activemq-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Brian Reinhold (JIRA)" <j...@apache.org>
Subject [jira] [Created] (APLO-341) SSL server configuration does not support separate truststore
Date Sun, 24 Nov 2013 21:35:35 GMT
Brian Reinhold created APLO-341:
-----------------------------------

             Summary: SSL server configuration does not support separate truststore
                 Key: APLO-341
                 URL: https://issues.apache.org/jira/browse/APLO-341
             Project: ActiveMQ Apollo
          Issue Type: Improvement
          Components: apollo-dto
    Affects Versions: 1.6
         Environment: Windows 7 Java: Suspect all environements
            Reporter: Brian Reinhold


When trying to configure the apollo broker to support client authentication there is no support
for placing trusted client certificates in a separate truststore. One must place the certificates
in the keystore containing the server's private key.

The common practice (as also done in ActiveMQ) is to place trusted certificates in a truststore
that contains only trusted certificates (one may wish to interactively add trusted client
certificates to this truststore) whereas the keystore containing the private key is locked
up tight as a drum.



--
This message was sent by Atlassian JIRA
(v6.1#6144)

Mime
View raw message