On setting of broker attributes the keystore/trustore/peerstore attributes only validated when path is changed. As result, when password or alias is changed no validation happens and invalid values can be stored.
On setting of port attributes only attribute types are validated. As result if SSL port is configured without keystore or need/wantClientAuthorisation. attributes are set without truststore the following broker start fails as broker cannot bind to SSL port without keystore/truststore accordingly.
The web management port UI should allow the setting of need/wantClientAuthorisation attributes only when SSL transport is selected.
Broker UI to edit keystore/trustore/perrstore password should not require the setting of the password every time when path to keystore/trustore/perrstore is changed.