When using a CA certificate file and activemq GMSEC_API ignores the CA certificate file unless sec-ssl-truststore-key is set to a non-empty string. See [1]. This is confusing for users since activemq-cpp does not have the capability to use a CA certificate file key. See [2].
Recommended fix is to pass along the sec-ssl-truststore value iff it is not empty, regardless of the value of sec-ssl-truststore-key.
When using a CA certificate file and activemq GMSEC_API ignores the CA certificate file unless
sec-ssl-truststore-key
is set to a non-empty string. See [1]. This is confusing for users since activemq-cpp does not have the capability to use a CA certificate file key. See [2].Recommended fix is to pass along the
sec-ssl-truststore
value iff it is not empty, regardless of the value ofsec-ssl-truststore-key
.[1] https://github.com/nasa/GMSEC_API/blob/master/wrapper/activemq/src/CMSConnection.cpp#L687 [2] https://github.com/apache/activemq-cpp/blob/d6f76ede90d21b7ee2f0b5d4648e440e66d63003/activemq-cpp/src/main/decaf/internal/net/ssl/openssl/OpenSSLContextSpi.cpp#L238