You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@activemq.apache.org by "Timothy Bish (JIRA)" <ji...@apache.org> on 2019/08/15 15:39:00 UTC

[jira] [Commented] (AMQ-7276) Unable to establish mutual authentication through HTTPS transport

    [ https://issues.apache.org/jira/browse/AMQ-7276?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16908204#comment-16908204 ] 

Timothy Bish commented on AMQ-7276:
-----------------------------------

5.11.0 is not a supported release so first thing to do is upgrade your broker to the latest 5.15.9 and try from there.

> Unable to establish mutual authentication through HTTPS transport
> -----------------------------------------------------------------
>
>                 Key: AMQ-7276
>                 URL: https://issues.apache.org/jira/browse/AMQ-7276
>             Project: ActiveMQ
>          Issue Type: Bug
>    Affects Versions: 5.11.0
>            Reporter: Diptesh Chakraborty
>            Priority: Major
>              Labels: mutualSSL
>
> I am trying to establish mutual authentication over HTTPS transport but found that only the one way authentication is established.
> Below is my code snippet:
>  
> +*Client Java Program:*+
> {code:java}
> System.setProperty("javax.net.ssl.keyStore", "D://project//test//POC//client.ks");
> System.setProperty("javax.net.ssl.keyStorePassword", "password");
> System.setProperty("javax.net.ssl.trustStore", "D://project//test//POC//client.ts");
> System.setProperty("javax.net.ssl.trustStorePassword", "password");
> cf=new ActiveMQConnectionFactory("https://localhost:8443");
> con=cf.createConnection();
> Session s=con.createSession(false,Session.AUTO_ACKNOWLEDGE);
> Destination d;
> d=s.createQueue("TestQueue");
> MessageProducer mp;
> mp=s.createProducer(d);
> con.start();
> // prepare the message
> mp.send(message){code}
> +*Active MQ configuration*+
>  
> {code:java}
> <transportConnector name="https" uri="https://localhost:8443?transport.needClientAuth=true"/>
> <sslContext>
>    <sslContext keyStore="file:D:/project/test/POC/broker.ks"
>     keyStorePassword="password"
>     trustStore="file:D:/project/test/POC/broker.ts"
>     trustStorePassword="password"/>
> </sslContext>{code}
>  
> While running the program, the message is being sent successfully but I am not finding any difference in the logs if "*needClientAuth*" is set to *false*.
> If the transport connector is changed from https to ssl, I can view the detailed ssl handshake logs which implies that "Mutual Authentication" has been established



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)