Return-Path: 
 <users-return-23905-apmail-activemq-users-archive=activemq.apache.org@activemq.apache.org>
Delivered-To: apmail-activemq-users-archive@www.apache.org
Received: (qmail 28390 invoked from network); 3 Jun 2010 07:22:23 -0000
Received: from unknown (HELO mail.apache.org) (140.211.11.3)
  by 140.211.11.9 with SMTP; 3 Jun 2010 07:22:23 -0000
Received: (qmail 87086 invoked by uid 500); 3 Jun 2010 07:22:22 -0000
Delivered-To: apmail-activemq-users-archive@activemq.apache.org
Received: (qmail 86440 invoked by uid 500); 3 Jun 2010 07:22:21 -0000
Mailing-List: contact users-help@activemq.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:users-help@activemq.apache.org>
List-Unsubscribe: <mailto:users-unsubscribe@activemq.apache.org>
List-Post: <mailto:users@activemq.apache.org>
List-Id: <users.activemq.apache.org>
Reply-To: users@activemq.apache.org
Delivered-To: mailing list users@activemq.apache.org
Received: (qmail 86159 invoked by uid 99); 3 Jun 2010 07:22:20 -0000
Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230)
    by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 03 Jun 2010 07:22:20 +0000
X-ASF-Spam-Status: No, hits=0.0 required=10.0
	tests=FREEMAIL_FROM,SPF_HELO_PASS,SPF_PASS,T_TO_NO_BRKTS_FREEMAIL
X-Spam-Check-By: apache.org
Received-SPF: pass (nike.apache.org: domain of lists@nabble.com designates
 216.139.236.158 as permitted sender)
Received: from [216.139.236.158] (HELO kuber.nabble.com) (216.139.236.158)
    by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 03 Jun 2010 07:22:13 +0000
Received: from isper.nabble.com ([192.168.236.156])
	by kuber.nabble.com with esmtp (Exim 4.63)
	(envelope-from <lists@nabble.com>)
	id 1OK4kS-0005XC-9C
	for users@activemq.apache.org; Thu, 03 Jun 2010 00:21:52 -0700
Message-ID: <28764026.post@talk.nabble.com>
Date: Thu, 3 Jun 2010 00:21:52 -0700 (PDT)
From: munger <max.unger@sungard.com>
To: users@activemq.apache.org
Subject: Re: How to enable HTTPS when SSL is working ?
In-Reply-To: <AANLkTikr8wTYn82JNMljTCwOI0CpTuLrpJiT_hj9MtOy@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
X-Nabble-From: max.unger@sungard.com
References: <28755706.post@talk.nabble.com>
 <AANLkTikr8wTYn82JNMljTCwOI0CpTuLrpJiT_hj9MtOy@mail.gmail.com>
X-Virus-Checked: Checked by ClamAV on apache.org


Thanks a lot Dejan for your answer, here is what i am experiencing:

My Embedded ActiveMQ is configured with SSL enabled and https activated
also:

<sslContext>
            <sslContext=20
            =09keyStore=3D"file:${activemq.base}/conf/certs/broker.ks"=20
              =09keyStorePassword=3D"password"=20
              =09trustStore=3D"file:${activemq.base}/conf/certs/client.ts"=
=20
              =09trustStorePassword=3D"password"/>
        </sslContext>
     =20
        <transportConnectors>
            <transportConnector name=3D"openwire"
uri=3D"tcp://localhost:61616"/>
            <transportConnector name=3D"ssl" uri=3D"ssl://localhost:61617"/=
>=20
            <transportConnector name=3D"https" uri=3D"https://localhost:844=
3"/>
        </transportConnectors>

I use another application to test the connection, a "tester" which creates
the JMS producer and a consumer, using the following Spring configuration:

<beans:bean id=3D"jmsProducerFactory"
class=3D"org.apache.activemq.pool.PooledConnectionFactory"
destroy-method=3D"stop">
=09  <beans:property name=3D"connectionFactory">
=09      <beans:bean class=3D"org.apache.activemq.ActiveMQConnectionFactory=
">
=09            <beans:property name=3D"brokerURL">
=09                  =20
<beans:value>${jms.producer.connection.url}</beans:value>
=09            </beans:property>
    =09</beans:bean>
  =09=09</beans:property>
=09</beans:bean>

=09<beans:bean id=3D"jmsProducerTemplate"
class=3D"org.springframework.jms.core.JmsTemplate">
  =09<beans:property name=3D"connectionFactory">
=09    <beans:ref local=3D"jmsProducerFactory"/>
   =09</beans:property>
=09</beans:bean>

=09<!-- D=C3=A9finition d'une queue permettant d'=C3=A9changer les message =
JMS -->
=09<beans:bean id=3D"destination"
class=3D"org.apache.activemq.command.ActiveMQQueue">
  =09<beans:constructor-arg index=3D"0">
=09    <beans:value>SCB_INCOMMING_MESSAGES</beans:value>
   =09</beans:constructor-arg>
=09</beans:bean>
=09
=09<beans:bean id=3D"feedbackQueue"
class=3D"org.apache.activemq.command.ActiveMQQueue">
  =09<beans:constructor-arg index=3D"0">
=09    <beans:value>SELECTOR_REPLIES</beans:value>
   =09</beans:constructor-arg>
=09</beans:bean>

=09<beans:bean id=3D"listenerSample"
class=3D"com.sungard.application.test.jms.ListenerSample "/>
=09<beans:bean id=3D"listenerContainer"
class=3D"org.springframework.jms.listener.DefaultMessageListenerContainer">
  =09<beans:property name=3D"concurrentConsumers" value=3D"3"/>
  =09<beans:property name=3D"connectionFactory" ref=3D"jmsProducerFactory" =
/>
  =09<beans:property name=3D"destination" ref=3D"feedbackQueue" />
  =09<beans:property name=3D"messageListener" ref=3D"listenerSample" />
=09</beans:bean>
=09
=09<beans:bean id=3D"springProducer"
class=3D"com.sungard.application.test.jms.ProducerSample">
  =09<beans:property name=3D"jmsTemplate" ref=3D"jmsProducerTemplate"/>
  =09<beans:property name=3D"destination" ref=3D"destination"/>
=09</beans:bean>


When ${jms.producer.connection.url} is set to "ssl://localhost:61617", i ca=
n
both create and receive messages from my app, it works well. But as soon as
i change it to https://localhost:8443, i get the following error:

trigger seeding of SecureRandom
done seeding SecureRandom
main, setSoTimeout(0) called
main, setSoTimeout(0) called
%% No cached client session
*** ClientHello, TLSv1
RandomCookie:  GMT: 1275549380 bytes =3D { 156, 57, 181, 210, 55, 90, 77, 2=
24,
159, 212, 146, 36, 179, 78, 176, 209, 226, 129, 207, 21, 233, 197, 217, 171=
,
86, 87, 213, 234 }
Session ID:  {}
Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA,
TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA,
SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,
SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA,
SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5,
SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA,
SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA]
Compression Methods:  { 0 }
***
main, WRITE: TLSv1 Handshake, length =3D 73
main, WRITE: SSLv2 client hello message, length =3D 98
main, handling exception: javax.net.ssl.SSLException: Unrecognized SSL
message, plaintext connection?
main, SEND TLSv1 ALERT:  fatal, description =3D unexpected_message
main, WRITE: TLSv1 Alert, length =3D 2
main, called closeSocket()
main, called close()
main, called closeInternal(true)
main, called close()
main, called closeInternal(true)
main, called close()
main, called closeInternal(true)


Thanks a lot for your help!
--=20
View this message in context: http://old.nabble.com/How-to-enable-HTTPS-whe=
n-SSL-is-working---tp28755706p28764026.html
Sent from the ActiveMQ - User mailing list archive at Nabble.com.