This week's book giveaway is in the Server-Side JavaScript and NodeJS forum.
We're giving away four copies of Micro Frontends in Action and have Michael Geers on-line!
See this thread for details.
Win a copy of Micro Frontends in Action this week in the Server-Side JavaScript and NodeJS forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Ron McLeod
  • Paul Clapham
  • Bear Bibeault
  • Junilu Lacar
Sheriffs:
  • Jeanne Boyarsky
  • Tim Cooke
  • Henry Wong
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • salvin francis
  • Frits Walraven
Bartenders:
  • Scott Selikoff
  • Piet Souris
  • Carey Brown

JMS ActiveMQ JBOSS SSL

 
Greenhorn
Posts: 24
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I successfully got ActiveMQ working with SSL and JBOSS. Here's all the information


Follow directions here

http://activemq.apache.org/how-do-i-use-ssl.html

// I don't think it is necessary to update ALL of the following files but I haven't taken the time to figure which are important
activemq-command,xml

<transportConnector name="ssl" uri="ssl://localhost:61617?wantClientAuth=true&needClientAuth=true&transport.commandTracingEnabled=true" />

activemq-demo.xml // probably not needed

<transportConnector name="ssl" uri="ssl://localhost:61617"/>

activemq-dynamic-network-broker1.xml

<transportConnector name="ssl" uri="ssl://localhost:61617?wantClientAuth=true&needClientAuth=true&transport.commandTracingEnabled=true" />

activemq-dynamic-network-broker2.xml

<transportConnector name="ssl" uri="ssl://localhost:61617?wantClientAuth=true&needClientAuth=true&transport.commandTracingEnabled=true" />

activemq-jdbc.xml

<transportConnector name="ssl" uri="ssl://localhost:61617?wantClientAuth=true&needClientAuth=true&transport.commandTracingEnabled=true" />

activemq-security.xml

<transportConnector name="ssl" uri="ssl://localhost:61617?wantClientAuth=true&needClientAuth=true&transport.commandTracingEnabled=true" />

activemq-specjms.xml

<transportConnector name="ssl" uri="ssl://localhost:61617?wantClientAuth=true&needClientAuth=true&transport.commandTracingEnabled=true" />

activemq-static-network-broker1.xml

<transportConnector name="ssl" uri="ssl://localhost:61617?wantClientAuth=true&needClientAuth=true&transport.commandTracingEnabled=true" />

activemq-static-network-broker2.xml

<networkConnector uri="static:(ssl://localhost:61616)" duplex="true"/>

activemq-throughput.xml

<transportConnector name="ssl" uri="ssl://localhost:61617?needClientAuth=true" />

activemq.xml (inside <broker>

<transportConnector name="ssl" uri="ssl://localhost:61617?needClientAuth=true" />

activemq.xml

<transportConnector name="ssl" uri="ssl://localhost:61617?needClientAuth=true" />

// the following was placed inside AND outside of <broker>
<amq:broker useJmx="false" persistent="false">

<amq:sslContext>
<amq:sslContext
keyStore="c:/ActiveMQ/broker.ks" keyStorePassword="password"
trustStore="c:/ActiveMQ/client.ks" trustStorePassword="password"/>
</amq:sslContext>

<amq:transportConnectors>
<amq:transportConnector uri="ssl://localhost:61616" />
</amq:transportConnectors>

</amq:broker>


Download activemq-cpp-library-3.4.3 project
Download Bloodshed Dev C++
Download Open SSL
Drop all source files from activemq-cpp-library-3.4.3/src/main into a Dev C++ project
Set Dev C++ to build a DLL
Update main/activmq/util/Config.h, insert #define HAVE_OPENSSL 1
Build DLL from Dev C++
Update system PATH variable to point to directory containing the DLL
Update system PATH variable to point to \OpenSSL-Win64\lib

Change your code so that you have

ConnectionFactory connectionFactory =
new ActiveMQConnectionFactory("ssl://localhost:61617");

Update activemq.bat to set info about keystores and trust stores, when starting activemq precede by seting ACTIVEMQ_ENCRYPTION_PASSWORD=activemq

"%_JAVACMD%" %SUNJMX% %ACTIVEMQ_DEBUG_OPTS% %ACTIVEMQ_OPTS% %SSL_OPTS% -Dactivemq.classpath="%ACTIVEMQ_CLASSPATH%" -Dactivemq.home="%ACTIVEMQ_HOME%" -Dactivemq.base="%ACTIVEMQ_BASE%" -Dactivemq.conf="%ACTIVEMQ_CONF%" -Dactivemq.data="%ACTIVEMQ_DATA%" -Djava.io.tmpdir="%ACTIVEMQ_TMP%" -Djavax.net.ssl.keyStore=c:/ActiveMQ/broker.ks -Djavax.net.ssl.keyStorePassword=password -Djavax.net.ssl.trustStore=c:/activemq/broker.ts -Djavax.net.ssl.trustStorePassword=password -jar "%ACTIVEMQ_HOME%/bin/run.jar" %*

Add debug command to activemq

if "%ACTIVEMQ_OPTS%" == "" set ACTIVEMQ_OPTS=-Xms1G -Xmx1G -Djava.util.logging.config.file=logging.properties -Djavax.net.debug=ssl

When starting client add

java -Djavax.net.debug=ssl -Djavax.net.ssl.keyStore=c:/yourpath/client.ks -Djavax.net.ssl.keyStorePassword=password -Djavax.net.ssl.trustStore=c:/yourpath/client.ts -Djavax.net.ssl.trustStorePassword=password


OK, I tried to cover everything. All of this will definitely help you reach your goal of ActiveMQ invocation with server and client SSL validation



 
I brought this back from the farm where they grow the tiny ads:
Building a Better World in your Backyard by Paul Wheaton and Shawn Klassen-Koop
https://coderanch.com/wiki/718759/books/Building-World-Backyard-Paul-Wheaton
reply
    Bookmark Topic Watch Topic
  • New Topic