activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Timothy Bish <>
Subject Re: ActiveMQ NMS and a self-signed SSL server certificate
Date Wed, 29 Jan 2014 18:37:16 GMT
On 01/29/2014 01:13 PM, Christoffer Sawicki wrote:
> Hello!
> I'm trying to connect the ActiveMQ NMS client to a server with a
> self-signed SSL certificate.
> I've added the server certificate to Mono's "Trust", "My" and "CA"
> truststores with `certmgr -add -c <object-type> message-queue.crt` but the
> connections still yield a SslPolicyErrors.RemoteCertificateChainErrors.
> I've found some sources on the web that hint that this is what happens with
> self-signed certificates.
> Am I missing something? Should I add the certificate somewhere else?
> Last time I dabbled with self-signed certificates in .NET I wrote a
> custom RemoteCertificateValidationCallback but that's not possible with the
> current AMQ NMS API.
> I'm thinking about providing a patch
> for Apache.NMS.ActiveMQ.Transport.Tcp.SslTransport(Factory) that allows one
> to configure brokerCert* just like clientCert* and use that certificate
> file in ValidateServerCertificate. Would such a patch be accepted?
> Regards,
> Christoffer
You can create a patch and attach it to a Jira issue for review.

Tim Bish
Sr Software Engineer | RedHat Inc. | |
skype: tabish121 | twitter: @tabish121

View raw message