qpid-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Robbie Gemmell (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (PROTON-1447) Unable to provide multiple certificates using setTrustedCaDb
Date Tue, 02 May 2017 15:50:04 GMT

    [ https://issues.apache.org/jira/browse/PROTON-1447?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15993140#comment-15993140
] 

Robbie Gemmell commented on PROTON-1447:
----------------------------------------

The bot wasnt working earlier and didn't record this commit:
{noformat}
PROTON-1447: add a test to exercise the changes in ad60967463fe697800d24eaf0286dbf9e7d38473

Branch: refs/heads/master
Commit: http://git-wip-us.apache.org/repos/asf/qpid-proton-j/commit/61d9d15b
Commit: 61d9d15bc47bd675bba4c735dbd46fc93c42dd14
Author: Robert Gemmell <robbie@apache.org>
Authored: Tue May 2 14:51:20 2017 +0100
{noformat}


> Unable to provide multiple certificates using setTrustedCaDb
> ------------------------------------------------------------
>
>                 Key: PROTON-1447
>                 URL: https://issues.apache.org/jira/browse/PROTON-1447
>             Project: Qpid Proton
>          Issue Type: Bug
>          Components: proton-j
>    Affects Versions: proton-j-0.18.0
>         Environment: JDK 1.8.0_121
>            Reporter: Priyanka Mathur
>            Assignee: Rob Godfrey
>             Fix For: proton-j-0.19.0
>
>
> Using http://qpid.apache.org/releases/qpid-proton-0.9.1/proton/java/api/org/apache/qpid/proton/engine/impl/ssl/SslDomainImpl.html#setTrustedCaDb(java.lang.String)
to set the certificate will work only on the top most certificate provided in the input stream
because readCertificate from SslEngineFacadeFactory.java uses generateCertificate which gets
only the first certificate that holds between "-----BEGIN CERTIFICATE-----" and "-----END
CERTIFICATE-----". If more than one are provided then you either need to loop and take one
at a time calling generateCertificate or use generateCertificates. Please provide a fix for
this asap as this is blocking our roll out of further certificates. 



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org


Mime
View raw message