[
https://issues.apache.org/jira/browse/ARTEMIS-1299?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jan Kalina updated ARTEMIS-1299:
--------------------------------
Description:
When I want to configure enabled SSL protocols, Netty requires to use comma
delimited list to be passed into *enabledProtocols* param:
{code}
TLSv1,TLSv1.1,TLSv1.2
{code}
(see
https://activemq.apache.org/artemis/docs/1.0.0/configuring-transports.html#configuring-netty-ssl
)
But when comma is used in value in configuration string passed into
*ActiveMQResourceAdapter.setConnectionParameters*, parsing fails:
{code}
java.lang.IllegalArgumentException: Invalid expression TLSv1.1 at
enabledProtocols=TLSv1,TLSv1.1,TLSv1.2;httpUpgradeEndpoint=http-acceptor;activemqServerName=default;httpUpgradeEnabled=true;port=8080;host=localhost
at
org.apache.activemq.artemis.ra.ActiveMQRaUtils.parseConfig(ActiveMQRaUtils.java:205)
at
org.apache.activemq.artemis.ra.ActiveMQResourceAdapter.setConnectionParameters(ActiveMQResourceAdapter.java:344)
... 15 more
{code}
This is because parser use comma to deliminate individual configurations, so
configuration
{code}
enabledProtocols=TLSv1,TLSv1.1,TLSv1.2;httpUpgradeEndpoint=http-acceptor
{code}
is parsed as
{code}
["enabledProtocols=TLSv1","TLSv1.1","TLSv1.2;httpUpgradeEndpoint=http-acceptor"]
{code}
This is design issue - comma required by netty cannot be passed into ActiveMQ
configuration value.
I set this as critical as it prevent setting more then one allowed SSLContext
protocol. (Problem especialy for IBM Java, where "TLS" does not work as alias
for other TLSv*)
was:
When I want to configure enabled SSL protocols, Netty requires to use comma
delimited list to be passed into *enabledProtocols* param:
{code}
TLSv1,TLSv1.1,TLSv1.2
{code}
(see
https://activemq.apache.org/artemis/docs/1.0.0/configuring-transports.html#configuring-netty-ssl
)
But when comma is used in value in configuration string passed into
*ActiveMQResourceAdapter.setConnectionParameters*, parsing fails:
{code}
java.lang.IllegalArgumentException: Invalid expression TLSv1.1 at
enabledProtocols=TLSv1,TLSv1.1,TLSv1.2;httpUpgradeEndpoint=http-acceptor;activemqServerName=default;httpUpgradeEnabled=true;port=8080;host=localhost
at
org.apache.activemq.artemis.ra.ActiveMQRaUtils.parseConfig(ActiveMQRaUtils.java:205)
at
org.apache.activemq.artemis.ra.ActiveMQResourceAdapter.setConnectionParameters(ActiveMQResourceAdapter.java:344)
... 15 more
{code}
This is because parser use comma to deliminate individual configurations, so
configuration
{code}
enabledProtocols=TLSv1,TLSv1.1,TLSv1.2;httpUpgradeEndpoint=http-acceptor
{code}
is parsed as
{code}
["enabledProtocols=TLSv1","TLSv1.1","TLSv1.2;httpUpgradeEndpoint=http-acceptor"]
{code}
This is design issue - comma required by netty cannot be passed into ActiveMQ
configuration value.
I set this as critical as it prevent setting more then one allowed SSLContext
protocol. (Problem especialy for IBM Java, where "TLS" does not work as alias
for other TLSs)
> Unable to configure comma delimited enabledProtocols
> ----------------------------------------------------
>
> Key: ARTEMIS-1299
> URL: https://issues.apache.org/jira/browse/ARTEMIS-1299
> Project: ActiveMQ Artemis
> Issue Type: Bug
> Components: Broker
> Affects Versions: 1.5.5
> Reporter: Jan Kalina
> Priority: Critical
>
> When I want to configure enabled SSL protocols, Netty requires to use comma
> delimited list to be passed into *enabledProtocols* param:
> {code}
> TLSv1,TLSv1.1,TLSv1.2
> {code}
> (see
> https://activemq.apache.org/artemis/docs/1.0.0/configuring-transports.html#configuring-netty-ssl
> )
> But when comma is used in value in configuration string passed into
> *ActiveMQResourceAdapter.setConnectionParameters*, parsing fails:
> {code}
> java.lang.IllegalArgumentException: Invalid expression TLSv1.1 at
> enabledProtocols=TLSv1,TLSv1.1,TLSv1.2;httpUpgradeEndpoint=http-acceptor;activemqServerName=default;httpUpgradeEnabled=true;port=8080;host=localhost
> at
> org.apache.activemq.artemis.ra.ActiveMQRaUtils.parseConfig(ActiveMQRaUtils.java:205)
> at
> org.apache.activemq.artemis.ra.ActiveMQResourceAdapter.setConnectionParameters(ActiveMQResourceAdapter.java:344)
> ... 15 more
> {code}
> This is because parser use comma to deliminate individual configurations, so
> configuration
> {code}
> enabledProtocols=TLSv1,TLSv1.1,TLSv1.2;httpUpgradeEndpoint=http-acceptor
> {code}
> is parsed as
> {code}
> ["enabledProtocols=TLSv1","TLSv1.1","TLSv1.2;httpUpgradeEndpoint=http-acceptor"]
> {code}
> This is design issue - comma required by netty cannot be passed into ActiveMQ
> configuration value.
> I set this as critical as it prevent setting more then one allowed SSLContext
> protocol. (Problem especialy for IBM Java, where "TLS" does not work as alias
> for other TLSv*)
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
