Return-Path: Delivered-To: apmail-activemq-users-archive@www.apache.org Received: (qmail 48779 invoked from network); 11 Jan 2008 11:15:10 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 11 Jan 2008 11:15:10 -0000 Received: (qmail 51430 invoked by uid 500); 11 Jan 2008 11:14:58 -0000 Delivered-To: apmail-activemq-users-archive@activemq.apache.org Received: (qmail 51398 invoked by uid 500); 11 Jan 2008 11:14:58 -0000 Mailing-List: contact users-help@activemq.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: users@activemq.apache.org Delivered-To: mailing list users@activemq.apache.org Received: (qmail 51389 invoked by uid 99); 11 Jan 2008 11:14:58 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 11 Jan 2008 03:14:58 -0800 X-ASF-Spam-Status: No, hits=2.6 required=10.0 tests=DNS_FROM_OPENWHOIS,SPF_HELO_PASS,SPF_PASS,WHOIS_MYPRIVREG X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of lists@nabble.com designates 216.139.236.158 as permitted sender) Received: from [216.139.236.158] (HELO kuber.nabble.com) (216.139.236.158) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 11 Jan 2008 11:14:45 +0000 Received: from isper.nabble.com ([192.168.236.156]) by kuber.nabble.com with esmtp (Exim 4.63) (envelope-from ) id 1JDHqP-0003Xd-0V for users@activemq.apache.org; Fri, 11 Jan 2008 03:14:37 -0800 Message-ID: <14753650.post@talk.nabble.com> Date: Fri, 11 Jan 2008 03:14:37 -0800 (PST) From: h3qvw To: users@activemq.apache.org Subject: Re: Broker Network using SSL with KeyManager+TrustManager In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Nabble-From: p.wright@eoveri.com References: <14597274.post@talk.nabble.com> X-Virus-Checked: Checked by ClamAV on apache.org Hello, I've modified the SslTransportFactory to take Key & Truststore locations from the URI; however I'm having trouble doing the configuration in the activemq style (currently I'm reading the options directly and then clearing the options in compositeConfigure). Attached is my first stab (apologies for the ugly configuration!) which takes these parameters for client sockets (although the code would work for server sockets too, I'm using the existing SslBrokerService). My additions are marked (search for eoveri) http://www.nabble.com/file/p14753650/SslTransportFactory.java SslTransportFactory.java An example URL is static:(ssl://localhost:8443?needClientAuth=true&ssl.keyStore=/path/to/keystore.jks&ssl.keyStoreType=JKS&ssl.keyStorePassword=privatePass&ssl.trustStore=/path/to/truststore.jks&ssl.trustStoreType=JKS&ssl.trustStorePassword=publicPass) -Peter Hiram Chirino wrote: > > I don't think it's possible right now, but you could always patch that > code to make it work. We accept contributions! > > On Jan 3, 2008 8:59 AM, h3qvw wrote: >> >> Hello, >> >> I'm trying to connect 2 brokers using ssl; I can't use a system property >> to >> specify keystores since they're already being used for different >> keystores. >> >> I'm using SslBrokerService and addSslConnector to create a broker exposed >> externally using my KeyManager+TrustManager, however I'm having trouble >> doing the same for a network connector: >> >> DiscoveryNetworkConnector conn = new DiscoveryNetworkConnector(); >> conn.setUri(new URI("static:(tcp://localhost:61616)")); >> conn.setDuplex(true); >> conn.setNetworkTTL(6); >> >> broker.addNetworkConnector(conn).start(); >> >> Any ideas? Is it possible? >> >> Thanks >> -- >> > > > > -- > Regards, > Hiram > > Blog: http://hiramchirino.com > > Open Source SOA > http://open.iona.com > > -- View this message in context: http://www.nabble.com/Broker-Network-using-SSL-with-KeyManager%2BTrustManager-tp14597274s2354p14753650.html Sent from the ActiveMQ - User mailing list archive at Nabble.com.