+    {
+	cerr << "Usage: " << argv[0] << " testdir" << endl;
+	return 1;
+    }
+
+    void allTests(const Ice::CommunicatorPtr&, const string&);
+
+    allTests(communicator, argv[1]);
+
+    return EXIT_SUCCESS;
+}
+
+int
+main(int argc, char* argv[])
+{
+    int status;
+    Ice::CommunicatorPtr communicator;
+
+    try
+    {
+	communicator = Ice::initialize(argc, argv);
+	status = run(argc, argv, communicator);
+    }
+    catch(const Ice::Exception& ex)
+    {
+	cerr << ex << endl;
+	status = EXIT_FAILURE;
+    }
+
+    if(communicator)
+    {
+	try
+	{
+	    communicator->destroy();
+	}
+	catch(const Ice::Exception& ex)
+	{
+	    cerr << ex << endl;
+	    status = EXIT_FAILURE;
+	}
+    }
+
+    return status;
+}
diff --git a/cpp/test/IceSSL/configuration/Configuration.cpp b/cpp/test/IceSSL/configuration/Configuration.cpp
deleted file mode 100644
index c26336f9426..00000000000
--- a/cpp/test/IceSSL/configuration/Configuration.cpp
+++ /dev/null
@@ -1,223 +0,0 @@
-// **********************************************************************
-//
-// Copyright (c) 2003-2006 ZeroC, Inc. All rights reserved.
-//
-// This copy of Ice is licensed to you under the terms described in the
-// ICE_LICENSE file included in this distribution.
-//
-// **********************************************************************
-
-#include <Ice/Ice.h>
-#include <TestCommon.h>
-#include <IceSSL/Exception.h>
-#include <IceSSL/Plugin.h>
-
-// Note: This test must have a valid IceSSL.Client.CertPath
-//       and IceSSL.Server.CertPath specified.
-
-using namespace std;
-using namespace Ice;
-
-void testContextWithConfig(const Ice::CommunicatorPtr&, IceSSL::ContextType, const std::string&,
-                           const std::string&, bool expectFailure = true);
-
-void
-testContextNoConfig(const Ice::CommunicatorPtr& communicator, IceSSL::ContextType contextType)
-{
-    testContextWithConfig(communicator, contextType, "", "");
-}
-
-void
-testContextWithConfig(const Ice::CommunicatorPtr& communicator,
-                      IceSSL::ContextType contextType,
-                      const std::string& clientFile,
-                      const std::string& serverFile,
-                      bool expectFailure)
-{
-    PropertiesPtr properties = communicator->getProperties();
-
-    Ice::PluginPtr plugin = communicator->getPluginManager()->getPlugin("IceSSL");
-    IceSSL::PluginPtr sslPlugin = IceSSL::PluginPtr::dynamicCast(plugin);
-
-    std::string contextString;
-
-    std::string clientPropertyString = "IceSSL.Client.Config";
-    std::string serverPropertyString = "IceSSL.Server.Config";
-
-    switch(contextType)
-    {
-        case IceSSL::Client:
-        {
-            contextString = "client";
-            break;
-        }
-
-        case IceSSL::Server:
-        {
-            contextString = "server";
-            break;
-        }
-
-        case IceSSL::ClientServer:
-        {
-            contextString = "client/server";
-            break;
-        }
-    }
-
-    std::string configFileDesc = "";
-
-    if(!clientFile.empty() && !serverFile.empty())
-    {
-        configFileDesc = "client and server configuration files";
-    }
-    else if(!clientFile.empty())
-    {
-        configFileDesc = "client configuration file";
-    }
-    else if(!serverFile.empty())
-    {
-        configFileDesc = "server configuration file";
-    }
-    else
-    {
-        configFileDesc = "no configuration file";
-    }
-
-    std::cout << contextString << " with " << configFileDesc << "... " << std::flush;
-
-    try
-    {
-        properties->setProperty(clientPropertyString, clientFile);
-        properties->setProperty(serverPropertyString, serverFile);
-        sslPlugin->configure(contextType);
-
-        if(expectFailure)
-        {
-            test(false);
-        }
-        else
-        {
-            std::cout << "ok" << std::endl;
-        }
-    }
-    catch(const IceSSL::ConfigurationLoadingException&)
-    {
-        //
-        // Depending on the context type, and if we supplied
-        // a configuration file, this might be a valid response.
-        //
-
-        switch(contextType)
-        {
-            case IceSSL::Client:
-            {
-                if(clientFile.empty())
-                {
-                    std::cout << "ok" << std::endl;
-                }
-                else
-                {
-                    test(false);
-                }
-                break;
-            }
-
-            case IceSSL::Server:
-            {
-                if(serverFile.empty())
-                {
-                    std::cout << "ok" << std::endl;
-                }
-                else
-                {
-                    test(false);
-                }
-                break;
-            }
-
-            case IceSSL::ClientServer:
-            {
-                if(clientFile.empty() || serverFile.empty())
-                {
-                    std::cout << "ok" << std::endl;
-                }
-                else
-                {
-                    test(false);
-                }
-                break;
-            }
-        }
-    }
-    catch(const LocalException&)
-    {
-        //
-        // Any other exception is bad.
-        //
-
-        test(false);
-    }
-    catch(...)
-    {
-        //
-        // Unknown exceptions are always bad.
-        //
-
-        test(false);
-    }
-}
-
-int
-run(int argc, char* argv[], const Ice::CommunicatorPtr& communicator)
-{
-    // Testing Client context.
-    testContextNoConfig(communicator, IceSSL::Client);
-    testContextWithConfig(communicator, IceSSL::Client,"client_sslconfig.xml","", false);
-
-    // Testing Server context.
-    testContextNoConfig(communicator, IceSSL::Server);
-    testContextWithConfig(communicator, IceSSL::Server,"","server_sslconfig.xml", false);
-
-    // Testing ClientServer context.
-    testContextNoConfig(communicator, IceSSL::ClientServer);
-    testContextWithConfig(communicator, IceSSL::ClientServer, "client_sslconfig.xml", "");
-    testContextWithConfig(communicator, IceSSL::ClientServer, "", "server_sslconfig.xml");
-    testContextWithConfig(communicator, IceSSL::ClientServer, "client_sslconfig.xml", "server_sslconfig.xml", false);
-    testContextWithConfig(communicator, IceSSL::ClientServer, "sslconfig.xml", "sslconfig.xml", false);
-
-    return EXIT_SUCCESS;
-}
-
-int
-main(int argc, char* argv[])
-{
-    int status;
-    Ice::CommunicatorPtr communicator;
-
-    try
-    {
-	communicator = Ice::initialize(argc, argv);
-	status = run(argc, argv, communicator);
-    }
-    catch(const Ice::Exception& ex)
-    {
-	cerr << ex << endl;
-	status = EXIT_FAILURE;
-    }
-
-    if(communicator)
-    {
-	try
-	{
-	    communicator->destroy();
-	}
-	catch(const Ice::Exception& ex)
-	{
-	    cerr << ex << endl;
-	    status = EXIT_FAILURE;
-	}
-    }
-
-    return status;
-}
diff --git a/cpp/test/IceSSL/configuration/Makefile b/cpp/test/IceSSL/configuration/Makefile
index 919e0efe346..8ffecfbd44e 100644
--- a/cpp/test/IceSSL/configuration/Makefile
+++ b/cpp/test/IceSSL/configuration/Makefile
@@ -9,20 +9,34 @@
 
 top_srcdir	= ../../..
 
-CLIENT		= configuration
+CLIENT		= client
+SERVER		= server
 
-TARGETS		= $(CLIENT)
+TARGETS		= $(CLIENT) $(SERVER)
 
-OBJS		= Configuration.o
+COBJS		= Test.o \
+		  Client.o \
+		  AllTests.o
 
-SRCS		= $(OBJS:.o=.cpp)
+SOBJS		= Test.o \
+		  TestI.o \
+		  Server.o
+
+SRCS		= $(COBJS:.o=.cpp) \
+		  $(SOBJS:.o=.cpp)
+
+SLICE_SRCS	= Test.ice
 
 include $(top_srcdir)/config/Make.rules
 
 CPPFLAGS	:= -I. -I../../include $(CPPFLAGS)
 
-$(CLIENT): $(OBJS)
+$(CLIENT): $(COBJS)
+	rm -f $@
+	$(CXX) $(LDFLAGS) -o $@ $(COBJS) $(LIBS)
+
+$(SERVER): $(SOBJS)
 	rm -f $@
-	$(CXX) $(LDFLAGS) -o $@ $(OBJS) $(OPENSSL_RPATH_LINK) -lIceSSL $(EXPAT_RPATH_LINK) -lIceXML $(LIBS) $(OPENSSL_LIBS)
+	$(CXX) $(LDFLAGS) -o $@ $(SOBJS) $(LIBS)
 
 include .depend
diff --git a/cpp/test/IceSSL/configuration/Server.cpp b/cpp/test/IceSSL/configuration/Server.cpp
new file mode 100644
index 00000000000..7ca8b133cd6
--- /dev/null
+++ b/cpp/test/IceSSL/configuration/Server.cpp
@@ -0,0 +1,59 @@
+// **********************************************************************
+//
+// Copyright (c) 2003-2006 ZeroC, Inc. All rights reserved.
+//
+// This copy of Ice is licensed to you under the terms described in the
+// ICE_LICENSE file included in this distribution.
+//
+// **********************************************************************
+
+#include <Ice/Ice.h>
+#include <TestI.h>
+
+using namespace std;
+
+int
+run(int argc, char* argv[], const Ice::CommunicatorPtr& communicator)
+{
+    communicator->getProperties()->setProperty("TestAdapter.Endpoints", "tcp -p 12010");
+    Ice::ObjectAdapterPtr adapter = communicator->createObjectAdapter("TestAdapter");
+    Ice::Identity id = Ice::stringToIdentity("factory");
+    adapter->add(new ServerFactoryI, id);
+    adapter->activate();
+
+    communicator->waitForShutdown();
+    return EXIT_SUCCESS;
+}
+
+int
+main(int argc, char* argv[])
+{
+    int status;
+    Ice::CommunicatorPtr communicator;
+
+    try
+    {
+	communicator = Ice::initialize(argc, argv);
+	status = run(argc, argv, communicator);
+    }
+    catch(const Ice::Exception& ex)
+    {
+	cerr << ex << endl;
+	status = EXIT_FAILURE;
+    }
+
+    if(communicator)
+    {
+	try
+	{
+	    communicator->destroy();
+	}
+	catch(const Ice::Exception& ex)
+	{
+	    cerr << ex << endl;
+	    status = EXIT_FAILURE;
+	}
+    }
+
+    return status;
+}
diff --git a/cpp/test/IceSSL/certificateVerification/Pinger.ice b/cpp/test/IceSSL/configuration/Test.ice
index 3feea9ac78f..f5e6b6992bc 100644
--- a/cpp/test/IceSSL/certificateVerification/Pinger.ice
+++ b/cpp/test/IceSSL/configuration/Test.ice
@@ -7,24 +7,23 @@
 //
 // **********************************************************************
 
-#ifndef PINGER_ICE
-#define PINGER_ICE
-
-#include <Ice/BuiltinSequences.ice>
+#ifndef TEST_ICE
+#define TEST_ICE
 
 module Test
 {
 
-class KeyManager
+interface Server
 {
-    void getServerCerts(out Ice::ByteSeq trusted, out Ice::ByteSeq untrusted);
-    void getTrustedClientKeys(out Ice::ByteSeq key, out Ice::ByteSeq cert);
-    void getUntrustedClientKeys(out Ice::ByteSeq key, out Ice::ByteSeq cert);
-    void shutdown();
 };
 
-class Pinger
+dictionary<string, string> Properties;
+
+interface ServerFactory
 {
+    Server* createServer(Properties props);
+    void destroyServer(Server* srv);
+    void shutdown();
 };
 
 };
diff --git a/cpp/test/IceSSL/configuration/TestI.cpp b/cpp/test/IceSSL/configuration/TestI.cpp
new file mode 100644
index 00000000000..9e24210437f
--- /dev/null
+++ b/cpp/test/IceSSL/configuration/TestI.cpp
@@ -0,0 +1,64 @@
+// **********************************************************************
+//
+// Copyright (c) 2003-2006 ZeroC, Inc. All rights reserved.
+//
+// This copy of Ice is licensed to you under the terms described in the
+// ICE_LICENSE file included in this distribution.
+//
+// **********************************************************************
+
+#include <Ice/Ice.h>
+#include <IceUtil/Thread.h>
+#include <TestI.h>
+
+using namespace std;
+using namespace Ice;
+
+ServerI::ServerI(const CommunicatorPtr& communicator) :
+    _communicator(communicator)
+{
+}
+
+void
+ServerI::destroy()
+{
+    _communicator->destroy();
+}
+
+Test::ServerPrx
+ServerFactoryI::createServer(const Test::Properties& props, const Current& current)
+{
+    PropertiesPtr properties = createProperties();
+    for(Test::Properties::const_iterator p = props.begin(); p != props.end(); ++p)
+    {
+	properties->setProperty(p->first, p->second);
+    }
+
+    int argc = 0;
+    char* argv[] = { "" };
+    CommunicatorPtr communicator = initializeWithProperties(argc, argv, properties);
+    ObjectAdapterPtr adapter = communicator->createObjectAdapterWithEndpoints("ServerAdapter", "ssl");
+    ServerIPtr server = new ServerI(communicator);
+    ObjectPrx obj = adapter->addWithUUID(server);
+    _servers[obj->ice_getIdentity()] = server;
+    adapter->activate();
+
+    return Test::ServerPrx::uncheckedCast(obj);;
+}
+
+void
+ServerFactoryI::destroyServer(const Test::ServerPrx& srv, const Ice::Current&)
+{
+    map<Identity, ServerIPtr>::iterator p = _servers.find(srv->ice_getIdentity());
+    if(p != _servers.end())
+    {
+	p->second->destroy();
+	_servers.erase(p);
+    }
+}
+
+void
+ServerFactoryI::shutdown(const Ice::Current& current)
+{
+    current.adapter->getCommunicator()->shutdown();
+}
diff --git a/cpp/test/IceSSL/configuration/TestI.h b/cpp/test/IceSSL/configuration/TestI.h
new file mode 100644
index 00000000000..aece08878ce
--- /dev/null
+++ b/cpp/test/IceSSL/configuration/TestI.h
@@ -0,0 +1,42 @@
+// **********************************************************************
+//
+// Copyright (c) 2003-2006 ZeroC, Inc. All rights reserved.
+//
+// This copy of Ice is licensed to you under the terms described in the
+// ICE_LICENSE file included in this distribution.
+//
+// **********************************************************************
+
+#ifndef TEST_I_H
+#define TEST_I_H
+
+#include <Test.h>
+
+class ServerI : public Test::Server
+{
+public:
+
+    ServerI(const Ice::CommunicatorPtr&);
+
+    void destroy();
+
+private:
+
+    Ice::CommunicatorPtr _communicator;
+};
+typedef IceUtil::Handle<ServerI> ServerIPtr;
+
+class ServerFactoryI : public Test::ServerFactory
+{
+public:
+
+    virtual Test::ServerPrx createServer(const Test::Properties&, const Ice::Current&);
+    virtual void destroyServer(const Test::ServerPrx&, const Ice::Current&);
+    virtual void shutdown(const Ice::Current&);
+
+private:
+
+    std::map<Ice::Identity, ServerIPtr> _servers;
+};
+
+#endif
diff --git a/cpp/test/IceSSL/configuration/configuration.dsp b/cpp/test/IceSSL/configuration/configuration.dsp
deleted file mode 100644
index cf25f0a849a..00000000000
--- a/cpp/test/IceSSL/configuration/configuration.dsp
+++ /dev/null
@@ -1,106 +0,0 @@
-# Microsoft Developer Studio Project File - Name="configuration" - Package Owner=<4>

-# Microsoft Developer Studio Generated Build File, Format Version 6.00

-# ** DO NOT EDIT **

-

-# TARGTYPE "Win32 (x86) Console Application" 0x0103

-

-CFG=configuration - Win32 Debug

-!MESSAGE This is not a valid makefile. To build this project using NMAKE,

-!MESSAGE use the Export Makefile command and run

-!MESSAGE 

-!MESSAGE NMAKE /f "configuration.mak".

-!MESSAGE 

-!MESSAGE You can specify a configuration when running NMAKE

-!MESSAGE by defining the macro CFG on the command line. For example:

-!MESSAGE 

-!MESSAGE NMAKE /f "configuration.mak" CFG="configuration - Win32 Debug"

-!MESSAGE 

-!MESSAGE Possible choices for configuration are:

-!MESSAGE 

-!MESSAGE "configuration - Win32 Release" (based on "Win32 (x86) Console Application")

-!MESSAGE "configuration - Win32 Debug" (based on "Win32 (x86) Console Application")

-!MESSAGE 

-

-# Begin Project

-# PROP AllowPerConfigDependencies 0

-# PROP Scc_ProjName ""

-# PROP Scc_LocalPath ""

-CPP=cl.exe

-RSC=rc.exe

-

-!IF  "$(CFG)" == "configuration - Win32 Release"

-

-# PROP BASE Use_MFC 0

-# PROP BASE Use_Debug_Libraries 0

-# PROP BASE Output_Dir "Release"

-# PROP BASE Intermediate_Dir "Release"

-# PROP BASE Target_Dir ""

-# PROP Use_MFC 0

-# PROP Use_Debug_Libraries 0

-# PROP Output_Dir "Release"

-# PROP Intermediate_Dir "Release"

-# PROP Ignore_Export_Lib 0

-# PROP Target_Dir ""

-# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /Yu"stdafx.h" /FD /c

-# ADD CPP /nologo /MD /W3 /WX /GR /GX /O2 /I "." /I "../../../include" /I "../../include" /D "_CONSOLE" /D "NDEBUG" /D "WIN32_LEAN_AND_MEAN" /FD /c

-# SUBTRACT CPP /Z<none> /YX

-# ADD BASE RSC /l 0x409 /d "NDEBUG"

-# ADD RSC /l 0x409 /d "NDEBUG"

-BSC32=bscmake.exe

-# ADD BASE BSC32 /nologo

-# ADD BSC32 /nologo

-LINK32=link.exe

-# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386

-# ADD LINK32 /nologo /subsystem:console /pdb:none /machine:I386 /out:"configuration.exe" /FIXED:no

-# SUBTRACT LINK32 /debug

-

-!ELSEIF  "$(CFG)" == "configuration - Win32 Debug"

-

-# PROP BASE Use_MFC 0

-# PROP BASE Use_Debug_Libraries 1

-# PROP BASE Output_Dir "Debug"

-# PROP BASE Intermediate_Dir "Debug"

-# PROP BASE Target_Dir ""

-# PROP Use_MFC 0

-# PROP Use_Debug_Libraries 1

-# PROP Output_Dir "Debug"

-# PROP Intermediate_Dir "Debug"

-# PROP Ignore_Export_Lib 0

-# PROP Target_Dir ""

-# ADD BASE CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /Yu"stdafx.h" /FD /GZ /c

-# ADD CPP /nologo /MDd /W3 /WX /Gm /GR /GX /Zi /Od /I "." /I "../../../include" /I "../../include" /D "_CONSOLE" /D "_DEBUG" /D "WIN32_LEAN_AND_MEAN" /FD /GZ /c

-# SUBTRACT CPP /YX

-# ADD BASE RSC /l 0x409 /d "_DEBUG"

-# ADD RSC /l 0x409 /d "_DEBUG"

-BSC32=bscmake.exe

-# ADD BASE BSC32 /nologo

-# ADD BSC32 /nologo

-LINK32=link.exe

-# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept

-# ADD LINK32 /nologo /subsystem:console /debug /machine:I386 /out:"configuration.exe" /pdbtype:sept /FIXED:no

-# SUBTRACT LINK32 /pdb:none

-

-!ENDIF 

-

-# Begin Target

-

-# Name "configuration - Win32 Release"

-# Name "configuration - Win32 Debug"

-# Begin Group "Source Files"

-

-# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat"

-# Begin Source File

-

-SOURCE=.\configuration.cpp

-# End Source File

-# End Group

-# Begin Group "Header Files"

-

-# PROP Default_Filter "h;hpp;hxx;hm;inl"

-# End Group

-# Begin Group "Resource Files"

-

-# PROP Default_Filter "ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe"

-# End Group

-# End Target

-# End Project

diff --git a/cpp/test/IceSSL/configuration/run.py b/cpp/test/IceSSL/configuration/run.py
index 5b3ec087ec6..7995139ca8c 100755
--- a/cpp/test/IceSSL/configuration/run.py
+++ b/cpp/test/IceSSL/configuration/run.py
@@ -20,25 +20,8 @@ else:
 sys.path.append(os.path.join(toplevel, "config"))
 import TestUtil
 
-if TestUtil.protocol != "ssl":
-    print "This test may only be run with SSL enabled."
-    sys.exit(0)
-
 name = os.path.join("IceSSL", "configuration")
-testdir = os.path.join(toplevel, "test", name)
-
-client = os.path.join(testdir, "configuration")
-
-localClientOptions = TestUtil.clientServerProtocol + TestUtil.defaultHost
-print "starting configuration...",
-clientPipe = os.popen(client + localClientOptions + " 2>&1")
-print "ok"
-
-TestUtil.printOutputFromPipe(clientPipe)
-    
-clientStatus = TestUtil.closePipe(clientPipe)
-
-if clientStatus:
-    sys.exit(1)
 
+testdir = os.path.join(toplevel, "test", name)
+TestUtil.clientServerTestWithOptions(name, "", " " + testdir)
 sys.exit(0)
diff --git a/cpp/test/IceSSL/loadPEM/.depend b/cpp/test/IceSSL/loadPEM/.depend
deleted file mode 100644
index a48edec6712..00000000000
--- a/cpp/test/IceSSL/loadPEM/.depend
+++ /dev/null
@@ -1 +0,0 @@
-LoadPEM.o: LoadPEM.cpp ../../../include/Ice/Ice.h ../../../include/Ice/GCRecMutex.h ../../../include/IceUtil/RecMutex.h ../../../include/IceUtil/Config.h ../../../include/IceUtil/Lock.h ../../../include/IceUtil/ThreadException.h ../../../include/IceUtil/Exception.h ../../../include/Ice/Config.h ../../../include/Ice/GCShared.h ../../../include/Ice/GC.h ../../../include/IceUtil/Thread.h ../../../include/IceUtil/Shared.h ../../../include/IceUtil/Handle.h ../../../include/IceUtil/Mutex.h ../../../include/IceUtil/Monitor.h ../../../include/IceUtil/Cond.h ../../../include/IceUtil/Time.h ../../../include/Ice/Initialize.h ../../../include/Ice/CommunicatorF.h ../../../include/Ice/LocalObjectF.h ../../../include/Ice/Handle.h ../../../include/Ice/ProxyF.h ../../../include/Ice/ProxyHandle.h ../../../include/Ice/ObjectF.h ../../../include/Ice/Exception.h ../../../include/Ice/LocalObject.h ../../../include/Ice/UndefSysMacros.h ../../../include/Ice/PropertiesF.h ../../../include/Ice/InstanceF.h ../../../include/Ice/BuiltinSequences.h ../../../include/Ice/Proxy.h ../../../include/Ice/ProxyFactoryF.h ../../../include/Ice/ConnectionIF.h ../../../include/Ice/EndpointIF.h ../../../include/Ice/Endpoint.h ../../../include/Ice/ObjectAdapterF.h ../../../include/Ice/ReferenceF.h ../../../include/Ice/OutgoingAsyncF.h ../../../include/Ice/Current.h ../../../include/Ice/ConnectionF.h ../../../include/Ice/Identity.h ../../../include/Ice/StreamF.h ../../../include/Ice/LocalException.h ../../../include/Ice/Properties.h ../../../include/Ice/Logger.h ../../../include/Ice/LoggerUtil.h ../../../include/Ice/LoggerF.h ../../../include/Ice/Stats.h ../../../include/Ice/Communicator.h ../../../include/Ice/StatsF.h ../../../include/Ice/ObjectFactoryF.h ../../../include/Ice/RouterF.h ../../../include/Ice/LocatorF.h ../../../include/Ice/PluginF.h ../../../include/Ice/ObjectFactory.h ../../../include/Ice/ObjectAdapter.h ../../../include/Ice/ServantLocatorF.h ../../../include/Ice/FacetMap.h ../../../include/Ice/ServantLocator.h ../../../include/Ice/Object.h ../../../include/Ice/IncomingAsyncF.h ../../../include/Ice/IdentityUtil.h ../../../include/Ice/OutgoingAsync.h ../../../include/Ice/IncomingAsync.h ../../../include/Ice/Incoming.h ../../../include/Ice/ServantManagerF.h ../../../include/Ice/BasicStream.h ../../../include/Ice/Buffer.h ../../../include/Ice/Process.h ../../../include/Ice/Outgoing.h ../../../include/Ice/Direct.h ../../../include/Ice/Application.h ../../../include/Ice/Connection.h ../../../include/Ice/Functional.h ../../../include/IceUtil/Functional.h ../../../include/Ice/Stream.h ../../include/TestCommon.h ../../../include/IceSSL/Exception.h ../../../include/IceSSL/Plugin.h ../../../include/Ice/Plugin.h ../../../include/IceSSL/CertificateVerifierF.h
diff --git a/cpp/test/IceSSL/loadPEM/LoadPEM.cpp b/cpp/test/IceSSL/loadPEM/LoadPEM.cpp
deleted file mode 100644
index 5d5d9e4a11a..00000000000
--- a/cpp/test/IceSSL/loadPEM/LoadPEM.cpp
+++ /dev/null
@@ -1,261 +0,0 @@
-// **********************************************************************
-//
-// Copyright (c) 2003-2006 ZeroC, Inc. All rights reserved.
-//
-// This copy of Ice is licensed to you under the terms described in the
-// ICE_LICENSE file included in this distribution.
-//
-// **********************************************************************
-
-#include <Ice/Ice.h>
-#include <TestCommon.h>
-#include <IceSSL/Exception.h>
-#include <IceSSL/Plugin.h>
-
-using namespace std;
-using namespace Ice;
-
-void
-testExpectCertificateAndPrivateKeyLoadException(const Ice::CommunicatorPtr& communicator,
-                                                const std::string& configFile)
-{
-    PropertiesPtr properties = communicator->getProperties();
-    Ice::PluginPtr plugin = communicator->getPluginManager()->getPlugin("IceSSL");
-    IceSSL::PluginPtr sslPlugin = IceSSL::PluginPtr::dynamicCast(plugin);
-
-    try
-    {
-        properties->setProperty("IceSSL.Client.Config", configFile);
-        sslPlugin->configure(IceSSL::Client);
-        test(false);
-    }
-    catch(const IceSSL::CertificateLoadException&)
-    {
-        std::cout << "ok" << std::endl;
-    }
-    catch(const IceSSL::PrivateKeyLoadException&)
-    {
-        std::cout << "ok" << std::endl;
-    }
-    catch(const LocalException&)
-    {
-        //
-        // Any other exception is bad.
-        //
-
-        test(false);
-    }
-    catch(...)
-    {
-        //
-        // Unknown exceptions are always bad.
-        //
-
-        test(false);
-    }
-}
-
-void
-testExpectPrivateKeyLoadException(const Ice::CommunicatorPtr& communicator, const std::string& configFile)
-{
-    PropertiesPtr properties = communicator->getProperties();
-    Ice::PluginPtr plugin = communicator->getPluginManager()->getPlugin("IceSSL");
-    IceSSL::PluginPtr sslPlugin = IceSSL::PluginPtr::dynamicCast(plugin);
-
-    try
-    {
-        properties->setProperty("IceSSL.Client.Config", configFile);
-        sslPlugin->configure(IceSSL::Client);
-        test(false);
-    }
-    catch(const IceSSL::PrivateKeyLoadException&)
-    {
-        std::cout << "ok" << std::endl;
-    }
-    catch(const LocalException&)
-    {
-        //
-        // Any other exception is bad.
-        //
-
-        test(false);
-    }
-    catch(...)
-    {
-        //
-        // Unknown exceptions are always bad.
-        //
-
-        test(false);
-    }
-}
-
-void
-testExpectCertificateLoadException(const Ice::CommunicatorPtr& communicator, const std::string& configFile)
-{
-    PropertiesPtr properties = communicator->getProperties();
-    Ice::PluginPtr plugin = communicator->getPluginManager()->getPlugin("IceSSL");
-    IceSSL::PluginPtr sslPlugin = IceSSL::PluginPtr::dynamicCast(plugin);
-
-    try
-    {
-        properties->setProperty("IceSSL.Client.Config", configFile);
-        sslPlugin->configure(IceSSL::Client);
-        test(false);
-    }
-    catch(const IceSSL::CertificateLoadException&)
-    {
-        std::cout << "ok" << std::endl;
-    }
-    catch(const LocalException&)
-    {
-        //
-        // Any other exception is bad.
-        //
-
-        test(false);
-    }
-    catch(...)
-    {
-        //
-        // Unknown exceptions are always bad.
-        //
-
-        test(false);
-    }
-}
-
-void
-testExpectCertificateKeyMatchException(const Ice::CommunicatorPtr& communicator, const std::string& configFile)
-{
-    PropertiesPtr properties = communicator->getProperties();
-    Ice::PluginPtr plugin = communicator->getPluginManager()->getPlugin("IceSSL");
-    IceSSL::PluginPtr sslPlugin = IceSSL::PluginPtr::dynamicCast(plugin);
-
-    try
-    {
-        properties->setProperty("IceSSL.Client.Config", configFile);
-        sslPlugin->configure(IceSSL::Client);
-        test(false);
-    }
-    catch(const IceSSL::CertificateKeyMatchException&)
-    {
-        std::cout << "ok" << std::endl;
-    }
-    catch(const LocalException&)
-    {
-        //
-        // Any other exception is bad.
-        //
-
-        test(false);
-    }
-    catch(...)
-    {
-        //
-        // Unknown exceptions are always bad.
-        //
-
-        test(false);
-    }
-}
-
-void
-testNoException(const Ice::CommunicatorPtr& communicator, const std::string& configFile)
-{
-    PropertiesPtr properties = communicator->getProperties();
-    Ice::PluginPtr plugin = communicator->getPluginManager()->getPlugin("IceSSL");
-    IceSSL::PluginPtr sslPlugin = IceSSL::PluginPtr::dynamicCast(plugin);
-
-    try
-    {
-        properties->setProperty("IceSSL.Client.Config", configFile);
-        sslPlugin->configure(IceSSL::Client);
-        std::cout << "ok" << std::endl;
-    }
-    catch(const LocalException&)
-    {
-        //
-        // Any other exception is bad.
-        //
-
-        test(false);
-    }
-    catch(...)
-    {
-        //
-        // Unknown exceptions are always bad.
-        //
-
-        test(false);
-    }
-}
-
-int
-run(int argc, char* argv[], const Ice::CommunicatorPtr& communicator)
-{
-    PropertiesPtr properties = communicator->getProperties();
-    // properties->setProperty("IceSSL.Client.CertPath", "../certs");
-
-    std::cout << "bad private key and certificate... " << std::flush;
-    testExpectCertificateAndPrivateKeyLoadException(communicator, "sslconfig_1.xml");
-
-    std::cout << "bad private key and good certificate 1... " << std::flush;
-    testExpectPrivateKeyLoadException(communicator, "sslconfig_2.xml");
-
-    std::cout << "good private key 1 and bad certificate... " << std::flush;
-    testExpectCertificateLoadException(communicator, "sslconfig_3.xml");
-
-#if !defined(_AIX) || defined(ICE_32)
-    //
-    // TODO: On AIX 64 bit with OpenSSL 0.9.7d, OpenSSL reports an
-    // error but does not put an error code on the error queue.
-    // This needs more investigation!
-    //
-
-    std::cout << "good private key 1 and good certificate 2, mismatched... " << std::flush;
-    testExpectCertificateKeyMatchException(communicator, "sslconfig_4.xml");
-
-    std::cout << "good private key 2 and good certificate 1, mismatched (again)... " << std::flush;
-    testExpectCertificateKeyMatchException(communicator, "sslconfig_5.xml");
-
-#endif
-
-    std::cout << "good matched private key and certificate... " << std::flush;
-    testNoException(communicator, "sslconfig_6.xml");
-
-    return EXIT_SUCCESS;
-}
-
-int
-main(int argc, char* argv[])
-{
-    int status;
-    Ice::CommunicatorPtr communicator;
-
-    try
-    {
-	communicator = Ice::initialize(argc, argv);
-	status = run(argc, argv, communicator);
-    }
-    catch(const Ice::Exception& ex)
-    {
-	cerr << ex << endl;
-	status = EXIT_FAILURE;
-    }
-
-    if(communicator)
-    {
-	try
-	{
-	    communicator->destroy();
-	}
-	catch(const Ice::Exception& ex)
-	{
-	    cerr << ex << endl;
-	    status = EXIT_FAILURE;
-	}
-    }
-
-    return status;
-}
diff --git a/cpp/test/IceSSL/loadPEM/Makefile b/cpp/test/IceSSL/loadPEM/Makefile
deleted file mode 100644
index 858d9724e40..00000000000
--- a/cpp/test/IceSSL/loadPEM/Makefile
+++ /dev/null
@@ -1,28 +0,0 @@
-# **********************************************************************
-#
-# Copyright (c) 2003-2006 ZeroC, Inc. All rights reserved.
-#
-# This copy of Ice is licensed to you under the terms described in the
-# ICE_LICENSE file included in this distribution.
-#
-# **********************************************************************
-
-top_srcdir	= ../../..
-
-CLIENT		= loadPEM
-
-TARGETS		= $(CLIENT)
-
-OBJS		= LoadPEM.o
-
-SRCS		= $(OBJS:.o=.cpp)
-
-include $(top_srcdir)/config/Make.rules
-
-CPPFLAGS	:= -I. -I../../include $(CPPFLAGS)
-
-$(CLIENT): $(OBJS)
-	rm -f $@
-	$(CXX) $(LDFLAGS) -o $@ $(OBJS) $(OPENSSL_RPATH_LINK) -lIceSSL $(EXPAT_RPATH_LINK) -lIceXML $(LIBS) $(OPENSSL_LIBS)
-
-include .depend
diff --git a/cpp/test/IceSSL/loadPEM/loadpem.dsp b/cpp/test/IceSSL/loadPEM/loadpem.dsp
deleted file mode 100644
index 7c1f51c7a8e..00000000000
--- a/cpp/test/IceSSL/loadPEM/loadpem.dsp
+++ /dev/null
@@ -1,106 +0,0 @@
-# Microsoft Developer Studio Project File - Name="loadpem" - Package Owner=<4>

-# Microsoft Developer Studio Generated Build File, Format Version 6.00

-# ** DO NOT EDIT **

-

-# TARGTYPE "Win32 (x86) Console Application" 0x0103

-

-CFG=loadpem - Win32 Debug

-!MESSAGE This is not a valid makefile. To build this project using NMAKE,

-!MESSAGE use the Export Makefile command and run

-!MESSAGE 

-!MESSAGE NMAKE /f "loadPEM.mak".

-!MESSAGE 

-!MESSAGE You can specify a configuration when running NMAKE

-!MESSAGE by defining the macro CFG on the command line. For example:

-!MESSAGE 

-!MESSAGE NMAKE /f "loadPEM.mak" CFG="loadpem - Win32 Debug"

-!MESSAGE 

-!MESSAGE Possible choices for configuration are:

-!MESSAGE 

-!MESSAGE "loadpem - Win32 Release" (based on "Win32 (x86) Console Application")

-!MESSAGE "loadpem - Win32 Debug" (based on "Win32 (x86) Console Application")

-!MESSAGE 

-

-# Begin Project

-# PROP AllowPerConfigDependencies 0

-# PROP Scc_ProjName ""

-# PROP Scc_LocalPath ""

-CPP=cl.exe

-RSC=rc.exe

-

-!IF  "$(CFG)" == "loadpem - Win32 Release"

-

-# PROP BASE Use_MFC 0

-# PROP BASE Use_Debug_Libraries 0

-# PROP BASE Output_Dir "Release"

-# PROP BASE Intermediate_Dir "Release"

-# PROP BASE Target_Dir ""

-# PROP Use_MFC 0

-# PROP Use_Debug_Libraries 0

-# PROP Output_Dir "Release"

-# PROP Intermediate_Dir "Release"

-# PROP Ignore_Export_Lib 0

-# PROP Target_Dir ""

-# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /Yu"stdafx.h" /FD /c

-# ADD CPP /nologo /MD /W3 /WX /GR /GX /O2 /I "." /I "../../../include" /I "../../include" /D "_CONSOLE" /D "NDEBUG" /D "WIN32_LEAN_AND_MEAN" /FD /c

-# SUBTRACT CPP /Z<none> /YX

-# ADD BASE RSC /l 0x409 /d "NDEBUG"

-# ADD RSC /l 0x409 /d "NDEBUG"

-BSC32=bscmake.exe

-# ADD BASE BSC32 /nologo

-# ADD BSC32 /nologo

-LINK32=link.exe

-# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386

-# ADD LINK32 /nologo /subsystem:console /pdb:none /machine:I386 /out:"loadpem.exe" /libpath:"../../../lib" /FIXED:no

-# SUBTRACT LINK32 /debug

-

-!ELSEIF  "$(CFG)" == "loadpem - Win32 Debug"

-

-# PROP BASE Use_MFC 0

-# PROP BASE Use_Debug_Libraries 1

-# PROP BASE Output_Dir "Debug"

-# PROP BASE Intermediate_Dir "Debug"

-# PROP BASE Target_Dir ""

-# PROP Use_MFC 0

-# PROP Use_Debug_Libraries 1

-# PROP Output_Dir "Debug"

-# PROP Intermediate_Dir "Debug"

-# PROP Ignore_Export_Lib 0

-# PROP Target_Dir ""

-# ADD BASE CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /Yu"stdafx.h" /FD /GZ /c

-# ADD CPP /nologo /MDd /W3 /WX /Gm /GR /GX /Zi /Od /I "." /I "../../../include" /I "../../include" /D "_CONSOLE" /D "_DEBUG" /D "WIN32_LEAN_AND_MEAN" /FD /GZ /c

-# SUBTRACT CPP /YX

-# ADD BASE RSC /l 0x409 /d "_DEBUG"

-# ADD RSC /l 0x409 /d "_DEBUG"

-BSC32=bscmake.exe

-# ADD BASE BSC32 /nologo

-# ADD BSC32 /nologo

-LINK32=link.exe

-# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept

-# ADD LINK32 /nologo /subsystem:console /debug /machine:I386 /out:"loadpem.exe" /pdbtype:sept /libpath:"../../../lib" /FIXED:no

-# SUBTRACT LINK32 /pdb:none

-

-!ENDIF 

-

-# Begin Target

-

-# Name "loadpem - Win32 Release"

-# Name "loadpem - Win32 Debug"

-# Begin Group "Source Files"

-

-# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat"

-# Begin Source File

-

-SOURCE=.\loadpem.cpp

-# End Source File

-# End Group

-# Begin Group "Header Files"

-

-# PROP Default_Filter "h;hpp;hxx;hm;inl"

-# End Group

-# Begin Group "Resource Files"

-

-# PROP Default_Filter "ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe"

-# End Group

-# End Target

-# End Project

diff --git a/cpp/test/IceSSL/loadPEM/run.py b/cpp/test/IceSSL/loadPEM/run.py
deleted file mode 100755
index fb6816617ce..00000000000
--- a/cpp/test/IceSSL/loadPEM/run.py
+++ /dev/null
@@ -1,49 +0,0 @@
-#!/usr/bin/env python
-# **********************************************************************
-#
-# Copyright (c) 2003-2006 ZeroC, Inc. All rights reserved.
-#
-# This copy of Ice is licensed to you under the terms described in the
-# ICE_LICENSE file included in this distribution.
-#
-# **********************************************************************
-
-import os, sys
-
-for toplevel in [".", "..", "../..", "../../..", "../../../.."]:
-    toplevel = os.path.normpath(toplevel)
-    if os.path.exists(os.path.join(toplevel, "config", "TestUtil.py")):
-        break
-else:
-    raise "can't find toplevel directory!"
-
-sys.path.append(os.path.join(toplevel, "config"))
-import TestUtil
-
-if TestUtil.protocol != "ssl":
-    print "This test may only be run with SSL enabled."
-    sys.exit(0)
-
-testOptions = " --IceSSL.Client.CertPath=" + os.path.join(toplevel, "test", "IceSSL", "certs") + \
-              " --IceSSL.Client.Config= " + \
-              " --IceSSL.Server.CertPath=" + os.path.join(toplevel, "test", "IceSSL", "certs") + \
-              " --IceSSL.Server.Config= "
-
-name = os.path.join("IceSSL", "loadPEM")
-testdir = os.path.join(toplevel, "test", name)
-
-client = os.path.join(testdir, "loadPEM")
-
-localClientOptions = TestUtil.clientServerProtocol + TestUtil.defaultHost
-print "starting loadPEM...",
-clientPipe = os.popen(client + localClientOptions + testOptions + " 2>&1")
-print "ok"
-
-TestUtil.printOutputFromPipe(clientPipe)
-    
-clientStatus = TestUtil.closePipe(clientPipe)
-
-if clientStatus:
-    sys.exit(1)
-
-sys.exit(0)