You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@qpid.apache.org by "ASF GitHub Bot (Jira)" <ji...@apache.org> on 2021/02/10 21:36:00 UTC

[jira] [Commented] (DISPATCH-1903) Remote upload of certificate files for new TLS configurations

    [ https://issues.apache.org/jira/browse/DISPATCH-1903?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17282734#comment-17282734 ] 

ASF GitHub Bot commented on DISPATCH-1903:
------------------------------------------

ted-ross opened a new pull request #1025:
URL: https://github.com/apache/qpid-dispatch/pull/1025


   …of temp files for SSL profiles.
   
   Added policy and policy enforcement for the temporary file store.
   Return appropriate disposition for messages handled.
   Added a test for file transfer and the all the error/policy-reject cases.  This tests the disposition return path introduced in DISPATCH-1911.
   Use "tmp:" prefix to refer to temporary files in sslProfile.


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


> Remote upload of certificate files for new TLS configurations
> -------------------------------------------------------------
>
>                 Key: DISPATCH-1903
>                 URL: https://issues.apache.org/jira/browse/DISPATCH-1903
>             Project: Qpid Dispatch
>          Issue Type: New Feature
>          Components: Container
>            Reporter: Ted Ross
>            Assignee: Ted Ross
>            Priority: Major
>             Fix For: 1.16.0
>
>
> Currently, when using the management protocol to create new SSL-profiles, those profiles must access certificate files that are already placed in the file system.  In other words, in order to create an SSL-profile on a running router, files must first be placed on the file system in a location accessible by the router.  This may be problematic in cases where the router is remote from the managing agent, or when containerization limits access to the router's underlying file system.
> This new feature allows a managing agent to remotely inject files into a running router to be stored in temporary file storage.  These files are usable in sslProfile management entities (by specifying the files without an absolute path).  The temporary files are removed from the file system on router shutdown.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org