You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@qpid.apache.org by "ASF subversion and git services (JIRA)" <ji...@apache.org> on 2019/05/10 20:37:00 UTC

[jira] [Commented] (QPID-8283) [JMS AMQP 0-x] Connection option 'encryption_trust_store_password' is mistakenly used to set encryption keystore password rather than encryption trust store password as intendant

    [ https://issues.apache.org/jira/browse/QPID-8283?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16837592#comment-16837592 ] 

ASF subversion and git services commented on QPID-8283:
-------------------------------------------------------

Commit e3a88f02b5c099fe4b21bec1790cae7731795810 in qpid-jms-amqp-0-x's branch refs/heads/master from Alex Rudyy
[ https://gitbox.apache.org/repos/asf?p=qpid-jms-amqp-0-x.git;h=e3a88f0 ]

QPID-8283: [JMS AMQP 0-x] Fix setting option 'encryption_trust_store_password'


> [JMS AMQP 0-x] Connection option 'encryption_trust_store_password' is mistakenly used to set encryption keystore password rather than encryption trust store password as intendant 
> -----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: QPID-8283
>                 URL: https://issues.apache.org/jira/browse/QPID-8283
>             Project: Qpid
>          Issue Type: Bug
>          Components: JMS AMQP 0-x
>    Affects Versions: qpid-java-6.1.6, qpid-java-6.0, qpid-java-6.0.1, qpid-java-6.0.2, qpid-java-6.0.3, qpid-java-6.0.4, qpid-java-6.0.5, qpid-java-6.1, qpid-java-6.0.6, qpid-java-6.1.1, qpid-java-6.1.2, qpid-java-6.0.7, qpid-java-6.1.3, qpid-java-6.0.8, qpid-java-6.1.4, qpid-java-client-0-x-6.3.0, qpid-java-6.1.5, qpid-java-client-0-x-6.3.1, qpid-java-6.1.7, qpid-java-client-0-x-6.3.2, qpid-java-client-0-x-6.3.3
>            Reporter: Alex Rudyy
>            Priority: Major
>             Fix For: qpid-java-client-0-x-6.3.4
>
>
> Connection option {{encryption_trust_store_password}} is mistakenly used to set encryption keystore password rather than encryption trust store password as intendant.
> Here is problematic code in {{BrokerDetails}}:
> {code}
>         if (getProperty(BrokerDetails.OPTIONS_ENCRYPTION_TRUST_STORE_PASSWORD) != null)
>         {
>             conSettings.setEncryptionKeyStorePassword(
>                     getProperty(BrokerDetails.OPTIONS_ENCRYPTION_TRUST_STORE_PASSWORD));
>         }
> {code}
> Method {{conSettings.setEncryptionTrustStorePassword}} should be invoked instead. 
> The workaround for this issue is to set trust store password using JVM property {{javax.net.ssl.trustStorePassword}}.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org