activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ttmdev <joe.fernan...@ttmsolutions.com>
Subject Re: HTTPS in general not working between brokers?
Date Tue, 27 May 2008 02:04:01 GMT

Be advised that if not configured properly, Jetty's SslSocketConnector may go
into an infinite loop, and your VM quickly runs out of memory. All this
happens during broker startup. A couple of months back, someone else
encountered the same problem and engaged the Jetty professional support team
to solve the problem.  Here's what he had to say. 

"They (Jetty professional support team) copied my code and keystore and
duplicated the problem at their servers.  They were able to turn on debug
flags that I did not know existed and see an exception that Jetty was
silently burying, that showed the SSL certificate had not been loaded into
the keystore successfully.  They did something to load the certificate
differently and they tell me they got it to work.  I don't know what they
did, but they explained it in a document I have not read yet as I have been
traveling overseas."

Joe


ttmdev wrote:
> 
> I reopened AMQ-1098 and submitted a patch. HttpsTransportFactory is not
> overriding HttpTransportFactory's doBind(URI location) method; therefore,
> HttpTransportFactory's doBind(URI location) is referenced instead and thus
> you end up using a HttpTransportServer instead of HttpsTransportServer
> object.
> 
> Joe
> 
> 
> Hiram Chirino wrote:
>> 
>> Yeah.. the http/s transport does not get as much use as most other
>> connectors so it might not be up to snuff. It would be awesome if
>> interested folks to start contributing test cases and patches to get
>> it more robust.  If you interested in helping let me know and I'll get
>> you started in the right direction.
>> 
>> Regards,
>> Hiram
>> 
>> On Thu, May 15, 2008 at 12:20 PM, j0llyr0g3r
>> <timo.roessner@wincor-nixdorf.com> wrote:
>>>
>>> Hi,
>>>
>>> using the ssl-conncetor for ssl works fine but this is not what i need.
>>>
>>> Because of a http-proxy in the middle i need to use the https-connector.
>>>
>>> As described here:
>>>
>>> http://www.nabble.com/http-ok%2C-ssl-ok%2C-HTTPS--%3E-NOT-ok--td17131092s2354.html
>>>
>>> - ssl works
>>> - http work (even over proxies)
>>> - https does not work
>>>
>>> Certificates, truststores etc are configured correctly, otherwise ssl
>>> wouldn't work.
>>>
>>> So, in a nutshell, https is my problem, not ssl.
>>>
>>> All of the above led me to the conclusion that the https-connector
>>> simply
>>> doesn't work at all (see my thread above).....
>>>
>>> The sparse documentation about this is either wrong or inaccurate, just
>>> using
>>>
>>> https://foo:3434
>>>
>>> does not work even if all prerequisites like certificates etc. are
>>> fullfilled.
>>>
>>> Any more ideas?
>>> --
>>> View this message in context:
>>> http://www.nabble.com/HTTPS-in-general-not-working-between-brokers--tp17229631s2354p17257072.html
>>> Sent from the ActiveMQ - User mailing list archive at Nabble.com.
>>>
>>>
>> 
>> 
>> 
>> -- 
>> Regards,
>> Hiram
>> 
>> Blog: http://hiramchirino.com
>> 
>> Open Source SOA
>> http://open.iona.com
>> 
>> 
> 
> 

-- 
View this message in context: http://www.nabble.com/HTTPS-in-general-not-working-between-brokers--tp17229631s2354p17481780.html
Sent from the ActiveMQ - User mailing list archive at Nabble.com.


Mime
View raw message