You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@activemq.apache.org by de...@apache.org on 2015/07/01 12:09:18 UTC
activemq git commit: https://issues.apache.org/jira/browse/AMQ-5008 -
fix the case then crlPath is defined and trustStoreAlgorithm is not PKIX
Repository: activemq
Updated Branches:
refs/heads/master 10ae0d9d6 -> a53d4cf7b
https://issues.apache.org/jira/browse/AMQ-5008 - fix the case then crlPath is defined and trustStoreAlgorithm is not PKIX
Project: http://git-wip-us.apache.org/repos/asf/activemq/repo
Commit: http://git-wip-us.apache.org/repos/asf/activemq/commit/a53d4cf7
Tree: http://git-wip-us.apache.org/repos/asf/activemq/tree/a53d4cf7
Diff: http://git-wip-us.apache.org/repos/asf/activemq/diff/a53d4cf7
Branch: refs/heads/master
Commit: a53d4cf7bf4de769d59850c33346c59ee8035aea
Parents: 10ae0d9
Author: Dejan Bosanac <de...@nighttale.net>
Authored: Wed Jul 1 12:08:57 2015 +0200
Committer: Dejan Bosanac <de...@nighttale.net>
Committed: Wed Jul 1 12:09:07 2015 +0200
----------------------------------------------------------------------
.../java/org/apache/activemq/spring/SpringSslContext.java | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/activemq/blob/a53d4cf7/activemq-spring/src/main/java/org/apache/activemq/spring/SpringSslContext.java
----------------------------------------------------------------------
diff --git a/activemq-spring/src/main/java/org/apache/activemq/spring/SpringSslContext.java b/activemq-spring/src/main/java/org/apache/activemq/spring/SpringSslContext.java
index c74103b..57cc1d7 100644
--- a/activemq-spring/src/main/java/org/apache/activemq/spring/SpringSslContext.java
+++ b/activemq-spring/src/main/java/org/apache/activemq/spring/SpringSslContext.java
@@ -98,6 +98,7 @@ public class SpringSslContext extends SslContext {
return new ArrayList<TrustManager>(0);
}
TrustManagerFactory tmf = TrustManagerFactory.getInstance(trustStoreAlgorithm);
+ boolean initialized = false;
if (crlPath != null) {
if (trustStoreAlgorithm.equalsIgnoreCase("PKIX")) {
Collection<? extends CRL> crlList = loadCRL();
@@ -107,13 +108,18 @@ public class SpringSslContext extends SslContext {
pkixParams.setRevocationEnabled(true);
pkixParams.addCertStore(CertStore.getInstance("Collection", new CollectionCertStoreParameters(crlList)));
tmf.init(new CertPathTrustManagerParameters(pkixParams));
+ initialized = true;
}
+
} else {
LOG.warn("Revocation checking is only supported with 'trustStoreAlgorithm=\"PKIX\"'. Ignoring CRL: " + crlPath);
}
- } else {
+ }
+
+ if (!initialized) {
tmf.init(ks);
}
+
return Arrays.asList(tmf.getTrustManagers());
}