You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@qpid.apache.org by "Alex Rudyy (JIRA)" <ji...@apache.org> on 2019/05/06 08:43:00 UTC
[jira] [Updated] (QPID-8302) [Broker-J] NonJavaKeystore does not
validate private key and certificate matching on certificate update
[ https://issues.apache.org/jira/browse/QPID-8302?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Alex Rudyy updated QPID-8302:
-----------------------------
Summary: [Broker-J] NonJavaKeystore does not validate private key and certificate matching on certificate update (was: [Broker-J] NonKeystoreTrustore does not validate private key and certificate matching on certificate update)
> [Broker-J] NonJavaKeystore does not validate private key and certificate matching on certificate update
> -------------------------------------------------------------------------------------------------------
>
> Key: QPID-8302
> URL: https://issues.apache.org/jira/browse/QPID-8302
> Project: Qpid
> Issue Type: Bug
> Components: Broker-J
> Affects Versions: qpid-java-broker-7.1.2
> Reporter: Alex Rudyy
> Assignee: Alex Rudyy
> Priority: Major
> Fix For: qpid-java-broker-8.0.0, qpid-java-broker-7.1.3
>
>
> NonJavaKeystore does not validate whether private key and certificate are matching on certificate update. In result of human error the certificate can be updated to the wrong one and after broker restart the TLS stops working. The validation should be improved to verify that private key matches the certificate
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org