[
https://issues.apache.org/jira/browse/PROTON-1447?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15947378#comment-15947378
]
Rob Godfrey commented on PROTON-1447:
-------------------------------------
Need to add a new test that verifies that certs signed by each of the CAs will
be trusted before resolving this
> Unable to provide multiple certificates using setTrustedCaDb
> ------------------------------------------------------------
>
> Key: PROTON-1447
> URL: https://issues.apache.org/jira/browse/PROTON-1447
> Project: Qpid Proton
> Issue Type: Bug
> Components: proton-j
> Affects Versions: 0.15.0
> Environment: JDK 1.8.0_121
> Reporter: Priyanka Mathur
> Assignee: Rob Godfrey
> Priority: Blocker
>
> Using
> http://qpid.apache.org/releases/qpid-proton-0.9.1/proton/java/api/org/apache/qpid/proton/engine/impl/ssl/SslDomainImpl.html#setTrustedCaDb(java.lang.String)
> to set the certificate will work only on the top most certificate provided
> in the input stream because readCertificate from SslEngineFacadeFactory.java
> uses generateCertificate which gets only the first certificate that holds
> between "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----". If
> more than one are provided then you either need to loop and take one at a
> time calling generateCertificate or use generateCertificates. Please provide
> a fix for this asap as this is blocking our roll out of further certificates.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
