diff options
| -rw-r--r-- | qpid/doc/book/src/java-broker/Java-Broker-Security-SSL.xml | 14 | ||||
| -rw-r--r-- | qpid/doc/book/src/java-broker/commonEntities.xml | 1 |
2 files changed, 15 insertions, 0 deletions
diff --git a/qpid/doc/book/src/java-broker/Java-Broker-Security-SSL.xml b/qpid/doc/book/src/java-broker/Java-Broker-Security-SSL.xml index 541f6cf5d9..e415065a84 100644 --- a/qpid/doc/book/src/java-broker/Java-Broker-Security-SSL.xml +++ b/qpid/doc/book/src/java-broker/Java-Broker-Security-SSL.xml @@ -1,4 +1,8 @@ <?xml version="1.0" encoding="utf-8"?> +<!DOCTYPE entities [ +<!ENTITY % entities SYSTEM "commonEntities.xml"> +%entities; +]> <!-- Licensed to the Apache Software Foundation (ASF) under one @@ -61,6 +65,16 @@ the configured SSL port(s) or will also bind the non-SSL port(s). Setting sslOnly to true will disable the non-SSL ports. </para> + + <important> + <para> + The password of the certificate used by the Broker <emphasis role="bold">must</emphasis> + match the password of the keystore itself. This is a restriction of the Qpid Broker + implementation. If using the <ulink url="&oracleKeytool;">keytool</ulink> utility, + note that this means the argument to the <option>-keypass</option> option must match + the <option>-storepass</option> option. + </para> + </important> </section> <section role="h2" id="SSL-Truststore-ClientCertificate"> diff --git a/qpid/doc/book/src/java-broker/commonEntities.xml b/qpid/doc/book/src/java-broker/commonEntities.xml index 4dcbc96b69..a53440a467 100644 --- a/qpid/doc/book/src/java-broker/commonEntities.xml +++ b/qpid/doc/book/src/java-broker/commonEntities.xml @@ -28,6 +28,7 @@ <!-- Oracle javadoc --> <!ENTITY oracleJdkDocUrl "http://oracle.com/javase/6/docs/api/"> <!ENTITY oracleJeeDocUrl "http://docs.oracle.com/javaee/6/api/"> +<!ENTITY oracleKeytool "http://docs.oracle.com/javase/6/docs/technotes/tools/solaris/keytool.html"> <!-- Oracle BDB JE--> <!ENTITY oracleJeDownloadUrl "http://www.oracle.com/technetwork/products/berkeleydb/downloads/index.html?ssSourceSiteId=ocomen"> |