activemq-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Justin Bertram (JIRA)" <>
Subject [jira] [Commented] (ARTEMIS-206) HTTP Upgrade does not work over HTTPS
Date Fri, 28 Aug 2015 16:25:45 GMT


Justin Bertram commented on ARTEMIS-206:

I changed org.apache.activemq.artemis.tests.integration.transports.netty.NettyConnectorWithHTTPUpgradeTest
to use SSL, and everything appears to work as expected.  I didn't make any changes to the
NettyConnector.  If the client's connector has sslEnabled=true then it will already create
the SslHandler and add it to the Netty pipeline to handle the SSL handshake.

I've pushed my test code to
so you can take a look to see if I've done anything incorrectly.  There's some kind of thread
leak when the test is torn down, but the test passes.

> HTTP Upgrade does not work over HTTPS
> -------------------------------------
>                 Key: ARTEMIS-206
>                 URL:
>             Project: ActiveMQ Artemis
>          Issue Type: Bug
>          Components: Broker
>    Affects Versions: 1.0.0
>            Reporter: Jeff Mesnil
>            Assignee: Justin Bertram
> For security reasons, we need to support creating Artemis connections over HTTPS Upgrade.
> Currently, the Upgrade code works only over HTTP.
> We need to also support it over HTTPS for increased security.
> This means that the NettyConnector code that deals with httpUpgradeEnabled must also
check if sslEnabled is set.
> If that's the case, the GET request to upgrade the connection must be done over HTTPS
instead of HTTP (and add Netty's SSLHandler to handle the SSL handshake)

This message was sent by Atlassian JIRA

View raw message