[ https://issues.apache.org/jira/browse/GEODE-7022?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16904031#comment-16904031 ]
ASF subversion and git services commented on GEODE-7022: -------------------------------------------------------- Commit f78a7d34135ebaf96980cdb8ef7133380cb3f5c6 in geode's branch refs/heads/release/1.10.0 from Juan José Ramos [ https://gitbox.apache.org/repos/asf?p=geode.git;h=f78a7d3 ] GEODE-7022: Add SSL Alias Support for JMX Clients (#3857) - Added tests. - Fixed minor warnings. - Use custom RMIClientSocketFactory that supports Geode SSL settings. (cherry picked from commit 62317207b2ea3b4b4d7ded96e66250caa01ce76e) > SSL Alias Support for JMX Connections > ------------------------------------- > > Key: GEODE-7022 > URL: https://issues.apache.org/jira/browse/GEODE-7022 > Project: Geode > Issue Type: Bug > Components: jmx, security > Reporter: Juan José Ramos Cassella > Assignee: Juan José Ramos Cassella > Priority: Major > Labels: GeodeCommons > Time Spent: 3h 40m > Remaining Estimate: 0h > > The {{*SslRMIClientSocketFactory*}} class, by default, always loads the first > key that appears in the {{keystore}} and does not support the usage of > {{aliases}}; Geode’s SSL implementation, on the other hand, uses the > {{ssl-default-alias}} property to allow the usage of a particular key. > The above, in turn, might cause a {{JMX over SSL}} connection to fail > whenever the {{keystore}} has more than one key imported (see > [{{JmxOperationInvoker}}|https://github.com/apache/geode/blob/rel/v1.9.0/geode-core/src/main/java/org/apache/geode/management/internal/cli/shell/JmxOperationInvoker.java] > and > [{{ContextAwareSSLRMIClientSocketFactory}}|https://github.com/apache/geode/blob/rel/v1.9.0/geode-core/src/main/java/org/apache/geode/management/internal/ContextAwareSSLRMIClientSocketFactory.java]). -- This message was sent by Atlassian JIRA (v7.6.14#76016)