You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@activemq.apache.org by Justin Bertram <jb...@apache.org> on 2019/12/19 16:28:06 UTC

Re: Custom X509TrustManager pluggability

After thinking about this a bit more it made more sense to me for the
plugin to be defined on a per-acceptor and per-connector basis. Therefore I
made the configuration part of the broker & client URLs via the new
"trustManagerFactoryPlugin" parameter. I opened a JIRA [1] and sent a PR
[2].

Justin

[1] https://issues.apache.org/jira/browse/ARTEMIS-2580
[2] https://github.com/apache/activemq-artemis/pull/2923

On Mon, Oct 14, 2019 at 4:35 AM Modanese, Riccardo
<Ri...@eurotech.com.invalid> wrote:

> Hello,
>
>          I have some security (SSL stack and ACLs) related use cases that
> seem to be not implemented in Artemis code.
>
> For example I need to plug a custom X509TrustManager on Artemis broker
> acceptors. After looking at the source code I think I found a way:
>
>
> https://github.com/riccardomodanese/activemq-artemis/tree/sslConfigurableTrustManager
>
> What do you think? I would like to contribute to the project, if the
> community sees a value on it.
>
> Regards
>
> Riccardo
>

Re: Custom X509TrustManager pluggability

Posted by "Modanese, Riccardo" <Ri...@eurotech.com.INVALID>.

I agree, it’s the best choice make it configurable on acceptor bases.

I’ll take a look to your pr.

Thank you a lot!

> Il giorno 19 dic 2019, alle ore 17:28, Justin Bertram <jb...@apache.org> ha scritto:
> 
> After thinking about this a bit more it made more sense to me for the
> plugin to be defined on a per-acceptor and per-connector basis. Therefore I
> made the configuration part of the broker & client URLs via the new
> "trustManagerFactoryPlugin" parameter. I opened a JIRA [1] and sent a PR
> [2].
> 
> 
> Justin
> 
> [1] https://issues.apache.org/jira/browse/ARTEMIS-2580
> [2] https://github.com/apache/activemq-artemis/pull/2923
> 
> On Mon, Oct 14, 2019 at 4:35 AM Modanese, Riccardo
> <Ri...@eurotech.com.invalid> wrote:
> 
>> Hello,
>> 
>>         I have some security (SSL stack and ACLs) related use cases that
>> seem to be not implemented in Artemis code.
>> 
>> For example I need to plug a custom X509TrustManager on Artemis broker
>> acceptors. After looking at the source code I think I found a way:
>> 
>> 
>> https://github.com/riccardomodanese/activemq-artemis/tree/sslConfigurableTrustManager
>> 
>> What do you think? I would like to contribute to the project, if the
>> community sees a value on it.
>> 
>> Regards
>> 
>> Riccardo
>>