Mailing-List: contact dev-help@activemq.apache.org; run by ezmlm
Precedence: bulk
Reply-To: dev@activemq.apache.org
Date: Tue, 13 Nov 2012 16:12:13 +0000 (UTC)
From: "Jeffrey B (JIRA)" <jira@apache.org>
To: dev@activemq.apache.org
Message-ID: <254622217.108441.1352823133234.JavaMail.jiratomcat@arcas>
Subject: [jira] [Created] (AMQCPP-438) ssl doesnt match the hostname when
 there are multiple CN's
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit

Jeffrey B created AMQCPP-438:
--------------------------------

             Summary: ssl doesnt match the hostname when there are multiple CN's
                 Key: AMQCPP-438
                 URL: https://issues.apache.org/jira/browse/AMQCPP-438
             Project: ActiveMQ C++ Client
          Issue Type: Bug
          Components: Decaf
    Affects Versions: 3.4.4
         Environment: HPUX 11.31, but this is not likely important
            Reporter: Jeffrey B
            Assignee: Timothy Bish


If the ssl certificate on the server has its hostname in the cn field to be compatable, but it also has other cn's on the same entry, which openssl allows and we always use for all of our certificates, the file OpenSSLSocket.cpp finds that they do not match.
It is only checking one item, so it is not iterating through different cn's.  This sometimes returns the error that the servers certificate did not match the hostname, and sometimes it simply says that peer did not send his wireformat.  This has no doesnt have an option to diable it like in NMS, at least not that I ahave found.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira