[ARTEMIS-1157] Do not update ssl client keystore/truststore path on topology update - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Major
Resolution: Information Provided
Affects Version/s: 2.0.0
Fix Version/s: None
Component/s: None
Labels:
None

Description

We have a 2 node cluster where clients and the refrenced connectors in the cluster-connection do use ssl client auth (all working so far). Now if a failover ocures - live server goes down - the clients try to re-connect with the client keystore path that is defined on the connector in the server.

We know that it is possible to overwrite this behavoir by using org.apache.activemq.ssl.keyStore system property. But we have multiple keystores and want to use them. Would it be possible, that this settings:
org.apache.activemq.artemis.core.remoting.impl.netty.TransportConstants.KEYSTORE_*
org.apache.activemq.artemis.core.remoting.impl.netty.TransportConstants.TRUSTSTORE_*
will not be updated from the server? I can not think of a scenario, where it would make sense that the server tells the client where the client has to look for his keystore and truststore settings.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

ArtemisMqCrashDemoClient.java
11/May/17 12:18
4 kB
Philipp Aeschlimann
broker.xml
11/May/17 12:18
3 kB
Philipp Aeschlimann

Activity

People

Assignee:: Unassigned

Reporter:: Philipp Aeschlimann

Votes:: 2 Vote for this issue

Watchers:: 5 Start watching this issue

Dates

Created:: 10/May/17 14:31

Updated:: 21/Sep/21 01:01

Resolved:: 21/Sep/21 01:01