[
https://issues.apache.org/jira/browse/GEODE-7022?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16903208#comment-16903208
]
ASF subversion and git services commented on GEODE-7022:
--------------------------------------------------------
Commit 62317207b2ea3b4b4d7ded96e66250caa01ce76e in geode's branch
refs/heads/develop from Juan José Ramos
[ https://gitbox.apache.org/repos/asf?p=geode.git;h=6231720 ]
GEODE-7022: Add SSL Alias Support for JMX Clients (#3857)
- Added tests.
- Fixed minor warnings.
- Use custom RMIClientSocketFactory that supports Geode SSL settings.
> SSL Alias Support for JMX Connections
> -------------------------------------
>
> Key: GEODE-7022
> URL: https://issues.apache.org/jira/browse/GEODE-7022
> Project: Geode
> Issue Type: Bug
> Components: jmx, security
> Reporter: Juan José Ramos Cassella
> Assignee: Juan José Ramos Cassella
> Priority: Major
> Labels: GeodeCommons
> Time Spent: 3h 40m
> Remaining Estimate: 0h
>
> The {{*SslRMIClientSocketFactory*}} class, by default, always loads the first
> key that appears in the {{keystore}} and does not support the usage of
> {{aliases}}; Geode’s SSL implementation, on the other hand, uses the
> {{ssl-default-alias}} property to allow the usage of a particular key.
> The above, in turn, might cause a {{JMX over SSL}} connection to fail
> whenever the {{keystore}} has more than one key imported (see
> [{{JmxOperationInvoker}}|https://github.com/apache/geode/blob/rel/v1.9.0/geode-core/src/main/java/org/apache/geode/management/internal/cli/shell/JmxOperationInvoker.java]
> and
> [{{ContextAwareSSLRMIClientSocketFactory}}|https://github.com/apache/geode/blob/rel/v1.9.0/geode-core/src/main/java/org/apache/geode/management/internal/ContextAwareSSLRMIClientSocketFactory.java]).
--
This message was sent by Atlassian JIRA
(v7.6.14#76016)
