qpid-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mrich <Matthew.R...@qxlva.com>
Subject Specifying SSL information in URL for AMQP 1.0
Date Thu, 03 Oct 2013 15:03:23 GMT
Hi,

I am having difficulties passing SSL (keystore/truststore)  information into
the AMQP 1.0 java client libraries.

I am currently using the createFromURL method to generate the connection
from a URL that includes SSL parameters as defined  here
<http://qpid.apache.org/releases/qpid-0.20/programming/book/QpidJNDI.html#section-jms-connection-url>

.

String connectionUrl =
"amqps://guest:guest@localhost/?brokerlist='tcp://localhost:5671?ssl='true'&key_store='C:/apache-activemq-5.8.0/conf/client.ks'&key_store_password='password'&trust_store='C:/apache-activemq-5.8.0/conf/client.ts'&trust_store_password='password'";
ConnectionFactoryImpl connectionFactory =
ConnectionFactoryImpl.createFromURL(connectionUrl);

However this fails during SSL handshake and after enabling ssl debugging I
notice that the keystore information doesnt appear to be picked up:
keyStore is : 
trustStore is: C:\Program Files\Java\jdk1.7.0_17\jre\lib\security\cacerts

The parsing of the String and the ConnectionFactoryImpl does not appear to
be aware of the trust store information.

This is similar to an old post  here
<http://qpid.2158936.n2.nabble.com/SSL-option-td7591508.html>  , and I have
checked my example against the suggestions on that post.

For clarification, if I set the JVM options (e.g. -Djavax.net.ssl.keyStore)
then the SSL handshake works correctly (but I cannot use this method outside
of testing).

Any help in resolving this issue is appreciated.



--
View this message in context: http://qpid.2158936.n2.nabble.com/Specifying-SSL-information-in-URL-for-AMQP-1-0-tp7598974.html
Sent from the Apache Qpid users mailing list archive at Nabble.com.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@qpid.apache.org
For additional commands, e-mail: users-help@qpid.apache.org


Mime
View raw message