Effective October 27, 2012, online and email support for FuseSource products will move to Red Hat support channels. For more information, please see the JIRA Migration to Red Hat FAQ. As of October 27th, please open all new issues in the Red Hat Customer Portal .
The attached test case highlights a problem with the way detect SSL connections when composite URL's are used. In "ActiveMQSslConnectionFactory.java", we have the following section of code:
protected Transport createTransport() throws JMSException {
// If the given URI is non-ssl, let superclass handle it.
if (!brokerURL.getScheme().equals("ssl")) {
returnsuper.createTransport();
}
try {
if (keyManager == null || trustManager == null) {
trustManager = createTrustManager();
keyManager = createKeyManager();
// secureRandom can be left as null }
SslTransportFactory sslFactory = new SslTransportFactory();
SslContext ctx = new SslContext(keyManager, tru
When using an SSL URL for failover, for example, brokerURL.getScheme="failover" and not "ssl" thus our special considerations for SSL are not picked up.
The attached test case uses a custom Trust Manager. We can see that it works just fine with a URL of ""ssl://localhost:61618", however, when failover is added, ("failover://(ssl://localhost:61618)", it's not picked up. I ran this through the debugger to track it down but essentially in the good case, you'll see my output from test case:
One works
============
** Hello ...
** Setting Broker URL ...
** Creating Queue Connection ...
** Returning trust All certs
===> My manager: [Ljavax.net.ssl.TrustManager;
trigger seeding of SecureRandom
done seeding SecureRandom
Allow unsafe renegotiation: false
In the failing case, "My manager" line is not printed as its never invoked.
I dropped the attached test case into org.apache.activemq.
Description
Hi,
The attached test case highlights a problem with the way detect SSL connections when composite URL's are used. In "ActiveMQSslConnectionFactory.java", we have the following section of code:
protected Transport createTransport() throws JMSException {
// If the given URI is non-ssl, let superclass handle it.
if (!brokerURL.getScheme().equals("ssl")) {
returnsuper.createTransport();
}
try {
if (keyManager == null || trustManager == null) {
trustManager = createTrustManager();
keyManager = createKeyManager();
// secureRandom can be left as null }
SslTransportFactory sslFactory = new SslTransportFactory();
SslContext ctx = new SslContext(keyManager, tru
When using an SSL URL for failover, for example, brokerURL.getScheme="failover" and not "ssl" thus our special considerations for SSL are not picked up.
The attached test case uses a custom Trust Manager. We can see that it works just fine with a URL of ""ssl://localhost:61618", however, when failover is added, ("failover://(ssl://localhost:61618)", it's not picked up. I ran this through the debugger to track it down but essentially in the good case, you'll see my output from test case:
One works
============
** Hello ...
** Setting Broker URL ...
** Creating Queue Connection ...
** Returning trust All certs
===> My manager: [Ljavax.net.ssl.TrustManager;
trigger seeding of SecureRandom
done seeding SecureRandom
Allow unsafe renegotiation: false
In the failing case, "My manager" line is not printed as its never invoked.
I dropped the attached test case into org.apache.activemq.
Bug
Open
Major
SslConnectionFactory is not used when using composite URL's
