[
https://issues.apache.org/jira/browse/AMQ-5008?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Dejan Bosanac resolved AMQ-5008.
--------------------------------
Resolution: Fixed
Fix Version/s: 5.12.0
Assignee: Dejan Bosanac
This is now fixed with
http://git-wip-us.apache.org/repos/asf/activemq/commit/0fd174b9
More docs available at:
http://activemq.apache.org/how-do-i-use-ssl.html#HowdoIuseSSL-Certificaterevocation
> Support for certificate revocation checking (with patch)
> --------------------------------------------------------
>
> Key: AMQ-5008
> URL: https://issues.apache.org/jira/browse/AMQ-5008
> Project: ActiveMQ
> Issue Type: New Feature
> Components: Connector
> Reporter: Michal Růžička
> Assignee: Dejan Bosanac
> Priority: Minor
> Fix For: 5.12.0
>
> Attachments: CRL_checking.patch
>
>
> Currently it's possible to require client authentication during SSL/TLS
> handshake by adding {{needClientAuth=true}} query string to the respective
> connector URI. But it is not possible to configure revocation checking of the
> certificate submitted by the client.
> The attached patch adds the capability by introducing a new attribute -
> {{crl}} - of the {{org.apache.activemq.spring.SpringSslContext}} class and
> updating the
> {{org.apache.activemq.spring.SpringSslContext.createTrustManagers()}} method
> to make use of the value specified for the attribute in the corresponding
> {{<sslContext />}} tag as appropriate.
> The code is inspired by a similar code in jetty webserver:
> https://github.com/eclipse/jetty.project/blob/release-9/jetty-util/src/main/java/org/eclipse/jetty/util/ssl/SslContextFactory.java#L927-L965
> Please consider it for merging.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
