activemq-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dejan Bosanac (JIRA)" <>
Subject [jira] [Resolved] (AMQ-5008) Support for certificate revocation checking (with patch)
Date Tue, 31 Mar 2015 08:59:52 GMT


Dejan Bosanac resolved AMQ-5008.
       Resolution: Fixed
    Fix Version/s: 5.12.0
         Assignee: Dejan Bosanac

This is now fixed with

More docs available at:

> Support for certificate revocation checking (with patch)
> --------------------------------------------------------
>                 Key: AMQ-5008
>                 URL:
>             Project: ActiveMQ
>          Issue Type: New Feature
>          Components: Connector
>            Reporter: Michal Růžička
>            Assignee: Dejan Bosanac
>            Priority: Minor
>             Fix For: 5.12.0
>         Attachments: CRL_checking.patch
> Currently it's possible to require client authentication during SSL/TLS handshake by
adding {{needClientAuth=true}} query string to the respective connector URI. But it is not
possible to configure revocation checking of the certificate submitted by the client.
> The attached patch adds the capability by introducing a new attribute - {{crl}} - of
the {{org.apache.activemq.spring.SpringSslContext}} class and updating the {{org.apache.activemq.spring.SpringSslContext.createTrustManagers()}}
method to make use of the value specified for the attribute in the corresponding {{<sslContext
/>}} tag as appropriate.
> The code is inspired by a similar code in jetty webserver:
> Please consider it for merging.

This message was sent by Atlassian JIRA

View raw message