activemq-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Brian Reinhold (JIRA)" <>
Subject [jira] [Created] (APLO-341) SSL server configuration does not support separate truststore
Date Sun, 24 Nov 2013 21:35:35 GMT
Brian Reinhold created APLO-341:

             Summary: SSL server configuration does not support separate truststore
                 Key: APLO-341
             Project: ActiveMQ Apollo
          Issue Type: Improvement
          Components: apollo-dto
    Affects Versions: 1.6
         Environment: Windows 7 Java: Suspect all environements
            Reporter: Brian Reinhold

When trying to configure the apollo broker to support client authentication there is no support
for placing trusted client certificates in a separate truststore. One must place the certificates
in the keystore containing the server's private key.

The common practice (as also done in ActiveMQ) is to place trusted certificates in a truststore
that contains only trusted certificates (one may wish to interactively add trusted client
certificates to this truststore) whereas the keystore containing the private key is locked
up tight as a drum.

This message was sent by Atlassian JIRA

View raw message