Return-Path: X-Original-To: apmail-activemq-users-archive@www.apache.org Delivered-To: apmail-activemq-users-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id DFB91104FD for ; Mon, 3 Feb 2014 23:54:25 +0000 (UTC) Received: (qmail 2473 invoked by uid 500); 3 Feb 2014 23:54:25 -0000 Delivered-To: apmail-activemq-users-archive@activemq.apache.org Received: (qmail 2439 invoked by uid 500); 3 Feb 2014 23:54:24 -0000 Mailing-List: contact users-help@activemq.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: users@activemq.apache.org Delivered-To: mailing list users@activemq.apache.org Received: (qmail 2430 invoked by uid 99); 3 Feb 2014 23:54:24 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 03 Feb 2014 23:54:24 +0000 X-ASF-Spam-Status: No, hits=3.5 required=5.0 tests=HTML_MESSAGE,SPF_PASS,URI_HEX X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: local policy includes SPF record at spf.trusted-forwarder.org) Received: from [216.139.250.139] (HELO joe.nabble.com) (216.139.250.139) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 03 Feb 2014 23:54:18 +0000 Received: from [192.168.236.139] (helo=joe.nabble.com) by joe.nabble.com with esmtp (Exim 4.72) (envelope-from ) id 1WATKV-0001YL-Hg for users@activemq.apache.org; Mon, 03 Feb 2014 15:53:32 -0800 Date: Mon, 3 Feb 2014 15:53:16 -0800 (PST) From: artnaseef To: users@activemq.apache.org Message-ID: <616007b47b58aa2f794ae9eb7061ade8.squirrel@email.powweb.com> Subject: Re: Is there anyway to set the brokers trustManager via configuration? MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_50013_27548123.1391471596526" X-Virus-Checked: Checked by ClamAV on apache.org ------=_Part_50013_27548123.1391471596526 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit You can always set the default SSL trust store using the standard sun properties. As long as nothing else in the JVM sets them. Note that changing those properties is meaningless after the first use of an SSL socket factory, so generally defining them on the JVM command-line is the best way to go. Of course, putting passwords on the command-line introduces the usual security risk (that anyone with login access to the box may be able to view the password). Here are the properties: * javax.net.ssl.trustStore - path to the truststore * javax.net.ssl.trustStorePassword - password for the truststore * javax.net.sun.keyStore - path to the keystore * javax.net.keyStorePassword - password for the keystore > > > I know that as part of the ActiveMQSslConnectionFactory class you are able > to > set the trust manager though the function > void setKeyAndTrustManagers(KeyManager[] km, TrustManager[] tm, > SecureRandom > random) > > Is there any way to do the same thing with some configuration for the > broker > itself? > > Thanks > > > > _______________________________________________ > If you reply to this email, your message will be added to the discussion > below: > http://activemq.2283324.n4.nabble.com/Is-there-anyway-to-set-the-brokers-trustManager-via-configuration-tp4677347.html > To start a new topic under ActiveMQ - User, email > ml-node+s2283324n2341805h3@n4.nabble.com > To unsubscribe from ActiveMQ - User, visit > http://activemq.2283324.n4.nabble.com/template/NamlServlet.jtp?macro=unsubscribe_by_code&node=2341805&code=YXJ0QGFydG5hc2VlZi5jb218MjM0MTgwNXwtMjA1NDcyNjY5MQ== -- View this message in context: http://activemq.2283324.n4.nabble.com/Re-Is-there-anyway-to-set-the-brokers-trustManager-via-configuration-tp4677356.html Sent from the ActiveMQ - User mailing list archive at Nabble.com. ------=_Part_50013_27548123.1391471596526--