Uploaded image for project: 'ActiveMQ'
  1. ActiveMQ
  2. AMQ-6418

Peer certificates are not always set when using the auto transports with ssl

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 5.14.0
    • Fix Version/s: 5.14.1, 5.15.0
    • Component/s: Broker
    • Labels:
      None

      Description

      There are two problems with the auto ssl transport that is causing the peer certificates to not always be available and set on the ConnectionInfo object during connection. First, for auto+nio+ssl, the auto init transport needs to have transport properties applied. This is because the initialization transport does the SSL handshake so it needs to know whether or not transport.needClientAuth or transport.wantClientAuth is set. Right now these properties are not processed so it never gets passed to the SSL socket which means none of the protocols have peer certs available over auto+nio+ssl. Second, the Stomp transport is not properly setting the peer certs when using auto+ssl and not using NIO.

        Attachments

          Activity

            People

            • Assignee:
              cshannon Christopher L. Shannon
              Reporter:
              cshannon Christopher L. Shannon
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: