Jeffrey B created AMQCPP-530:
--------------------------------
Summary: SSL does not find hostname in cert with multiple cn's in
dc
Key: AMQCPP-530
URL: https://issues.apache.org/jira/browse/AMQCPP-530
Project: ActiveMQ C++ Client
Issue Type: Bug
Components: Decaf
Affects Versions: 3.8.2
Environment: unix
Reporter: Jeffrey B
Assignee: Timothy Bish
Priority: Minor
The SSL certs that we use contain multiple cn's in the dn, such as
dn="cn=%1, cn=hostname, cn=app, cn=project, ou=team, o=company, c=ww"
I do not know why they are created in this way. It is probably something legacy
related. Anyway, with this ActiveMQ cpp will not find the hostname from the dn
and fail dual ssl authentication.
Here is a page on openssl that states the specific limitation of the method
used in the code
http://www.openssl.org/docs/crypto/X509_NAME_get_index_by_NID.html
And this link shows an example usage of the suggested method
http://h71000.www7.hp.com/doc/83final/ba554_90007/rn02re186.html
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)
