Skip to content
Permalink
Browse files
http://issues.apache.org/activemq/browse/AMQNET-239
Adds URI options for setting which Store name and the Store Location to to load from when attempting to get client certificates for dual authentication type.
  • Loading branch information
Timothy A. Bish committed Apr 7, 2010
1 parent 40b009f commit 91717f22f358b7a5c7a9eae70db1ed31f181714b
Showing 2 changed files with 53 additions and 4 deletions.
@@ -33,7 +33,8 @@ public class SslTransport : TcpTransport
private string clientCertSubject;
private string clientCertFilename;
private string clientCertPassword;

private string keyStoreName;
private string keyStoreLocation;
private bool acceptInvalidBrokerCert = false;

private SslStream sslStream;
@@ -95,7 +96,19 @@ public bool AcceptInvalidBrokerCert
get { return this.acceptInvalidBrokerCert; }
set { this.acceptInvalidBrokerCert = value; }
}


public string KeyStoreName
{
get { return this.keyStoreName; }
set { this.keyStoreName = value; }
}

public string KeyStoreLocation
{
get { return this.keyStoreLocation; }
set { this.keyStoreLocation = value; }
}

protected override Stream CreateSocketStream()
{
if(this.sslStream != null)
@@ -211,7 +224,27 @@ private X509Certificate2Collection LoadCertificates()
}
else
{
X509Store store = new X509Store(StoreName.My, StoreLocation.CurrentUser);
string name = String.IsNullOrEmpty(this.keyStoreName) ? StoreName.My.ToString() : this.keyStoreName;

StoreLocation location = StoreLocation.CurrentUser;

if(!String.IsNullOrEmpty(this.keyStoreLocation))
{
if(String.Compare(this.keyStoreLocation, "CurrentUser", true) == 0)
{
location = StoreLocation.CurrentUser;
}
else if(String.Compare(this.keyStoreLocation, "LocalMachine", true) == 0)
{
location = StoreLocation.LocalMachine;
}
else
{
throw new NMSException("Invlalid StoreLocation given on URI");
}
}

X509Store store = new X509Store(name, location);

collection = store.Certificates;
}
@@ -27,6 +27,8 @@ public class SslTransportFactory : TcpTransportFactory
private string clientCertSubject;
private string clientCertFilename;
private string clientCertPassword;
private string keyStoreName;
private string keyStoreLocation;
private bool acceptInvalidBrokerCert = false;

public SslTransportFactory() : base()
@@ -62,7 +64,19 @@ public bool AcceptInvalidBrokerCert
get { return this.acceptInvalidBrokerCert; }
set { this.acceptInvalidBrokerCert = value; }
}


public string KeyStoreName
{
get { return this.keyStoreName; }
set { this.keyStoreName = value; }
}

public string KeyStoreLocation
{
get { return this.keyStoreLocation; }
set { this.keyStoreLocation = value; }
}

protected override ITransport DoCreateTransport(Uri location, Socket socket, IWireFormat wireFormat )
{
Tracer.Debug("Creating new instance of the SSL Transport.");
@@ -73,6 +87,8 @@ protected override ITransport DoCreateTransport(Uri location, Socket socket, IWi
transport.ClientCertFilename = this.clientCertFilename;
transport.ClientCertPassword = this.clientCertPassword;
transport.ServerName = this.serverName;
transport.KeyStoreLocation = this.keyStoreLocation;
transport.KeyStoreName = this.keyStoreName;
transport.AcceptInvalidBrokerCert = this.acceptInvalidBrokerCert;

return transport;

0 comments on commit 91717f2

Please sign in to comment.