activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Gary Tully <gary.tu...@gmail.com>
Subject Re: Mac OS X Active MQ SSL
Date Wed, 11 Mar 2009 15:00:18 GMT
thanks for the heads up, I added a little info about the dummy key stores.


2009/3/10 huntc <huntc@mac.com>

>
> It appears that my problem was due to the cert and keystores supplied with
> my
> 5.1.0 installation. When I generated my keystore I did not specify a CN.
> However there was a CN in the keystore with the value "localhost" from the
> installation. I guess the broker just used the first cert under the alias
> "broker" which would have been the older, and expired CN of "localhost".
>
> Removing conf/broker.ks and re-generating it along with exporting a cert
> made things work perfectly.
>
> On Mac OS X I also chose to install the cert system wide using the command:
>
> sudo keytool -import -alias broker -keystore
> /Library/Java/Home/lib/security/cacerts -file
> /Applications/apache-activemq-5.1.0/conf/broker.cert
>
> The only downside with this approach is that system upgrades could
> potentially override the certs.
>
> BTW: it'd be nice to have the ActiveMQ wiki updated in respect of SSL -
> perhaps a mention to remove the existing keystore first would be useful.
> :-)
> --
> View this message in context:
> http://www.nabble.com/Mac-OS-X-Active-MQ-SSL-tp22428287p22432178.html
> Sent from the ActiveMQ - User mailing list archive at Nabble.com.
>
>


-- 
http://blog.garytully.com

Open Source SOA
http://FUSESource.com

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message