activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Raul Valdoleiros <raul.valdoleiros.olive...@gmail.com>
Subject Re: Artemis CRL
Date Mon, 11 Dec 2017 09:06:10 GMT
Hi Justin,

What I did is available in the commit:
https://github.com/Skiler/activemq-artemis/commit/2e67595c30856666eb62122906b22a3398f9de47
Definitely I did something wrong, perhaps some basic mistake. I

Thanks in advance,
Raul

2017-12-08 20:51 GMT+00:00 Justin Bertram <jbertram@apache.org>:

> FYI - I opened ARTEMIS-1548 [1] for this.
>
>
> Justin
>
> [1] https://issues.apache.org/jira/browse/ARTEMIS-1548
>
> On Thu, Dec 7, 2017 at 6:54 PM, Justin Bertram <jbertram@apache.org>
> wrote:
>
> > > I  copied the code and the certificates from activemq.
> >
> > What code and certs did you copy and where did you copy it to?
> >
> > > My guess is artemis is delegating the ssl infrastructure in Netty and
> > netty isn't supporting CRL by default. Not sure about it.
> >
> > The SSL handshake is done by Netty in Artemis.  However, the SSLContext
> > used (which includes the trust manager) is created by Artemis itself in
> the
> > class I specified in my previous email.
> >
> > > I need ocsp too, i thought i could add copy both features to artemis.
> No
> > luck until now.
> >
> > I don't think it will be too hard to implement both in Artemis.  I'll
> give
> > it a closer look when I get the chance.
> >
> >
> > Justin
> >
> > On Thu, Dec 7, 2017 at 4:23 PM, Raul Valdoleiros <
> > raul.valdoleiros.oliveira@gmail.com> wrote:
> >
> >> Hi Justin,
> >>
> >> I already try it ( i tried before send the e-mail), and didn't work. I
> >> copied the code and the certificates from activemq. My guess is artemis
> is
> >> delegating the ssl infrastructure in Netty and netty isn't supporting
> CRL
> >> by default. Not sure about it. I'm assuming activemq don't use netty.
> >> I need ocsp too, i thought i could add copy both features to artemis. No
> >> luck until now.
> >>
> >> Thanks in advance,
> >> Raul
> >>
> >>
> >> Em 07/12/2017 5:36 p.m., "Justin Bertram" <jbertram@redhat.com>
> escreveu:
> >>
> >> Artemis doesn't support CRL.  However, you should be able to adapt
> what's
> >> done in 5.x in org.apache.activemq.spring.SpringSslContext to work in
> >> Artemis in org.apache.activemq.artemis.core.remoting.impl.ssl.
> SSLSupport.
> >> Let me know if you're moving forward with this work otherwise I'll take
> a
> >> closer look.
> >>
> >>
> >> Justin
> >>
> >> On Thu, Dec 7, 2017 at 2:27 AM, Raul Valdoleiros <
> >> raul.valdoleiros.oliveira@gmail.com> wrote:
> >>
> >> > Hi,
> >> >
> >> > Artemis support certificate revogation list? If not, i'm available to
> >> try
> >> > implement it if you give some insights about it.
> >> >
> >> > Thanks in advance,
> >> > Raul
> >> >
> >>
> >
> >
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message