You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@activemq.apache.org by "Mike Hearn (JIRA)" <ji...@apache.org> on 2016/07/27 14:16:20 UTC

[jira] [Created] (ARTEMIS-656) Artemis does not seem to check the hostname on SSL / TLS connect

Mike Hearn created ARTEMIS-656:
----------------------------------

             Summary: Artemis does not seem to check the hostname on SSL / TLS connect
                 Key: ARTEMIS-656
                 URL: https://issues.apache.org/jira/browse/ARTEMIS-656
             Project: ActiveMQ Artemis
          Issue Type: Bug
    Affects Versions: 1.3.0
            Reporter: Mike Hearn


(I am reporting this second hand, please let me know if this bug report doesn't sound right).

Artemis doesn't configure a trust manager when connecting bridges, so there's no attempt to verify that the hostname of the target broker matches the one that triggered the connection. An example fix might be

sslparameters.setEndpointIdentificationAlgorithm("HTTPS")

and then pass the hostname/port into the SSLEngine constructor.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)