QPID-3429: ensure that SSL is enabled correctly in MinaNetworkHandler. Refactor SSLContextFactory to be a factory, and present a useful interface for both client and server side use. Added keystore for the Java broker, renamed existing client trust/key stores for clarity. Fix SSL port configuration. Added new SSL tests, and ensure these are *always* run in the Java 0-10 profiles.

Committing work by myself and Keith Wall. git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1159250 13f79535-47bb-0310-9956-ffa450edef68
author: Robert Gemmell <robbie@apache.org> 2011-08-18 14:42:46 +0000
committer: Robert Gemmell <robbie@apache.org> 2011-08-18 14:42:46 +0000
commit: f54e22b2ea718d5711a2f7e2fd5a98fcf35d41cf (patch)
tree: 6c22c589b9b348dd95980e1c11720b0a1cba02ad /qpid/java/client/src
parent: f30fc6537007493d0a1e7b9f8bc22743042f47e2 (diff)
download: qpid-python-f54e22b2ea718d5711a2f7e2fd5a98fcf35d41cf.tar.gz
1 files changed, 12 insertions, 3 deletions
diff --git a/qpid/java/client/src/main/java/org/apache/qpid/client/AMQConnectionDelegate_8_0.java b/qpid/java/client/src/main/java/org/apache/qpid/client/AMQConnectionDelegate_8_0.java
index 0cd1d49224..756bf11663 100644
--- a/qpid/java/client/src/main/java/org/apache/qpid/client/AMQConnectionDelegate_8_0.java
+++ b/qpid/java/client/src/main/java/org/apache/qpid/client/AMQConnectionDelegate_8_0.java
@@ -23,6 +23,7 @@ package org.apache.qpid.client;
 import java.io.IOException;
 import java.net.ConnectException;
 import java.nio.channels.UnresolvedAddressException;
+import java.security.GeneralSecurityException;
 import java.text.MessageFormat;
 import java.util.ArrayList;
 import java.util.EnumSet;
@@ -31,6 +32,7 @@ import java.util.Set;
 
 import javax.jms.JMSException;
 import javax.jms.XASession;
+import javax.net.ssl.SSLContext;
 
 import org.apache.qpid.AMQException;
 import org.apache.qpid.client.failover.FailoverException;
@@ -99,14 +101,21 @@ public class AMQConnectionDelegate_8_0 implements AMQConnectionDelegate
         settings.setProtocol(brokerDetail.getTransport());
 
         SSLConfiguration sslConfig = _conn.getSSLConfiguration();
-        SSLContextFactory sslFactory = null;
+        SSLContext sslContext = null;
         if (sslConfig != null)
         {
-            sslFactory = new SSLContextFactory(sslConfig.getKeystorePath(), sslConfig.getKeystorePassword(), sslConfig.getCertType());
+            try
+            {
+                sslContext = SSLContextFactory.buildClientContext(sslConfig.getKeystorePath(), sslConfig.getKeystorePassword(), sslConfig.getCertType(),null,null,null,null);
+            }
+            catch (GeneralSecurityException e)
+            {
+                throw new AMQException("Unable to create SSLContext: " + e.getMessage(), e);
+            }
         }
 
         OutgoingNetworkTransport transport = Transport.getOutgoingTransportInstance(getProtocolVersion());
-        NetworkConnection network = transport.connect(settings, _conn._protocolHandler, sslFactory);
+        NetworkConnection network = transport.connect(settings, _conn._protocolHandler, sslContext);
         _conn._protocolHandler.setNetworkConnection(network);
         _conn._protocolHandler.getProtocolSession().init();
         // this blocks until the connection has been set up or when an error
author	Robert Gemmell <robbie@apache.org>	2011-08-18 14:42:46 +0000
committer	Robert Gemmell <robbie@apache.org>	2011-08-18 14:42:46 +0000
commit	f54e22b2ea718d5711a2f7e2fd5a98fcf35d41cf (patch)
tree	6c22c589b9b348dd95980e1c11720b0a1cba02ad /qpid/java/client/src
parent	f30fc6537007493d0a1e7b9f8bc22743042f47e2 (diff)
download	qpid-python-f54e22b2ea718d5711a2f7e2fd5a98fcf35d41cf.tar.gz