[QPID-4739] [Java Broker] complete functionality to configure multiple key store and trust stores and assign them per-port - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 0.21
Fix Version/s: 0.22
Component/s: Broker-J
Labels:
None

Description

As part of the work in ~~QPID-4390~~ to overhaul the broker configuration and allow manipulation via the [HTTP] management interface, an intermediate step was made with the SSL configuration by only allowing configuration of a single SSL key store and trust store (and via ~~QPID-4636~~ a 'peer store') as attributes on the broker itself for use by the AMQP and HTTP(S) ports, with the JMX port relying on the javax.ssl.* properties to configure its SSL key store.

The desired configuration model, and the way it was represented internally to the broker and externally via the REST api, was for multiple key store and trust stores (which may now be 'peers only' trust stores) to be allowed as child objects of the broker. It was then also intended these would be able to be assigned for use on a per-port basis, including specifying the key store for the JMX port.

This JIRA will make the necessary changes to transition the brokers SSL configuration to the intended model, updating the web management UI accordingly.

Attachments

Issue Links

relates to

QPID-4390 Java Broker should allow runtime changes to persisted configuration

Closed

QPID-4636 [Java Broker] add a 'peerstore' to enhance SSL Client Authentication functionality, provide similar 'trusted peer' support with self-signed certs as the C++ broker

Closed

Activity

People

Assignee:: Robbie Gemmell

Reporter:: Robbie Gemmell

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 12/Apr/13 09:45

Updated:: 11/Feb/15 20:06

Resolved:: 19/Apr/13 15:14