activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Timothy Bish <tabish...@gmail.com>
Subject Re: ActiveMQ NMS and a self-signed SSL server certificate
Date Wed, 29 Jan 2014 18:37:16 GMT
On 01/29/2014 01:13 PM, Christoffer Sawicki wrote:
> Hello!
>
> I'm trying to connect the ActiveMQ NMS client to a server with a
> self-signed SSL certificate.
>
> I've added the server certificate to Mono's "Trust", "My" and "CA"
> truststores with `certmgr -add -c <object-type> message-queue.crt` but the
> connections still yield a SslPolicyErrors.RemoteCertificateChainErrors.
> I've found some sources on the web that hint that this is what happens with
> self-signed certificates.
>
> Am I missing something? Should I add the certificate somewhere else?
>
> Last time I dabbled with self-signed certificates in .NET I wrote a
> custom RemoteCertificateValidationCallback but that's not possible with the
> current AMQ NMS API.
>
> I'm thinking about providing a patch
> for Apache.NMS.ActiveMQ.Transport.Tcp.SslTransport(Factory) that allows one
> to configure brokerCert* just like clientCert* and use that certificate
> file in ValidateServerCertificate. Would such a patch be accepted?
>
> Regards,
> Christoffer
>
You can create a patch and attach it to a Jira issue for review.

-- 
Tim Bish
Sr Software Engineer | RedHat Inc.
tim.bish@redhat.com | www.fusesource.com | www.redhat.com
skype: tabish121 | twitter: @tabish121
blog: http://timbish.blogspot.com/


Mime
View raw message