activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tim Bain <>
Subject Re: Configure broker with signed SSL certs
Date Fri, 15 Dec 2017 14:01:47 GMT
If you do "keytool -list -keystore YOUR_KS", what happens? The error
message says that the keystore is malformed or the password is wrong; if
you can use keytool against it, it's not malformed.

Typically you would only specify the configuration in either activemq.xml
or the environment variable, not both. Pick which approach you want to use
and remove the other.


On Dec 14, 2017 10:45 AM, "jason_pacino" <>

Hi Tim,

Thanks for the information. I did have SSL information from the ApacheAMQ
site and the other site was helpful but I still am having issue. I have
created the ks and ts files and replaced them. I add the ACTIVEMQ_SSL_OPTS
enviornemt variable on my windows server and updated the activeMQ.xml SSL
setting to match the ks and ts password and files. When I start the broker I
get the following warning and the broker will not come up.

jvm 1    |  WARN | FAILED SslConnectionFactory@7dd6f267{SSL-HTTP/1.1}: Keystore was tampered with, or password was incorrect
jvm 1    | Keystore was tampered with, or password was

I have tried recreating the KS and TS file multiple times and I always get
the same error.


Sent from:

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message