[AMQ-6418] Peer certificates are not always set when using the auto transports with ssl - ASF JIRA

Agile Board

Attach files

Attach Screenshot

Voters

Watch issue

Watchers

Create sub-task

Link

Clone

Update Comment Author

Replace String in Comment

Update Comment Visibility

Delete Comments

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 5.14.0
Fix Version/s: 5.14.1, 5.15.0
Component/s: Broker
Labels:
None

Description

There are two problems with the auto ssl transport that is causing the peer certificates to not always be available and set on the ConnectionInfo object during connection. First, for auto+nio+ssl, the auto init transport needs to have transport properties applied. This is because the initialization transport does the SSL handshake so it needs to know whether or not transport.needClientAuth or transport.wantClientAuth is set. Right now these properties are not processed so it never gets passed to the SSL socket which means none of the protocols have peer certs available over auto+nio+ssl. Second, the Stomp transport is not properly setting the peer certs when using auto+ssl and not using NIO.

Attachments

Activity

Comment

This comment will be Viewable by All Users Viewable by All Users

Cancel

People

Assignee:: Christopher L. Shannon

Reporter:: Christopher L. Shannon

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 06/Sep/16 14:15

Updated:: 07/Sep/16 12:28

Resolved:: 06/Sep/16 14:20

Agile

View on Board

Peer certificates are not always set when using the auto transports with ssl

Details

Description

Attachments

Attachments

Activity

People

Dates

Agile

Slack

Issue deployment