[
https://issues.apache.org/jira/browse/QPID-4858?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Robbie Gemmell resolved QPID-4858.
----------------------------------
Resolution: Fixed
> [Java Broker] HTTP management ports configured with 'HTTP' protocol and 'SSL'
> transport options will silently fail to use SSL
> -----------------------------------------------------------------------------------------------------------------------------
>
> Key: QPID-4858
> URL: https://issues.apache.org/jira/browse/QPID-4858
> Project: Qpid
> Issue Type: Bug
> Components: Java Broker
> Affects Versions: 0.21
> Reporter: Robbie Gemmell
> Assignee: Robbie Gemmell
> Priority: Blocker
> Fix For: 0.22
>
>
> HTTP management ports configured with 'HTTP' protocol and 'SSL' transport
> options will silently fail to use SSL at all.
> Since the changes made in the 0.21/0.22 development cycle for QPID-4390 and
> related JIRAs to enable management of the broker entirely through the HTTP
> management interfaces, it has become possible to configure HTTP management
> ports in a way that suggests SSL is in use when it is in fact not.
> Fix:
> Remove the HTTPS protocol option leaving only HTTP, and making all ports
> consistent in using the SSL transport value to indicate their use of SSL.
> Additional Background:
> When the HTTP management plugin was added previously, it advertised HTTPS and
> HTTP as different protocol options, despite us using the transport option
> (TCP or SSL) alone to signal use of SSL for all other protocol types (AMQP
> and JMX/RMI). The influence over whether SSL was used for the port or not was
> simply a boolean in the brokers XML configuration file to indicate HTTPS.
> With the configuration model changes from QPID-4390 etc, ports now have a
> more specific configuration that is dependent on both the specified protocols
> and transports to determine what to do but the HTTP management plugin is
> still only using HTTPS protocol value to indicate that it should use SSL and
> is ignoring the SSL transport value, however the REST interface and
> management UI allow this configuration and do not make it in any way clear
> that SSL is in fact not being used.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
