[
https://issues.apache.org/jira/browse/AMQCPP-348?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Timothy Bish resolved AMQCPP-348.
---------------------------------
Resolution: Fixed
Added code to check for the property "decaf.net.ssl.disablePeerVerification"
and disable all verification if true.
client code sets via:
{noformat}
System::setProperty( "decaf.net.ssl.disablePeerVerification", "true" )
{noformat}
> Allow unverified SSL peer
> -------------------------
>
> Key: AMQCPP-348
> URL: https://issues.apache.org/jira/browse/AMQCPP-348
> Project: ActiveMQ C++ Client
> Issue Type: Improvement
> Affects Versions: 3.2.4
> Reporter: Kevin Quick
> Assignee: Timothy Bish
> Priority: Minor
> Fix For: 3.2.5, 3.3.0
>
>
> When using an ssl: connection, attempting to only provide a client
> certificate via:
> decaf::lang::System::setProperty("decaf.net.ssl.keyStore",
> certfile);
> fails with the following:
> Error occurred while accessing an OpenSSL library method:
> error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify
> failed
> Init failure ERROR: Error occurred while accessing an OpenSSL library method:
> error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify
> failed
> It would be nice if the library would set peer_verify to false if no
> decaf.net.ssl.trustStore was provided to allow the client to bypass
> verification of the broker.
--
This message is automatically generated by JIRA.
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
