activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From munger <max.un...@sungard.com>
Subject Re: How to enable HTTPS when SSL is working ?
Date Thu, 03 Jun 2010 07:21:52 GMT

Thanks a lot Dejan for your answer, here is what i am experiencing:

My Embedded ActiveMQ is configured with SSL enabled and https activated
also:

<sslContext>
            <sslContext 
            	keyStore="file:${activemq.base}/conf/certs/broker.ks" 
              	keyStorePassword="password" 
              	trustStore="file:${activemq.base}/conf/certs/client.ts" 
              	trustStorePassword="password"/>
        </sslContext>
      
        <transportConnectors>
            <transportConnector name="openwire"
uri="tcp://localhost:61616"/>
            <transportConnector name="ssl" uri="ssl://localhost:61617"/> 
            <transportConnector name="https" uri="https://localhost:8443"/>
        </transportConnectors>

I use another application to test the connection, a "tester" which creates
the JMS producer and a consumer, using the following Spring configuration:

<beans:bean id="jmsProducerFactory"
class="org.apache.activemq.pool.PooledConnectionFactory"
destroy-method="stop">
	  <beans:property name="connectionFactory">
	      <beans:bean class="org.apache.activemq.ActiveMQConnectionFactory">
	            <beans:property name="brokerURL">
	                   
<beans:value>${jms.producer.connection.url}</beans:value>
	            </beans:property>
    	</beans:bean>
  		</beans:property>
	</beans:bean>

	<beans:bean id="jmsProducerTemplate"
class="org.springframework.jms.core.JmsTemplate">
  	<beans:property name="connectionFactory">
	    <beans:ref local="jmsProducerFactory"/>
   	</beans:property>
	</beans:bean>

	<!-- Définition d'une queue permettant d'échanger les message JMS -->
	<beans:bean id="destination"
class="org.apache.activemq.command.ActiveMQQueue">
  	<beans:constructor-arg index="0">
	    <beans:value>SCB_INCOMMING_MESSAGES</beans:value>
   	</beans:constructor-arg>
	</beans:bean>
	
	<beans:bean id="feedbackQueue"
class="org.apache.activemq.command.ActiveMQQueue">
  	<beans:constructor-arg index="0">
	    <beans:value>SELECTOR_REPLIES</beans:value>
   	</beans:constructor-arg>
	</beans:bean>

	<beans:bean id="listenerSample"
class="com.sungard.application.test.jms.ListenerSample "/>
	<beans:bean id="listenerContainer"
class="org.springframework.jms.listener.DefaultMessageListenerContainer">
  	<beans:property name="concurrentConsumers" value="3"/>
  	<beans:property name="connectionFactory" ref="jmsProducerFactory" />
  	<beans:property name="destination" ref="feedbackQueue" />
  	<beans:property name="messageListener" ref="listenerSample" />
	</beans:bean>
	
	<beans:bean id="springProducer"
class="com.sungard.application.test.jms.ProducerSample">
  	<beans:property name="jmsTemplate" ref="jmsProducerTemplate"/>
  	<beans:property name="destination" ref="destination"/>
	</beans:bean>


When ${jms.producer.connection.url} is set to "ssl://localhost:61617", i can
both create and receive messages from my app, it works well. But as soon as
i change it to https://localhost:8443, i get the following error:

trigger seeding of SecureRandom
done seeding SecureRandom
main, setSoTimeout(0) called
main, setSoTimeout(0) called
%% No cached client session
*** ClientHello, TLSv1
RandomCookie:  GMT: 1275549380 bytes = { 156, 57, 181, 210, 55, 90, 77, 224,
159, 212, 146, 36, 179, 78, 176, 209, 226, 129, 207, 21, 233, 197, 217, 171,
86, 87, 213, 234 }
Session ID:  {}
Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA,
TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA,
SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,
SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA,
SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5,
SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA,
SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA]
Compression Methods:  { 0 }
***
main, WRITE: TLSv1 Handshake, length = 73
main, WRITE: SSLv2 client hello message, length = 98
main, handling exception: javax.net.ssl.SSLException: Unrecognized SSL
message, plaintext connection?
main, SEND TLSv1 ALERT:  fatal, description = unexpected_message
main, WRITE: TLSv1 Alert, length = 2
main, called closeSocket()
main, called close()
main, called closeInternal(true)
main, called close()
main, called closeInternal(true)
main, called close()
main, called closeInternal(true)


Thanks a lot for your help!
-- 
View this message in context: http://old.nabble.com/How-to-enable-HTTPS-when-SSL-is-working---tp28755706p28764026.html
Sent from the ActiveMQ - User mailing list archive at Nabble.com.


Mime
View raw message