activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Justin Bertram <jbert...@apache.com>
Subject Re: CLIENT_CERT using TransportConfiguration
Date Mon, 23 May 2016 18:36:30 GMT
The SSLContext in org.apache.activemq.artemis.core.remoting.impl.netty.NettyConnector is not
exposed, and I can't think of any other way you could pass an in-memory cert to the connector
with the existing code.  However, you could perhaps implement your own org.apache.activemq.artemis.spi.core.remoting.ConnectorFactory
and extend org.apache.activemq.artemis.core.remoting.impl.netty.NettyConnector and do what
you want that way.

To be clear, there are two different properties you can set for the key store - javax.net.ssl.keyStore
or org.apache.activemq.ssl.keyStore (with the latter taking precedence).


Justin

----- Original Message -----
From: "gturner" <george.turner@lmco.com>
To: users@activemq.apache.org
Sent: Monday, May 23, 2016 10:30:59 AM
Subject: CLIENT_CERT using TransportConfiguration

I am using the following code:

            Map<String, Object> connectionParams = new HashMap<>();
            connectionParams.put(TransportConstants.HOST_PROP_NAME,
"socmission");
            connectionParams.put(TransportConstants.PORT_PROP_NAME, "8443");
            connectionParams.put(TransportConstants.SSL_ENABLED_PROP_NAME,
"true");
           
connectionParams.put(TransportConstants.HTTP_UPGRADE_ENABLED_PROP_NAME,
"true");
           
connectionParams.put(TransportConstants.HTTP_UPGRADE_ENDPOINT_PROP_NAME,
"https-acceptor");
            TransportConfiguration transportConfiguration = new
TransportConfiguration(
               
"org.apache.activemq.artemis.core.remoting.impl.netty.NettyConnectorFactory",
connectionParams);
            ConnectionFactory cf =
ActiveMQJMSClient.createConnectionFactoryWithoutHA(JMSFactoryType.TOPIC_CF,
transportConfiguration);
            Connection connection = cf.createConnection();
            connection.start();
            session = connection.createSession(false,
Session.AUTO_ACKNOWLEDGE);
            Topic t = (Topic) ctx.lookup(topicJndi);


But in order to connect SSL, the only option is to set the system keystore
option.  Is there any option like an SSLContext that would allow me to set
the client certificate in memory instead of writing it out to file to pass
to the system variable?



--
View this message in context: http://activemq.2283324.n4.nabble.com/CLIENT-CERT-using-TransportConfiguration-tp4712258.html
Sent from the ActiveMQ - User mailing list archive at Nabble.com.

Mime
View raw message