You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@activemq.apache.org by "Diptesh Chakraborty (JIRA)" <ji...@apache.org> on 2019/08/15 14:20:00 UTC

[jira] [Created] (AMQ-7276) Unable to establish mutual authentication through HTTPS transport

Diptesh Chakraborty created AMQ-7276:
----------------------------------------

             Summary: Unable to establish mutual authentication through HTTPS transport
                 Key: AMQ-7276
                 URL: https://issues.apache.org/jira/browse/AMQ-7276
             Project: ActiveMQ
          Issue Type: Bug
    Affects Versions: 5.11.0
            Reporter: Diptesh Chakraborty


I am trying to establish mutual authentication over HTTPS transport but found that only the one way authentication is established.

Below is my code snippet:

 

+*Client Java Program:*+
{code:java}
System.setProperty("javax.net.ssl.keyStore", "D://project//test//POC//client.ks");
System.setProperty("javax.net.ssl.keyStorePassword", "password");
System.setProperty("javax.net.ssl.trustStore", "D://project//test//POC//client.ts");
System.setProperty("javax.net.ssl.trustStorePassword", "password");

cf=new ActiveMQConnectionFactory("https://localhost:8443");
con=cf.createConnection();
Session s=con.createSession(false,Session.AUTO_ACKNOWLEDGE);
Destination d;
d=s.createQueue("TestQueue");
MessageProducer mp;
mp=s.createProducer(d);
con.start();
// prepare the message
mp.send(message){code}
+*Active MQ configuration*+

 
{code:java}
// <transportConnector name="https" uri="https://localhost:8443?transport.needClientAuth=true"/>

<sslContext>
   <sslContext keyStore="file:D:/project/test/POC/broker.ks"
    keyStorePassword="password"
    trustStore="file:D:/project/test/POC/broker.ts"
    trustStorePassword="password"/>
</sslContext>{code}
 

While running the program, the message is being sent successfully but I am not finding any difference in the logs if "*needClientAuth*" is set to *false*.

If the transport connector is changed from https to ssl, I can view the detailed ssl handshake logs which implies that "Mutual Authentication" has been established



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)