activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Justin Bertram <>
Subject Re: NettyConnector explicitly initializes SSLContext instead of using default
Date Tue, 06 Jun 2017 20:35:11 GMT
What version are you using?  There is an option in 2.1 to use the default SSL context.  See


----- Original Message -----
From: "mevans7" <>
Sent: Tuesday, June 6, 2017 3:17:43 PM
Subject: NettyConnector explicitly initializes SSLContext instead of using default

I need a secure way to initialize the SSLContext in
org.apache.activemq.artemis.core.remoting.impl.netty.NettyConnector.  (No
keystore password in system properties.) 

I'm trying to configure a client to read JMS messages from Wildfly using
SSL.  This works ONLY if I specify these either with -D or

My problem is this: for security purposes, I cannot put the password in the
System properties.  (These are too easy to dump out using various tools.) 

So, I programatically initialize the default SSLContext.  BUT,
NettyConnector does not use the default SSLContext.  It explicitly reads the
above properties and creates its own SSLContext. 

- How can I securely pass the truststore and keystore passwords to
- Why doesn't NettyConnector just use the default SSLContext, which can be
configured with the same system parameters as above? 

View this message in context:
Sent from the ActiveMQ - User mailing list archive at

View raw message