You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@activemq.apache.org by "Gary Tully (JIRA)" <ji...@apache.org> on 2017/04/27 11:10:04 UTC
[jira] [Resolved] (AMQ-6665) certificate-based authentication on
network bridge fails for nio+ssl protocol
[ https://issues.apache.org/jira/browse/AMQ-6665?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Gary Tully resolved AMQ-6665.
-----------------------------
Resolution: Fixed
issue was nio+ssl transport not extending SslTtransport but since AMQ-6339 the relevant getPeerCerts is pushed back to tcpTransport. Now checking for that in the network bridge
> certificate-based authentication on network bridge fails for nio+ssl protocol
> -----------------------------------------------------------------------------
>
> Key: AMQ-6665
> URL: https://issues.apache.org/jira/browse/AMQ-6665
> Project: ActiveMQ
> Issue Type: Bug
> Components: networkbridge
> Affects Versions: 5.14.0
> Reporter: Gary Tully
> Assignee: Gary Tully
> Fix For: 5.15.0
>
>
> client certificate authentication works in the following scenario:
> {code}
> Broker A
> ...
> <jaasDualAuthenticationPlugin
> configuration="activemq"
> sslConfiguration="CertLogin" />
> ...
> <transportConnector name="sslTransportConnector" uri="ssl://0.0.0.0:61618?needClientAuth=true&wantClientAuth=true"/>
> {code}
> Broker B
> {code}
> ...
> networkConnector uri="static://(ssl://localhost:61618)" name="myNetworkConnector" duplex="true" consumerTTL="2" messageTTL="100" dynamicOnly="false">
> ...
> {code}
> But if you change the transport to nio+ssl, the network connector fails with the following message:
> {code}
> INFO | Stopping vm://localhosta#0 because Failed with SecurityException: User name [null] or password is invalid.
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)