activemq-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Straun (JIRA)" <j...@apache.org>
Subject [jira] Created: (AMQ-2848) JmsBridgeConnectors need to be able to use the broker sslContext
Date Fri, 23 Jul 2010 13:09:51 GMT
JmsBridgeConnectors need to be able to use the broker sslContext
----------------------------------------------------------------

                 Key: AMQ-2848
                 URL: https://issues.apache.org/activemq/browse/AMQ-2848
             Project: ActiveMQ
          Issue Type: Improvement
          Components: Broker, Connector, Transport
    Affects Versions: 5.3.2
         Environment: all
            Reporter: Straun
            Priority: Minor


Currently if you specify a JmsBridgeConnection, with an outbound connection factory where
the broker URL is using the SSL transport, the only way you can control its SSL connection
details (keystore etc.) is via the VM level SSL_OPTS method. This is because the ActiveMQConnectionFactory
is configured outside the broker and so does not use its SslContext which is broker specific.
Fundamentally the SSL connection details are related to the connections, rather than the broker
or the whole VM; so it would make sense to be able to configure each and every 'connection'
in the broker with a potentially different SslContext. JMS bridge connections are highly likely
to require SSL connections as they tend to connect distinct networks, client connections are
also likely to use SSL and there is no easy way to configure those either.
So, the suggestion is that broker URL parameters be used to provide the details of the path
to the keystore, truststore and their password. In this way the SslTransportFactory can decipher
the required SslContext. If no connection specific parameters are used then the transport
factory should fall back on the broker level SSL context, and if there was none defined then
the VM level SSL context would be the default. Named SslContext objects might also be a solution.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message