Uploaded image for project: 'ActiveMQ'
  1. ActiveMQ
  2. AMQ-7241

Network connector using the https transport cannot use a custom ssl context

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 5.15.9
    • Fix Version/s: None
    • Component/s: Transport
    • Labels:
      None

      Description

      If the HTTPs transport is used as a network connector , HttpsClientTransport.createSocketFactory() always sees SSLContext.getCurrentSSLContext() as null.

      This happens because SSLContext.getCurrentSSLContext() is not called during the execution of HttpsTransportFactory.createTransport(..)  . This differs from SSLTransportFactory.createTransport(..)

      The call to SSLContext.getCurrentSSLContext is deferred until HttpClientTransport.start() executes.   Unfortunately,  the DiscoveryNetworkConnector.onServiceAdd(..) has already cleared the thread local SSL context with 

      finally

      {  SslContext.setCurrentSslContext(null); }

      .

      prior to starting the bridge and ultimately calling HttpClientTransport.start() which then accesses the null SSLContext thread local.

       

       

       

       

       

       

       

       

       

       

       

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              Sargant Ross
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated: