activemq-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Justin Bertram (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (ARTEMIS-206) HTTP Upgrade does not work over HTTPS
Date Fri, 28 Aug 2015 16:25:45 GMT

    [ https://issues.apache.org/jira/browse/ARTEMIS-206?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14720121#comment-14720121
] 

Justin Bertram commented on ARTEMIS-206:
----------------------------------------

I changed org.apache.activemq.artemis.tests.integration.transports.netty.NettyConnectorWithHTTPUpgradeTest
to use SSL, and everything appears to work as expected.  I didn't make any changes to the
NettyConnector.  If the client's connector has sslEnabled=true then it will already create
the SslHandler and add it to the Netty pipeline to handle the SSL handshake.

I've pushed my test code to https://github.com/jbertram/activemq-artemis/tree/ARTEMIS-206
so you can take a look to see if I've done anything incorrectly.  There's some kind of thread
leak when the test is torn down, but the test passes.

> HTTP Upgrade does not work over HTTPS
> -------------------------------------
>
>                 Key: ARTEMIS-206
>                 URL: https://issues.apache.org/jira/browse/ARTEMIS-206
>             Project: ActiveMQ Artemis
>          Issue Type: Bug
>          Components: Broker
>    Affects Versions: 1.0.0
>            Reporter: Jeff Mesnil
>            Assignee: Justin Bertram
>
> For security reasons, we need to support creating Artemis connections over HTTPS Upgrade.
> Currently, the Upgrade code works only over HTTP.
> We need to also support it over HTTPS for increased security.
> This means that the NettyConnector code that deals with httpUpgradeEnabled must also
check if sslEnabled is set.
> If that's the case, the GET request to upgrade the connection must be done over HTTPS
instead of HTTP (and add Netty's SSLHandler to handle the SSL handshake)



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message