activemq-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Timothy Bish (JIRA)" <j...@apache.org>
Subject [jira] Resolved: (AMQCPP-348) Allow unverified SSL peer
Date Mon, 07 Feb 2011 19:56:57 GMT

     [ https://issues.apache.org/jira/browse/AMQCPP-348?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Timothy Bish resolved AMQCPP-348.
---------------------------------

    Resolution: Fixed

Added code to check for the property "decaf.net.ssl.disablePeerVerification" and disable all
verification if true.

client code sets via:

{noformat}
System::setProperty( "decaf.net.ssl.disablePeerVerification", "true" )
{noformat}

> Allow unverified SSL peer
> -------------------------
>
>                 Key: AMQCPP-348
>                 URL: https://issues.apache.org/jira/browse/AMQCPP-348
>             Project: ActiveMQ C++ Client
>          Issue Type: Improvement
>    Affects Versions: 3.2.4
>            Reporter: Kevin Quick
>            Assignee: Timothy Bish
>            Priority: Minor
>             Fix For: 3.2.5, 3.3.0
>
>
> When using an ssl: connection, attempting to only provide a client certificate via:
>             decaf::lang::System::setProperty("decaf.net.ssl.keyStore", certfile);
> fails with the following:
> Error occurred while accessing an OpenSSL library method:
> error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
> Init failure ERROR: Error occurred while accessing an OpenSSL library method:
> error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
> It would be nice if the library would set peer_verify to false if no decaf.net.ssl.trustStore
was provided to allow the client to bypass verification of the broker.

-- 
This message is automatically generated by JIRA.
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message