activemq-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sudip Shrestha (JIRA)" <j...@apache.org>
Subject [jira] Commented: (AMQ-1754) org.apache.activemq.ActiveMQSslConnectionFactory extended to incorporate client.ks/client.ts files to enable convenient use of JNDI via SSL.
Date Wed, 28 May 2008 20:46:00 GMT

    [ https://issues.apache.org/activemq/browse/AMQ-1754?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=43086#action_43086
] 

Sudip Shrestha commented on AMQ-1754:
-------------------------------------

A probably better solution would be to add the following constructor and methods to the existing
org.apache.activemq.ActiveMQSslConnectionFactory class.

public ActiveMQSslConnectionFactory(String keyStore, String keyStorePassword, String trustStore,
String trustStorePassword)
                throws java.security.NoSuchAlgorithmException, java.security.KeyStoreException,
                       java.io.IOException, java.security.GeneralSecurityException
        {
                setKeyAndTrustManagers( getKeyManagers( keyStore,keyStorePassword ),
                        getTrustManagers( trustStore,trustStorePassword ),new java.security.SecureRandom()
);
        }

    private TrustManager[] getTrustManagers(String trustStore, String trustStorePassword)
throws java.security.NoSuchAlgorithmException,
                java.security.KeyStoreException, java.io.IOException, java.security.GeneralSecurityException
        {
                System.out.println( "Initiating TrustManagers" );

                KeyStore ks = KeyStore.getInstance("JKS");
                char [] tsp = null;
                if( trustStorePassword!=null )
                        tsp = trustStorePassword.toCharArray();
                ks.load( new FileInputStream( trustStore ), tsp );
                TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                tmf.init(ks);

                System.out.println( "Initiated TrustManagers" );

                return tmf.getTrustManagers();
        }

 private KeyManager[] getKeyManagers(String keyStore, String keyStorePassword)
                throws java.security.NoSuchAlgorithmException, java.security.KeyStoreException,
java.security.GeneralSecurityException,
                                java.security.cert.CertificateException, java.io.IOException,
java.security.UnrecoverableKeyException
        {
                System.out.println( "Initiating KeyManagers" );

                KeyStore ks = KeyStore.getInstance("JKS");
                char []ksp = null;
                if( keyStorePassword!=null )
                        ksp = keyStorePassword.toCharArray();
                ks.load(new FileInputStream( keyStore ), ksp );
                KeyManagerFactory kmf = KeyManagerFactory.getInstance( KeyManagerFactory.getDefaultAlgorithm()
);
                kmf.init( ks, keyStorePassword.toCharArray());

                System.out.println( "Initiated KeyManagers" );

                return kmf.getKeyManagers();

        }


> org.apache.activemq.ActiveMQSslConnectionFactory extended to incorporate client.ks/client.ts
files to enable convenient use of JNDI via SSL.
> --------------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: AMQ-1754
>                 URL: https://issues.apache.org/activemq/browse/AMQ-1754
>             Project: ActiveMQ
>          Issue Type: Improvement
>          Components: Transport
>    Affects Versions: 4.0, 4.0.1, 4.0.2, 4.1.0, 4.1.1, 4.1.2, 5.0.0, 5.1.0
>         Environment: have tested with activemq-4.2.snapshot but should work with any
version.
>            Reporter: Sudip Shrestha
>         Attachments: ActiveMQSslConnectionFactoryx.java
>
>
> Steps to use this class:
> - Follow instrucations at http://activemq.apache.org/how-do-i-use-ssl.html, to create
client.ks/client.ts files for your jms client.  If you were to connect to the JMS server without
using the extended class would necessiate the user set the following system properties for
his VM: 
> javax.net.ssl.keyStore=/path/to/client.ks
> javax.net.ssl.keyStorePassword=password
> javax.net.ssl.trustStore=/path/to/client.ts
> - Instead of the above, if used the attached class ActiveMQSslConnectionFactoryx then
the constructor public ActiveMQSslConnectionFactoryx(String keyStore, String keyStorePassword,
String trustStore) calls the setKeyAndTrustManagers() method of the org.apache.activemq.ActiveMQSslConnectionFactory
there by setting up the ConnectionFactory via SSL.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message