activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jiri Danek <jda...@redhat.com>
Subject Re: Configure activemq-client to trust any SSL certificate from the broker without verifying it
Date Wed, 06 Dec 2017 08:53:17 GMT
Thank you for your advice. I ended up also looking at
https://stackoverflow.com/questions/16747902/setting-trust-store-programatically-in-activemqsslconnectionfactory-seems-to-fai
and also
https://github.com/apache/activemq/blob/master/activemq-amqp/src/test/java/org/apache/activemq/transport/amqp/joram/JoramJmsNioPlusSslTest.java
and I did it the way the test in the second link does it.

try {
    SSLContext def;
    SSLContext ctx = SSLContext.getInstance("TLS");
    ctx.init(new KeyManager[0], new TrustManager[]{new
TrustingTrustManager()}, null);
    def = SSLContext.getDefault();
    SSLContext.setDefault(ctx);
} catch (NoSuchAlgorithmException | KeyManagementException e) {
    throw new RuntimeException("Could not set up the all-trusting
TrustManager", e);
}

/**
* Does not do any checking. Trusts all certificates.
*/
private class TrustingTrustManager implements X509TrustManager {
    @Override
    public void checkClientTrusted(X509Certificate[] x509Certificates,
String s) throws CertificateException {
    }

    @Override
    public void checkServerTrusted(X509Certificate[] x509Certificates,
String s) throws CertificateException {
    }

    @Override
    public X509Certificate[] getAcceptedIssuers() {
        return new X509Certificate[0];
    }
}

Thank you all for your help.
-- 
Jiri Daněk

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message