Return-Path: 
 <dev-return-21758-apmail-activemq-dev-archive=activemq.apache.org@activemq.apache.org>
Delivered-To: apmail-activemq-dev-archive@www.apache.org
Received: (qmail 29431 invoked from network); 24 Aug 2010 14:01:31 -0000
Received: from unknown (HELO mail.apache.org) (140.211.11.3)
  by 140.211.11.9 with SMTP; 24 Aug 2010 14:01:31 -0000
Received: (qmail 38200 invoked by uid 500); 24 Aug 2010 14:01:31 -0000
Delivered-To: apmail-activemq-dev-archive@activemq.apache.org
Received: (qmail 38144 invoked by uid 500); 24 Aug 2010 14:01:29 -0000
Mailing-List: contact dev-help@activemq.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:dev-help@activemq.apache.org>
List-Unsubscribe: <mailto:dev-unsubscribe@activemq.apache.org>
List-Post: <mailto:dev@activemq.apache.org>
List-Id: <dev.activemq.apache.org>
Reply-To: dev@activemq.apache.org
Delivered-To: mailing list dev@activemq.apache.org
Received: (qmail 38119 invoked by uid 99); 24 Aug 2010 14:01:27 -0000
Received: from Unknown (HELO nike.apache.org) (192.87.106.230)
    by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 24 Aug 2010 14:01:27 +0000
X-ASF-Spam-Status: No, hits=-2000.0 required=10.0
	tests=ALL_TRUSTED
X-Spam-Check-By: apache.org
Received: from [140.211.11.22] (HELO thor.apache.org) (140.211.11.22)
    by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 24 Aug 2010 14:01:10 +0000
Received: from thor (localhost [127.0.0.1])
	by thor.apache.org (8.13.8+Sun/8.13.8) with ESMTP id o7OE0mif020679
	for <dev@activemq.apache.org>; Tue, 24 Aug 2010 14:00:48 GMT
Message-ID: <11116834.13941282658448223.JavaMail.jira@thor>
Date: Tue, 24 Aug 2010 10:00:48 -0400 (EDT)
From: "Felix Koschmieder (JIRA)" <jira@apache.org>
To: dev@activemq.apache.org
Subject: [jira] Updated: (AMQ-1754)
 org.apache.activemq.ActiveMQSslConnectionFactory extended to incorporate
 client.ks/client.ts files to enable convenient use of JNDI via SSL.
In-Reply-To: <861116892.1212006240267.JavaMail.jira@brutus>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
X-JIRA-FingerPrint: ae95407df07c98740808b2ef9da0087c
X-Virus-Checked: Checked by ClamAV on apache.org


     [ https://issues.apache.org/activemq/browse/AMQ-1754?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Felix Koschmieder updated AMQ-1754:
-----------------------------------

    Attachment: ActiveMqSslTransportFactory.java

Modifying the AMQ connection factory does not seem to be the ideal solution as is does not work with failover connections.

Instead, we can create a new SSL transport factory that keeps a AMQ-specific SSL context.

The attached class is ready to be used in a spring context as follows:

{monospaced}
	<bean id="amqConnectionFactory" class="org.apache.activemq.ActiveMQConnectionFactory" depends-on="amqSslTransportFactory">
		<property name="brokerURL" value="${jms.client.brokerUrl}"/>
		<property name="userName" value="${jms.client.username}"/>
		<property name="password" value="${jms.client.password}"/>
		<property name="transportListener" ref="loggingAmqTransportListener"/>
    </bean>

    <bean id="amqSslTransportFactory" class="org.apache.activemq.ActiveMQSslTransportFactory" init-method="initialize">
        <property name="keyStore" value="classpath:keystore.ks"/>
        <property name="keyStorePassword" value="keystorepwd"/>
        <property name="trustStore" value="classpath:truststore.ts"/>
        <property name="trustStorePassword" value="truststorepwd"/>
  </bean>
{monospaced}

To make it work outside of Spring, just replace the keyStore/trustStore attributes by Strings and change the logging framework as needed (currently slf4j).

I have tested this with ActiveMQ 5.3.0.

> org.apache.activemq.ActiveMQSslConnectionFactory extended to incorporate client.ks/client.ts files to enable convenient use of JNDI via SSL.
> --------------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: AMQ-1754
>                 URL: https://issues.apache.org/activemq/browse/AMQ-1754
>             Project: ActiveMQ
>          Issue Type: Improvement
>          Components: Transport
>    Affects Versions: 4.0, 4.0.1, 4.0.2, 4.1.0, 4.1.1, 4.1.2, 5.0.0, 5.1.0
>         Environment: have tested with activemq-4.2.snapshot but should work with any version.
>            Reporter: Sudip Shrestha
>             Fix For: NEEDS_REVIEWED
>
>         Attachments: ActiveMQSslConnectionFactory.java, ActiveMQSslConnectionFactoryx.java, ActiveMqSslTransportFactory.java
>
>
> Steps to use this class:
> - Follow instrucations at http://activemq.apache.org/how-do-i-use-ssl.html, to create client.ks/client.ts files for your jms client.  If you were to connect to the JMS server without using the extended class would necessiate the user set the following system properties for his VM: 
> javax.net.ssl.keyStore=/path/to/client.ks
> javax.net.ssl.keyStorePassword=password
> javax.net.ssl.trustStore=/path/to/client.ts
> - Instead of the above, if used the attached class ActiveMQSslConnectionFactoryx then the constructor public ActiveMQSslConnectionFactoryx(String keyStore, String keyStorePassword, String trustStore) calls the setKeyAndTrustManagers() method of the org.apache.activemq.ActiveMQSslConnectionFactory there by setting up the ConnectionFactory via SSL.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.