[jira] [Commented] (QPID-8302) [Broker-J] NonKeystoreTrustore does not validate private key and certificate matching on certificate update
[ https://issues.apache.org/jira/browse/QPID-8302?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16832825#comment-16832825 ] ASF GitHub Bot commented on QPID-8302: -- alex-rufous commented on pull request #27: QPID-8302: [Broker-J] Validate whether private key matches certificate on NonKeystoreTrustore certificate update URL: https://github.com/apache/qpid-broker-j/pull/27 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org > [Broker-J] NonKeystoreTrustore does not validate private key and certificate > matching on certificate update > --- > > Key: QPID-8302 > URL: https://issues.apache.org/jira/browse/QPID-8302 > Project: Qpid > Issue Type: Bug > Components: Broker-J >Affects Versions: qpid-java-broker-7.1.2 >Reporter: Alex Rudyy >Assignee: Alex Rudyy >Priority: Major > Fix For: qpid-java-broker-8.0.0, qpid-java-broker-7.1.3 > > > NonJavaKeystore does not validate whether private key and certificate are > matching on certificate update. In result of human error the certificate can > be updated to the wrong one and after broker restart the TLS stops working. > The validation should be improved to verify that private key matches the > certificate -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org
[jira] [Commented] (QPID-8302) [Broker-J] NonKeystoreTrustore does not validate private key and certificate matching on certificate update
[ https://issues.apache.org/jira/browse/QPID-8302?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16831249#comment-16831249 ] ASF subversion and git services commented on QPID-8302: --- Commit 5668439c051976240bb124f6abf51dad93ef36cd in qpid-broker-j's branch refs/heads/7.1.x from Alex Rudyy [ https://gitbox.apache.org/repos/asf?p=qpid-broker-j.git;h=5668439 ] QPID-8302: [Broker-J] Validate whether private key matches certificate on NonJavaKeystore certificate update This closes #27 (cherry picked from commit 71a37b5fe78963b4723afa2d250d7b3ea71ffeaf) > [Broker-J] NonKeystoreTrustore does not validate private key and certificate > matching on certificate update > --- > > Key: QPID-8302 > URL: https://issues.apache.org/jira/browse/QPID-8302 > Project: Qpid > Issue Type: Bug > Components: Broker-J >Affects Versions: qpid-java-broker-7.1.2 >Reporter: Alex Rudyy >Assignee: Alex Rudyy >Priority: Major > Fix For: qpid-java-broker-8.0.0, qpid-java-broker-7.1.3 > > > NonJavaKeystore does not validate whether private key and certificate are > matching on certificate update. In result of human error the certificate can > be updated to the wrong one and after broker restart the TLS stops working. > The validation should be improved to verify that private key matches the > certificate -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org
[jira] [Commented] (QPID-8302) [Broker-J] NonKeystoreTrustore does not validate private key and certificate matching on certificate update
[ https://issues.apache.org/jira/browse/QPID-8302?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16831237#comment-16831237 ] ASF subversion and git services commented on QPID-8302: --- Commit 71a37b5fe78963b4723afa2d250d7b3ea71ffeaf in qpid-broker-j's branch refs/heads/master from Alex Rudyy [ https://gitbox.apache.org/repos/asf?p=qpid-broker-j.git;h=71a37b5 ] QPID-8302: [Broker-J] Validate whether private key matches certificate on NonJavaKeystore certificate update > [Broker-J] NonKeystoreTrustore does not validate private key and certificate > matching on certificate update > --- > > Key: QPID-8302 > URL: https://issues.apache.org/jira/browse/QPID-8302 > Project: Qpid > Issue Type: Bug > Components: Broker-J >Affects Versions: qpid-java-broker-7.1.2 >Reporter: Alex Rudyy >Assignee: Alex Rudyy >Priority: Major > Fix For: qpid-java-broker-8.0.0, qpid-java-broker-7.1.3 > > > NonJavaKeystore does not validate whether private key and certificate are > matching on certificate update. In result of human error the certificate can > be updated to the wrong one and after broker restart the TLS stops working. > The validation should be improved to verify that private key matches the > certificate -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org
[jira] [Commented] (QPID-8302) [Broker-J] NonKeystoreTrustore does not validate private key and certificate matching on certificate update
[ https://issues.apache.org/jira/browse/QPID-8302?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16827776#comment-16827776 ] ASF GitHub Bot commented on QPID-8302: -- alex-rufous commented on pull request #27: QPID-8302: [Broker-J] Validate whether private key matches certificate on NonKeystoreTrustore certificate update URL: https://github.com/apache/qpid-broker-j/pull/27 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org > [Broker-J] NonKeystoreTrustore does not validate private key and certificate > matching on certificate update > --- > > Key: QPID-8302 > URL: https://issues.apache.org/jira/browse/QPID-8302 > Project: Qpid > Issue Type: Bug > Components: Broker-J >Affects Versions: qpid-java-broker-7.1.2 >Reporter: Alex Rudyy >Assignee: Alex Rudyy >Priority: Major > Fix For: qpid-java-broker-8.0.0, qpid-java-broker-7.1.3 > > > NonJavaKeystore does not validate whether private key and certificate are > matching on certificate update. In result of human error the certificate can > be updated to the wrong one and after broker restart the TLS stops working. > The validation should be improved to verify that private key matches the > certificate -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org