[
https://issues.apache.org/jira/browse/ARTEMIS-2961?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17221446#comment-17221446
]
Ingemar Allqvist commented on ARTEMIS-2961:
-------------------------------------------
Of course, but in our (enterprise) setting, the keys and CAs are maintained by
the network department, not the development organisation. One could "clone" the
keystores, but that would mean we have to handle all the maintenance of the
keystores ourselves; CA certificates need to be renewed, new CA:s are added and
so forth.
That is simply not a realistic approach...
> Configuration SSL/TLS - no way to "reset" password with forceSSLParameters
> --------------------------------------------------------------------------
>
> Key: ARTEMIS-2961
> URL: https://issues.apache.org/jira/browse/ARTEMIS-2961
> Project: ActiveMQ Artemis
> Issue Type: Improvement
> Components: API
> Affects Versions: 2.15.0
> Reporter: Ingemar Allqvist
> Priority: Major
>
> I'm a bit stuck here.
> We're using the client, through JCA, in an application server. The
> application has a number of TLS connections, including the connection to the
> artemis broker.
> The issue is, that we use a couple of different trust stores. Some has
> passwords, some don't.
> The "default", "javax.net.ssl.trustStorePassword" has a password (serving som
> SOAP and REST connections), while the trust store used in the broker
> connection don't.
> I can't figure out how to set the broker connections' password to null.
> ForceSSLParameters doesn't help, well, i have no "trustStorePassword" to
> provide, it must be null - otherwise the trust store is "tampered with" when
> the application server tries to connect.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
