activemq-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Guy Allard (Created) (JIRA)" <j...@apache.org>
Subject [jira] [Created] (APLO-186) Using ?client_auth=need Still Allows SSL Connections with no Client Cert
Date Sat, 07 Apr 2012 19:26:16 GMT
Using ?client_auth=need Still Allows SSL Connections with no Client Cert
------------------------------------------------------------------------

                 Key: APLO-186
                 URL: https://issues.apache.org/jira/browse/APLO-186
             Project: ActiveMQ Apollo
          Issue Type: Bug
          Components: apollo-broker
    Affects Versions: 1.2
         Environment: Ubuntu 11.10

java version "1.6.0_23"
OpenJDK Runtime Environment (IcedTea6 1.11pre) (6b23~pre11-0ubuntu1.11.10.2)
OpenJDK 64-Bit Server VM (build 20.0-b11, mixed mode)

Apollo: apache-apollo-99-trunk-20120404.190241-13-unix-distro.tar.gz 

Snips:

    <authentication enabled="false"/>

  <connector id="tls" bind="tls://0.0.0.0:62614?client_auth=need" 
	connection_limit="1000"/>

  <key_storage file="${apollo.base}/etc/keystore" password="password" key_password="password"
key_alias="servertj" />

            Reporter: Guy Allard
             Fix For: 1.2


Using the above configuration, when an SSL client connects and does *not* provide a certificate,
the connection is allowed to proceed, and succeeds.

This is either:

a) a bug
b) a configuration issue

If the above configuration is insufficient for full SSL only authorization please advise on
the requirements.

Thanks, Guy


--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message