Return-Path: 
 <users-return-22285-apmail-activemq-users-archive=activemq.apache.org@activemq.apache.org>
Delivered-To: apmail-activemq-users-archive@www.apache.org
Received: (qmail 84829 invoked from network); 3 Feb 2010 23:54:45 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3)
  by minotaur.apache.org with SMTP; 3 Feb 2010 23:54:45 -0000
Received: (qmail 46720 invoked by uid 500); 3 Feb 2010 23:54:44 -0000
Delivered-To: apmail-activemq-users-archive@activemq.apache.org
Received: (qmail 46639 invoked by uid 500); 3 Feb 2010 23:54:44 -0000
Mailing-List: contact users-help@activemq.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:users-help@activemq.apache.org>
List-Unsubscribe: <mailto:users-unsubscribe@activemq.apache.org>
List-Post: <mailto:users@activemq.apache.org>
List-Id: <users.activemq.apache.org>
Reply-To: users@activemq.apache.org
Delivered-To: mailing list users@activemq.apache.org
Received: (qmail 46625 invoked by uid 99); 3 Feb 2010 23:54:44 -0000
Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 03 Feb 2010 23:54:44 +0000
X-ASF-Spam-Status: No, hits=1.5 required=10.0
	tests=NORMAL_HTTP_TO_IP,SPF_PASS,WEIRD_PORT
X-Spam-Check-By: apache.org
Received-SPF: pass (nike.apache.org: domain of bruce.snyder@gmail.com
 designates 209.85.220.215 as permitted sender)
Received: from [209.85.220.215] (HELO mail-fx0-f215.google.com)
 (209.85.220.215)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 03 Feb 2010 23:54:34 +0000
Received: by fxm7 with SMTP id 7so2105098fxm.8
        for <users@activemq.apache.org>; Wed, 03 Feb 2010 15:54:14 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=gamma;
        h=domainkey-signature:mime-version:received:in-reply-to:references
         :date:message-id:subject:from:to:content-type
         :content-transfer-encoding;
        bh=dxDmq5xX2Fys7eIex2Dx7dK2/o+yphGPNuyIsxvet5w=;
        b=m9lptZOp+mLPIltT9im07Muc3q85Z7+Sl4pcFyWt05jjaeC8yxDKOuk9gKcAik5lDX
         hryuzXXuS1foiI7OjBUKYIG7CtH5sB7VpRkvhOPnt58pTNmMNrFVarF80uW1zwFWF2Jt
         rYHjXRvc8FRYH3RbuZtr8fpEXQNB94ckBd5x0=
DomainKey-Signature: a=rsa-sha1; c=nofws;
        d=gmail.com; s=gamma;
        h=mime-version:in-reply-to:references:date:message-id:subject:from:to
         :content-type:content-transfer-encoding;
        b=V6tVGPCelLhiSuCEjgImrmi5BtXICAor9Ropwj7jUoiP9HjSQBj4f9WCsUIljDkL22
         BwqeMU4j1SaR/2ismgEK7Y5aOlXCPnXilWrK40pI0LyOAJxjlF7XGeUmLBla3PqaIwEa
         Jd5F92v+uLnBwfdJ3x1AMUFuQRGO3HDCmcMpg=
MIME-Version: 1.0
Received: by 10.223.132.209 with SMTP id c17mr298335fat.37.1265241253261;
 Wed,
	03 Feb 2010 15:54:13 -0800 (PST)
In-Reply-To: <27429414.post@talk.nabble.com>
References: <27429414.post@talk.nabble.com>
Date: Wed, 3 Feb 2010 16:54:13 -0700
Message-ID: <7b3355cb1002031554v1c47cd2r1c55c15a9b169f35@mail.gmail.com>
Subject: Re: Configuring ActiveMQ Embedded Broker over HTTPS
From: Bruce Snyder <bruce.snyder@gmail.com>
To: users@activemq.apache.org
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
X-Virus-Checked: Checked by ClamAV on apache.org

On Tue, Feb 2, 2010 at 4:48 PM, Boris Belov <bbelov2@gmail.com> wrote:
>
> Hello,
>
> We are attempting to configure embedded =A0ActiveMQ broker over https and
> failing to do so. Any attempt to start the broker results in
> jetty.ssl.password prompt.
> After entering the password the following exception is generated.
>
> 2010-02-02 15:47:10.931::INFO: =A0jetty-6.1.11
> 2010-02-02 15:47:10.938::INFO: =A0Started SslSocketConnector@0.0.0.0:6201=
0
> INFO =A0- TransportConnector =A0 =A0 =A0 =A0 - Connector
> https://0.0.0.0:62010?trace=3Dtrue Started
> 2010-02-02 15:47:10.939::WARN: =A0EXCEPTION
> javax.net.ssl.SSLException: No available certificate or key corresponds t=
o
> the SSL cipher suites which are enabled.
> =A0 =A0 =A0 =A0at
> com.sun.net.ssl.internal.ssl.SSLServerSocketImpl.checkEnabledSuites(SSLSe=
rverSocketImpl.java:307)
> =A0 =A0 =A0 =A0at
> com.sun.net.ssl.internal.ssl.SSLServerSocketImpl.accept(SSLServerSocketIm=
pl.java:253)
> =A0 =A0 =A0 =A0at
> org.mortbay.jetty.security.SslSocketConnector.accept(SslSocketConnector.j=
ava:172)
> =A0 =A0 =A0 =A0at
> org.mortbay.jetty.AbstractConnector$Acceptor.run(AbstractConnector.java:7=
07)
> =A0 =A0 =A0 =A0at
> org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:=
488)
> jetty.ssl.password :

Have you imported the CA certs into the correct keystore? I've
experienced this problem myself in the past. Also make sure that the
private key is in the keystore, not just the public key.

Also, take a look at the instructions here:

http://activemq.apache.org/how-do-i-use-ssl.html

When I've had problems in the past with SSL, reading through these has help=
ed.

Bruce
--=20
perl -e 'print unpack("u30","D0G)U8V4\@4VYY9&5R\"F)R=3D6-E+G-N>61E<D\!G;6%I=
;\"YC;VT*"
);'

ActiveMQ in Action: http://bit.ly/2je6cQ
Blog: http://bruceblog.org/
Twitter: http://twitter.com/brucesnyder