You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@activemq.apache.org by de...@apache.org on 2015/07/01 12:09:18 UTC

activemq git commit: https://issues.apache.org/jira/browse/AMQ-5008 - fix the case then crlPath is defined and trustStoreAlgorithm is not PKIX

Repository: activemq
Updated Branches:
  refs/heads/master 10ae0d9d6 -> a53d4cf7b


https://issues.apache.org/jira/browse/AMQ-5008 - fix the case then crlPath is defined and trustStoreAlgorithm is not PKIX


Project: http://git-wip-us.apache.org/repos/asf/activemq/repo
Commit: http://git-wip-us.apache.org/repos/asf/activemq/commit/a53d4cf7
Tree: http://git-wip-us.apache.org/repos/asf/activemq/tree/a53d4cf7
Diff: http://git-wip-us.apache.org/repos/asf/activemq/diff/a53d4cf7

Branch: refs/heads/master
Commit: a53d4cf7bf4de769d59850c33346c59ee8035aea
Parents: 10ae0d9
Author: Dejan Bosanac <de...@nighttale.net>
Authored: Wed Jul 1 12:08:57 2015 +0200
Committer: Dejan Bosanac <de...@nighttale.net>
Committed: Wed Jul 1 12:09:07 2015 +0200

----------------------------------------------------------------------
 .../java/org/apache/activemq/spring/SpringSslContext.java    | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/activemq/blob/a53d4cf7/activemq-spring/src/main/java/org/apache/activemq/spring/SpringSslContext.java
----------------------------------------------------------------------
diff --git a/activemq-spring/src/main/java/org/apache/activemq/spring/SpringSslContext.java b/activemq-spring/src/main/java/org/apache/activemq/spring/SpringSslContext.java
index c74103b..57cc1d7 100644
--- a/activemq-spring/src/main/java/org/apache/activemq/spring/SpringSslContext.java
+++ b/activemq-spring/src/main/java/org/apache/activemq/spring/SpringSslContext.java
@@ -98,6 +98,7 @@ public class SpringSslContext extends SslContext {
             return new ArrayList<TrustManager>(0);
         }
         TrustManagerFactory tmf  = TrustManagerFactory.getInstance(trustStoreAlgorithm);
+        boolean initialized = false;
         if (crlPath != null) {
             if (trustStoreAlgorithm.equalsIgnoreCase("PKIX")) {
                 Collection<? extends CRL> crlList = loadCRL();
@@ -107,13 +108,18 @@ public class SpringSslContext extends SslContext {
                     pkixParams.setRevocationEnabled(true);
                     pkixParams.addCertStore(CertStore.getInstance("Collection", new CollectionCertStoreParameters(crlList)));
                     tmf.init(new CertPathTrustManagerParameters(pkixParams));
+                    initialized = true;
                 }
+
             } else {
                 LOG.warn("Revocation checking is only supported with 'trustStoreAlgorithm=\"PKIX\"'. Ignoring CRL: " + crlPath);
             }
-        } else {
+        }
+
+        if (!initialized) {
             tmf.init(ks);
         }
+
         return Arrays.asList(tmf.getTrustManagers());
     }