diff --git a/artemis-core-client/src/main/java/org/apache/activemq/artemis/core/remoting/impl/netty/TransportConstants.java b/artemis-core-client/src/main/java/org/apache/activemq/artemis/core/remoting/impl/netty/TransportConstants.java index 5d86aaafa0..890b508058 100644 --- a/artemis-core-client/src/main/java/org/apache/activemq/artemis/core/remoting/impl/netty/TransportConstants.java +++ b/artemis-core-client/src/main/java/org/apache/activemq/artemis/core/remoting/impl/netty/TransportConstants.java @@ -342,6 +342,7 @@ public class TransportConstants { allowableConnectorKeys.add(TransportConstants.ENABLED_CIPHER_SUITES_PROP_NAME); allowableConnectorKeys.add(TransportConstants.ENABLED_PROTOCOLS_PROP_NAME); allowableConnectorKeys.add(TransportConstants.VERIFY_HOST_PROP_NAME); + allowableConnectorKeys.add(TransportConstants.TRUST_ALL_PROP_NAME); allowableConnectorKeys.add(TransportConstants.TCP_NODELAY_PROPNAME); allowableConnectorKeys.add(TransportConstants.TCP_SENDBUFFER_SIZE_PROPNAME); allowableConnectorKeys.add(TransportConstants.TCP_RECEIVEBUFFER_SIZE_PROPNAME); diff --git a/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/ssl/CoreClientOverTwoWaySSLTest.java b/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/ssl/CoreClientOverTwoWaySSLTest.java index 6e308790bb..609174e00f 100644 --- a/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/ssl/CoreClientOverTwoWaySSLTest.java +++ b/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/ssl/CoreClientOverTwoWaySSLTest.java @@ -16,13 +16,13 @@ */ package org.apache.activemq.artemis.tests.integration.ssl; -import javax.net.ssl.SSLPeerUnverifiedException; import java.util.Arrays; import java.util.Collection; import java.util.HashMap; import java.util.Map; -import io.netty.handler.ssl.SslHandler; +import javax.net.ssl.SSLPeerUnverifiedException; + import org.apache.activemq.artemis.api.core.ActiveMQException; import org.apache.activemq.artemis.api.core.ActiveMQNotConnectedException; import org.apache.activemq.artemis.api.core.Interceptor; @@ -51,6 +51,8 @@ import org.junit.Test; import org.junit.runner.RunWith; import org.junit.runners.Parameterized; +import io.netty.handler.ssl.SslHandler; + @RunWith(value = Parameterized.class) public class CoreClientOverTwoWaySSLTest extends ActiveMQTestBase { @@ -242,6 +244,31 @@ public class CoreClientOverTwoWaySSLTest extends ActiveMQTestBase { sf.close(); } + @Test + public void testTwoWaySSLVerifyClientTrustAllTrueByURI() throws Exception { + NettyAcceptor acceptor = (NettyAcceptor) server.getRemotingService().getAcceptor("nettySSL"); + acceptor.getConfiguration().put(TransportConstants.NEED_CLIENT_AUTH_PROP_NAME, true); + server.getRemotingService().stop(false); + server.getRemotingService().start(); + server.getRemotingService().startAcceptors(); + + //Set trust all so this should work even with no trust store set + StringBuilder uri = new StringBuilder("tcp://" + tc.getParams().get(TransportConstants.HOST_PROP_NAME).toString() + + ":" + tc.getParams().get(TransportConstants.PORT_PROP_NAME).toString()); + + uri.append("?").append(TransportConstants.SSL_ENABLED_PROP_NAME).append("=true"); + uri.append("&").append(TransportConstants.TRUST_ALL_PROP_NAME).append("=true"); + uri.append("&").append(TransportConstants.KEYSTORE_PROVIDER_PROP_NAME).append("=").append(storeType); + uri.append("&").append(TransportConstants.KEYSTORE_PATH_PROP_NAME).append("=").append(CLIENT_SIDE_KEYSTORE); + uri.append("&").append(TransportConstants.KEYSTORE_PASSWORD_PROP_NAME).append("=").append(PASSWORD); + + server.getRemotingService().addIncomingInterceptor(new MyInterceptor()); + + ServerLocator locator = addServerLocator(ActiveMQClient.createServerLocator(uri.toString())); + ClientSessionFactory sf = createSessionFactory(locator); + sf.close(); + } + @Test public void testTwoWaySSLVerifyClientTrustAllFalse() throws Exception { NettyAcceptor acceptor = (NettyAcceptor) server.getRemotingService().getAcceptor("nettySSL");