Ulf Lilleengen created DISPATCH-1028:
----------------------------------------
Summary: requireSsl:true not working for http listeners
Key: DISPATCH-1028
URL: https://issues.apache.org/jira/browse/DISPATCH-1028
Project: Qpid Dispatch
Issue Type: Bug
Reporter: Ulf Lilleengen
With the following router config, a client will be rejected even if it is
connecting using TLS. The wireshark trace indicates that the TLS handshake
completes successfully, but the router closes the connection and prints in the
log 'amqp:connection:policy-error Client connection unencrypted - forbidden'.
If i set requireSsl: false , the client is able to connect both with and
without TLS.
{code:java}
router {
mode: standalone
id: Router.A
}
sslProfile {
name: ssl_details
certFile: /etc/qpid-dispatch/tls.crt
privateKeyFile: /etc/qpid-dispatch/tls.key
}
listener {
host: 127.0.0.1
port: 8443
http: true
sslProfile: ssl_details
requireSsl: true
}
address {
prefix: q1
}
{code}
Example client:
{code:java}
sudo npm install -g cli-rhea
cli-rhea-sender --broker 127.0.0.1:8443 --address q1 --count 1
--conn-web-socket true --conn-ws-protocols binary --log-lib TRANSPORT_FRM{code}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
