activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From artnaseef <...@artnaseef.com>
Subject Re: Is there anyway to set the brokers trustManager via configuration?
Date Mon, 03 Feb 2014 23:53:16 GMT
You can always set the default SSL trust store using the standard sun
properties.

As long as nothing else in the JVM sets them.  Note that changing those
properties is meaningless after the first use of an SSL socket factory, so
generally defining them on the JVM command-line is the best way to go.  Of
course, putting passwords on the command-line introduces the usual
security risk (that anyone with login access to the box may be able to
view the password).

Here are the properties:

* javax.net.ssl.trustStore - path to the truststore
* javax.net.ssl.trustStorePassword - password for the truststore
* javax.net.sun.keyStore - path to the keystore
* javax.net.keyStorePassword - password for the keystore

>
>
> I know that as part of the ActiveMQSslConnectionFactory class you are able
> to
> set the trust manager though the function
> void setKeyAndTrustManagers(KeyManager[] km, TrustManager[] tm,
> SecureRandom
> random)
>
> Is there any way to do the same thing with some configuration for the
> broker
> itself?
>
> Thanks
>
>
>
> _______________________________________________
> If you reply to this email, your message will be added to the discussion
> below:
> http://activemq.2283324.n4.nabble.com/Is-there-anyway-to-set-the-brokers-trustManager-via-configuration-tp4677347.html
> To start a new topic under ActiveMQ - User, email
> ml-node+s2283324n2341805h3@n4.nabble.com
> To unsubscribe from ActiveMQ - User, visit
> http://activemq.2283324.n4.nabble.com/template/NamlServlet.jtp?macro=unsubscribe_by_code&node=2341805&code=YXJ0QGFydG5hc2VlZi5jb218MjM0MTgwNXwtMjA1NDcyNjY5MQ==





--
View this message in context: http://activemq.2283324.n4.nabble.com/Re-Is-there-anyway-to-set-the-brokers-trustManager-via-configuration-tp4677356.html
Sent from the ActiveMQ - User mailing list archive at Nabble.com.
Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message