[
https://issues.apache.org/jira/browse/QPID-8302?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16832825#comment-16832825
]
ASF GitHub Bot commented on QPID-8302:
--------------------------------------
alex-rufous commented on pull request #27: QPID-8302: [Broker-J] Validate
whether private key matches certificate on NonKeystoreTrustore certificate
update
URL: https://github.com/apache/qpid-broker-j/pull/27
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
> [Broker-J] NonKeystoreTrustore does not validate private key and certificate
> matching on certificate update
> -----------------------------------------------------------------------------------------------------------
>
> Key: QPID-8302
> URL: https://issues.apache.org/jira/browse/QPID-8302
> Project: Qpid
> Issue Type: Bug
> Components: Broker-J
> Affects Versions: qpid-java-broker-7.1.2
> Reporter: Alex Rudyy
> Assignee: Alex Rudyy
> Priority: Major
> Fix For: qpid-java-broker-8.0.0, qpid-java-broker-7.1.3
>
>
> NonJavaKeystore does not validate whether private key and certificate are
> matching on certificate update. In result of human error the certificate can
> be updated to the wrong one and after broker restart the TLS stops working.
> The validation should be improved to verify that private key matches the
> certificate
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
