[ https://issues.apache.org/jira/browse/AMQCPP-348?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Timothy Bish resolved AMQCPP-348. --------------------------------- Resolution: Fixed Added code to check for the property "decaf.net.ssl.disablePeerVerification" and disable all verification if true. client code sets via: {noformat} System::setProperty( "decaf.net.ssl.disablePeerVerification", "true" ) {noformat} > Allow unverified SSL peer > ------------------------- > > Key: AMQCPP-348 > URL: https://issues.apache.org/jira/browse/AMQCPP-348 > Project: ActiveMQ C++ Client > Issue Type: Improvement > Affects Versions: 3.2.4 > Reporter: Kevin Quick > Assignee: Timothy Bish > Priority: Minor > Fix For: 3.2.5, 3.3.0 > > > When using an ssl: connection, attempting to only provide a client > certificate via: > decaf::lang::System::setProperty("decaf.net.ssl.keyStore", > certfile); > fails with the following: > Error occurred while accessing an OpenSSL library method: > error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify > failed > Init failure ERROR: Error occurred while accessing an OpenSSL library method: > error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify > failed > It would be nice if the library would set peer_verify to false if no > decaf.net.ssl.trustStore was provided to allow the client to bypass > verification of the broker. -- This message is automatically generated by JIRA. - For more information on JIRA, see: http://www.atlassian.com/software/jira