aspose file tools*
The moose likes EJB and other Java EE Technologies and the fly likes JMS ActiveMQ JBOSS SSL Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » EJB and other Java EE Technologies
Bookmark "JMS ActiveMQ JBOSS SSL" Watch "JMS ActiveMQ JBOSS SSL" New topic
Author

JMS ActiveMQ JBOSS SSL

gilbert engle
Greenhorn

Joined: Jun 03, 2009
Posts: 24
I successfully got ActiveMQ working with SSL and JBOSS. Here's all the information


Follow directions here

http://activemq.apache.org/how-do-i-use-ssl.html

// I don't think it is necessary to update ALL of the following files but I haven't taken the time to figure which are important
activemq-command,xml

<transportConnector name="ssl" uri="ssl://localhost:61617?wantClientAuth=true&needClientAuth=true&transport.commandTracingEnabled=true" />

activemq-demo.xml // probably not needed

<transportConnector name="ssl" uri="ssl://localhost:61617"/>

activemq-dynamic-network-broker1.xml

<transportConnector name="ssl" uri="ssl://localhost:61617?wantClientAuth=true&needClientAuth=true&transport.commandTracingEnabled=true" />

activemq-dynamic-network-broker2.xml

<transportConnector name="ssl" uri="ssl://localhost:61617?wantClientAuth=true&needClientAuth=true&transport.commandTracingEnabled=true" />

activemq-jdbc.xml

<transportConnector name="ssl" uri="ssl://localhost:61617?wantClientAuth=true&needClientAuth=true&transport.commandTracingEnabled=true" />

activemq-security.xml

<transportConnector name="ssl" uri="ssl://localhost:61617?wantClientAuth=true&needClientAuth=true&transport.commandTracingEnabled=true" />

activemq-specjms.xml

<transportConnector name="ssl" uri="ssl://localhost:61617?wantClientAuth=true&needClientAuth=true&transport.commandTracingEnabled=true" />

activemq-static-network-broker1.xml

<transportConnector name="ssl" uri="ssl://localhost:61617?wantClientAuth=true&needClientAuth=true&transport.commandTracingEnabled=true" />

activemq-static-network-broker2.xml

<networkConnector uri="staticssl://localhost:61616)" duplex="true"/>

activemq-throughput.xml

<transportConnector name="ssl" uri="ssl://localhost:61617?needClientAuth=true" />

activemq.xml (inside <broker>

<transportConnector name="ssl" uri="ssl://localhost:61617?needClientAuth=true" />

activemq.xml

<transportConnector name="ssl" uri="ssl://localhost:61617?needClientAuth=true" />

// the following was placed inside AND outside of <broker>
<amq:broker useJmx="false" persistent="false">

<amq:sslContext>
<amq:sslContext
keyStore="c:/ActiveMQ/broker.ks" keyStorePassword="password"
trustStore="c:/ActiveMQ/client.ks" trustStorePassword="password"/>
</amq:sslContext>

<amq:transportConnectors>
<amq:transportConnector uri="ssl://localhost:61616" />
</amq:transportConnectors>

</amq:broker>


Download activemq-cpp-library-3.4.3 project
Download Bloodshed Dev C++
Download Open SSL
Drop all source files from activemq-cpp-library-3.4.3/src/main into a Dev C++ project
Set Dev C++ to build a DLL
Update main/activmq/util/Config.h, insert #define HAVE_OPENSSL 1
Build DLL from Dev C++
Update system PATH variable to point to directory containing the DLL
Update system PATH variable to point to \OpenSSL-Win64\lib

Change your code so that you have

ConnectionFactory connectionFactory =
new ActiveMQConnectionFactory("ssl://localhost:61617");

Update activemq.bat to set info about keystores and trust stores, when starting activemq precede by seting ACTIVEMQ_ENCRYPTION_PASSWORD=activemq

"%_JAVACMD%" %SUNJMX% %ACTIVEMQ_DEBUG_OPTS% %ACTIVEMQ_OPTS% %SSL_OPTS% -Dactivemq.classpath="%ACTIVEMQ_CLASSPATH%" -Dactivemq.home="%ACTIVEMQ_HOME%" -Dactivemq.base="%ACTIVEMQ_BASE%" -Dactivemq.conf="%ACTIVEMQ_CONF%" -Dactivemq.data="%ACTIVEMQ_DATA%" -Djava.io.tmpdir="%ACTIVEMQ_TMP%" -Djavax.net.ssl.keyStore=c:/ActiveMQ/broker.ks -Djavax.net.ssl.keyStorePassword=password -Djavax.net.ssl.trustStore=c:/activemq/broker.ts -Djavax.net.ssl.trustStorePassword=password -jar "%ACTIVEMQ_HOME%/bin/run.jar" %*

Add debug command to activemq

if "%ACTIVEMQ_OPTS%" == "" set ACTIVEMQ_OPTS=-Xms1G -Xmx1G -Djava.util.logging.config.file=logging.properties -Djavax.net.debug=ssl

When starting client add

java -Djavax.net.debug=ssl -Djavax.net.ssl.keyStore=c:/yourpath/client.ks -Djavax.net.ssl.keyStorePassword=password -Djavax.net.ssl.trustStore=c:/yourpath/client.ts -Djavax.net.ssl.trustStorePassword=password


OK, I tried to cover everything. All of this will definitely help you reach your goal of ActiveMQ invocation with server and client SSL validation



 
It is sorta covered in the JavaRanch Style Guide.
 
subject: JMS ActiveMQ JBOSS SSL