Uploaded image for project: 'Qpid'
  1. Qpid
  2. QPID-4739

[Java Broker] complete functionality to configure multiple key store and trust stores and assign them per-port

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 0.21
    • Fix Version/s: 0.22
    • Component/s: Broker-J
    • Labels:
      None

      Description

      As part of the work in QPID-4390 to overhaul the broker configuration and allow manipulation via the [HTTP] management interface, an intermediate step was made with the SSL configuration by only allowing configuration of a single SSL key store and trust store (and via QPID-4636 a 'peer store') as attributes on the broker itself for use by the AMQP and HTTP(S) ports, with the JMX port relying on the javax.ssl.* properties to configure its SSL key store.

      The desired configuration model, and the way it was represented internally to the broker and externally via the REST api, was for multiple key store and trust stores (which may now be 'peers only' trust stores) to be allowed as child objects of the broker. It was then also intended these would be able to be assigned for use on a per-port basis, including specifying the key store for the JMX port.

      This JIRA will make the necessary changes to transition the brokers SSL configuration to the intended model, updating the web management UI accordingly.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                gemmellr Robbie Gemmell
                Reporter:
                gemmellr Robbie Gemmell
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: