[APLO-341] SSL server configuration does not support separate truststore - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Major
Resolution: Won't Do
Affects Version/s: 1.6
Fix Version/s: 1.8
Component/s: apollo-dto
Labels:
- security
Environment:
Windows 7 Java: Suspect all environements

Description

When trying to configure the apollo broker to support client authentication there is no support for placing trusted client certificates in a separate truststore. One must place the certificates in the keystore containing the server's private key.

The common practice (as also done in ActiveMQ) is to place trusted certificates in a truststore that contains only trusted certificates (one may wish to interactively add trusted client certificates to this truststore) whereas the keystore containing the private key is locked up tight as a drum.

Attachments

Activity

People

Assignee:: Hiram R. Chirino

Reporter:: Brian Reinhold

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 24/Nov/13 21:35

Updated:: 06/Apr/22 19:16

Resolved:: 06/Apr/22 19:16