activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Gary Tully <>
Subject Re: Mac OS X Active MQ SSL
Date Wed, 11 Mar 2009 15:00:18 GMT
thanks for the heads up, I added a little info about the dummy key stores.

2009/3/10 huntc <>

> It appears that my problem was due to the cert and keystores supplied with
> my
> 5.1.0 installation. When I generated my keystore I did not specify a CN.
> However there was a CN in the keystore with the value "localhost" from the
> installation. I guess the broker just used the first cert under the alias
> "broker" which would have been the older, and expired CN of "localhost".
> Removing conf/broker.ks and re-generating it along with exporting a cert
> made things work perfectly.
> On Mac OS X I also chose to install the cert system wide using the command:
> sudo keytool -import -alias broker -keystore
> /Library/Java/Home/lib/security/cacerts -file
> /Applications/apache-activemq-5.1.0/conf/broker.cert
> The only downside with this approach is that system upgrades could
> potentially override the certs.
> BTW: it'd be nice to have the ActiveMQ wiki updated in respect of SSL -
> perhaps a mention to remove the existing keystore first would be useful.
> :-)
> --
> View this message in context:
> Sent from the ActiveMQ - User mailing list archive at


Open Source SOA

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message