activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From h3qvw <p.wri...@eoveri.com>
Subject Re: Broker Network using SSL with KeyManager+TrustManager
Date Fri, 11 Jan 2008 11:14:37 GMT

Hello,

    I've modified the SslTransportFactory to take Key & Truststore locations
from the URI; however I'm having trouble doing  the configuration in the
activemq style (currently I'm reading the options directly and then clearing
the options in compositeConfigure).

Attached is my first stab (apologies for the ugly configuration!) which
takes these parameters for client sockets (although the code would work for
server sockets too, I'm using the existing SslBrokerService). My additions
are marked (search for eoveri)

http://www.nabble.com/file/p14753650/SslTransportFactory.java
SslTransportFactory.java 

An example URL is
static:(ssl://localhost:8443?needClientAuth=true&ssl.keyStore=/path/to/keystore.jks&ssl.keyStoreType=JKS&ssl.keyStorePassword=privatePass&ssl.trustStore=/path/to/truststore.jks&ssl.trustStoreType=JKS&ssl.trustStorePassword=publicPass)

-Peter



Hiram Chirino wrote:
> 
> I don't think it's possible right now, but you could always patch that
> code to make it work.  We accept contributions!
> 
> On Jan 3, 2008 8:59 AM, h3qvw <p.wright@eoveri.com> wrote:
>>
>> Hello,
>>
>> I'm trying to connect 2 brokers using ssl; I can't use a system property
>> to
>> specify keystores since they're already being used for different
>> keystores.
>>
>> I'm using SslBrokerService and addSslConnector to create a broker exposed
>> externally using my KeyManager+TrustManager, however I'm having trouble
>> doing the same for a network connector:
>>
>>     DiscoveryNetworkConnector conn = new DiscoveryNetworkConnector();
>>     conn.setUri(new URI("static:(tcp://localhost:61616)"));
>>     conn.setDuplex(true);
>>     conn.setNetworkTTL(6);
>>
>>     broker.addNetworkConnector(conn).start();
>>
>> Any ideas? Is it possible?
>>
>> Thanks
>> --
>>
> 
> 
> 
> -- 
> Regards,
> Hiram
> 
> Blog: http://hiramchirino.com
> 
> Open Source SOA
> http://open.iona.com
> 
> 
-- 
View this message in context: http://www.nabble.com/Broker-Network-using-SSL-with-KeyManager%2BTrustManager-tp14597274s2354p14753650.html
Sent from the ActiveMQ - User mailing list archive at Nabble.com.


Mime
View raw message