Return-Path: 
 <dev-return-33976-apmail-activemq-dev-archive=activemq.apache.org@activemq.apache.org>
X-Original-To: apmail-activemq-dev-archive@www.apache.org
Delivered-To: apmail-activemq-dev-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 22503D93B
	for <apmail-activemq-dev-archive@www.apache.org>;
 Thu, 18 Oct 2012 12:40:06 +0000 (UTC)
Received: (qmail 34109 invoked by uid 500); 18 Oct 2012 12:40:05 -0000
Delivered-To: apmail-activemq-dev-archive@activemq.apache.org
Received: (qmail 34039 invoked by uid 500); 18 Oct 2012 12:40:05 -0000
Mailing-List: contact dev-help@activemq.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:dev-help@activemq.apache.org>
List-Unsubscribe: <mailto:dev-unsubscribe@activemq.apache.org>
List-Post: <mailto:dev@activemq.apache.org>
List-Id: <dev.activemq.apache.org>
Reply-To: dev@activemq.apache.org
Delivered-To: mailing list dev@activemq.apache.org
Received: (qmail 34012 invoked by uid 99); 18 Oct 2012 12:40:04 -0000
Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28)
    by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 18 Oct 2012 12:40:04 +0000
Date: Thu, 18 Oct 2012 12:40:04 +0000 (UTC)
From: "Christian Posta (JIRA)" <jira@apache.org>
To: dev@activemq.apache.org
Message-ID: <472972713.63723.1350564004205.JavaMail.jiratomcat@arcas>
In-Reply-To: <123435144.5344.1346140327789.JavaMail.jiratomcat@arcas>
Subject: [jira] [Commented] (AMQ-3996) NIO + SSL: Client certificates are
 null
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394


    [ https://issues.apache.org/jira/browse/AMQ-3996?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13478953#comment-13478953 ] 

Christian Posta commented on AMQ-3996:
--------------------------------------

Tried it out, and it works.

At first I was getting the same errors that Lionel was getting (it got past that part in JaasCertificateAuthenticationBroker.addConnection() where it was making sure the TransportContext was an instance of X509Certificate which is where it was failing previously, but then it would fail at the call to LoginContext.login() with User name [null] or password invalid error) but then I changed the user.properties a little bit to match what the client was presenting in its cert and my tests passed.
                
> NIO + SSL: Client certificates are null
> ---------------------------------------
>
>                 Key: AMQ-3996
>                 URL: https://issues.apache.org/jira/browse/AMQ-3996
>             Project: ActiveMQ
>          Issue Type: Bug
>    Affects Versions: 5.6.0, 5.7.0
>            Reporter: Francesco Romano
>            Assignee: Timothy Bish
>             Fix For: 5.8.0
>
>         Attachments: broker-jaas-ssl-nio.xml, nio+ssl.png, NIOSSLTransportWithJaasCertificateAuthBrokerTest.java, NIOSSLTransportWithJaasCertificateAuthBrokerTest.java, NIOSSLTransportWithJaasCertificateAuthBrokerTest.java, ssl.png
>
>
> If using protocol nio+ssl, the ConnectionInfo transportContext property does not contains peer certificates (which are present in the plain tcp ssl transport).
> The problem is that in the NIO transport, calling sslSession.getPeerCertificates() returns null.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira