[jira] [Commented] (AMQ-7276) Unable to establish mutual authentication through HTTPS transport

Fri, 16 Aug 2019 09:49:58 -0700 


    [ 
https://issues.apache.org/jira/browse/AMQ-7276?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16909210#comment-16909210
 ] 

Diptesh Chakraborty commented on AMQ-7276:
------------------------------------------

For once, I have been able to establish the TLS MA over HTTPs and found the 
"Certificate Request"  and "Certificate Verify" in the handshake logs.

But executing the same program again, does not work.

> Unable to establish mutual authentication through HTTPS transport
> -----------------------------------------------------------------
>
>                 Key: AMQ-7276
>                 URL: https://issues.apache.org/jira/browse/AMQ-7276
>             Project: ActiveMQ
>          Issue Type: Bug
>    Affects Versions: 5.11.0, 5.15.9
>            Reporter: Diptesh Chakraborty
>            Priority: Major
>              Labels: mutualSSL
>
> I am trying to establish mutual authentication over HTTPS transport but found 
> that only the one way authentication is established.
> Below is my code snippet:
>  
> +*Client Java Program:*+
> {code:java}
> System.setProperty("javax.net.ssl.keyStore", 
> "D://project//test//POC//client.ks");
> System.setProperty("javax.net.ssl.keyStorePassword", "password");
> System.setProperty("javax.net.ssl.trustStore", 
> "D://project//test//POC//client.ts");
> System.setProperty("javax.net.ssl.trustStorePassword", "password");
> cf=new ActiveMQConnectionFactory("https://localhost:8443";);
> con=cf.createConnection();
> Session s=con.createSession(false,Session.AUTO_ACKNOWLEDGE);
> Destination d;
> d=s.createQueue("TestQueue");
> MessageProducer mp;
> mp=s.createProducer(d);
> con.start();
> // prepare the message
> mp.send(message){code}
> +*Active MQ configuration*+
>  
> {code:java}
> <transportConnector name="https" 
> uri="https://localhost:8443?transport.needClientAuth=true"/>
> <sslContext>
>    <sslContext keyStore="file:D:/project/test/POC/broker.ks"
>     keyStorePassword="password"
>     trustStore="file:D:/project/test/POC/broker.ts"
>     trustStorePassword="password"/>
> </sslContext>{code}
>  
> While running the program, the message is being sent successfully but I am 
> not finding any difference in the logs if "*needClientAuth*" is set to 
> *false*.
> If the transport connector is changed from https to ssl, I can view the 
> detailed ssl handshake logs which implies that "Mutual Authentication" has 
> been established



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

Reply via email to