Return-Path: Delivered-To: apmail-activemq-users-archive@www.apache.org Received: (qmail 49507 invoked from network); 23 Feb 2009 15:51:39 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 23 Feb 2009 15:51:39 -0000 Received: (qmail 55093 invoked by uid 500); 23 Feb 2009 15:51:38 -0000 Delivered-To: apmail-activemq-users-archive@activemq.apache.org Received: (qmail 55075 invoked by uid 500); 23 Feb 2009 15:51:37 -0000 Mailing-List: contact users-help@activemq.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: users@activemq.apache.org Delivered-To: mailing list users@activemq.apache.org Received: (qmail 55064 invoked by uid 99); 23 Feb 2009 15:51:37 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 23 Feb 2009 07:51:37 -0800 X-ASF-Spam-Status: No, hits=2.6 required=10.0 tests=DNS_FROM_OPENWHOIS,SPF_HELO_PASS,SPF_PASS,WHOIS_MYPRIVREG X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of lists@nabble.com designates 216.139.236.158 as permitted sender) Received: from [216.139.236.158] (HELO kuber.nabble.com) (216.139.236.158) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 23 Feb 2009 15:51:29 +0000 Received: from isper.nabble.com ([192.168.236.156]) by kuber.nabble.com with esmtp (Exim 4.63) (envelope-from ) id 1Lbd5I-000780-GE for users@activemq.apache.org; Mon, 23 Feb 2009 07:51:08 -0800 Message-ID: <22164083.post@talk.nabble.com> Date: Mon, 23 Feb 2009 07:51:08 -0800 (PST) From: mrh To: users@activemq.apache.org Subject: SSL Certificate Management MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Nabble-From: mrhaygood@gmail.com X-Virus-Checked: Checked by ClamAV on apache.org The current documentation demonstrates how to manually create certificates and keystores to allow for SSL connections to the broker (http://activemq.apache.org/how-do-i-use-ssl.html). However, is there a way to automate certificate handling as part of the SSL process? In other words, can it function like its HTTPS counterpart such that the broker's certificate is not sent to the client until the handshake, at which point a user has the ability to approve or disapprove? I'm still learning about JSSE, but could a "TrustManager" object be of assistance here? Thanks, mrh -- View this message in context: http://www.nabble.com/SSL-Certificate-Management-tp22164083p22164083.html Sent from the ActiveMQ - User mailing list archive at Nabble.com.