[ 
https://issues.apache.org/jira/browse/QPID-6400?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14327171#comment-14327171
 ] 

Rob Godfrey commented on QPID-6400:
-----------------------------------

For the AMQP 1.0 JMS client (which is what I presume you are using if you are 
connecting to ActiveMQ) you can always construct the {{Connection}} object 
explicitly with an {{SSLContext}} using the constructor

{code}
    public ConnectionImpl(String protocol, String host, int port, String 
username, String password, String clientId, String remoteHost, SSLContext 
sslContext, int maxSessions) throws JMSException
{code}

in {{org.apache.qpid.amqp_1_0.jms.impl.ConnectionImpl}}

So, if you wanted to use a non-default keystore/truststore in your client you 
could create an {{SSLContext}} and the call 

{code}
init(KeyManager[] km, TrustManager[] tm, SecureRandom random)
{code}
with the KeyManagers/TrustManagers from your key/trust stores, and then pass 
this in to the above constructor for the connection.

Does this meet your requirements?

> Provide a mechanism to provide a KeyStore itself rather than a file system 
> path to it
> -------------------------------------------------------------------------------------
>
>                 Key: QPID-6400
>                 URL: https://issues.apache.org/jira/browse/QPID-6400
>             Project: Qpid
>          Issue Type: Bug
>          Components: Java Broker, Java Client
>    Affects Versions: 0.30
>            Reporter: Anand Gopinath
>
> When setting up SSL to communicate to ActiveMQ using the Java Client for 
> example, a keystore, truststore, keystore password, truststore password are 
> needed.  
> Is there a mechanism by which a KeyStore can be set rather than created via 
> via paths to config files? In an HSM environment, there isn't really a way to 
> put a path to a keystore/truststore.  



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to