activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ellis, Tim" <Tim.El...@emergint.com>
Subject SSL authentication and security assistance
Date Fri, 10 Aug 2012 12:34:50 GMT
Emergint has been using ActiveMQ for a number of years now in our health care consulting efforts.
 We have been greatly pleased with its stability and performance, particularly version 4.1.2.
 We are planning to move some capabilities from a locally-hosted environment to "the cloud"
where we need some additional data transport protection beyond what we have currently employed.
 We are testing the SSL transport with "needClientAuth=true" and an associated trust store
on each end of the allowed connection points; we need to insure that only trusted clients
will have access to the queues.  So far, we are unable to break the desired protection scheme
- only trusted clients are able to produce or consume messages to the AMQ broker.  We are
utilizing the configuration steps specified here, http://activemq.apache.org/how-do-i-use-ssl.html
, and we are not using any custom plug-ins in the broker associated with the SSL transport.

We have configured a broker on a public address in our DMZ for additional testing. If anyone
is willing and able, please attempt to post messages to any queue or pull the remaining text
message (generated by the example producer client) from queue FOO.BAR from the following URL:

    ssl://69.2.201.51:61617

All attempts to produce or consume data should fail; if anyone is able to succeed, please
boast accordingly - I will also be monitoring the log file daily.  I will be glad to post
testing results or additional configuration items that members may desire in order to assist
others who may need this sort of configuration.  Thanks in advance for any assistance.

Timothy W. Ellis, M.S.
Sr Systems Architect / Software Engineering Mgr
emergint®
Louisville , KY 40202


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message