Tomas Restrepo wrote:
I've got a couple of questions about the SSL support in the Java broker,
particularly after with the great work done by Kevin Smith to improve its
support.
1- It used to be possible (or at least it looked that way) to have a single
broker listen simultaneously on both the regular non-ssl and ssl ports (or
at least it looked that way). It appears this is not longer the case on the
trunk, so if SSL is enabled, the server will only listen on the SSL port. Is
that right or am I missing something?
At least for development purposes, I'd say it would be useful to be able to
have both enabled at the same time, though for normal production servers it
would likely not be usual to do so.
Based on my reading of the code when I did the SSL changes, it looked like the
broker only ever listened on one or the other. I'll take a look and see about
adding support for both, at least for debugging purposes.
2- Can anyone give a guy like me that hasn't done much java for a number of
years a clue on how to set up a keystore to run the broker with? :)
There's pretty good information on configuring keystores and setting up
self-signed certs (good enough for testing) here:
http://mindprod.com/jgloss/keytoolexe.html
The section entitled "Generating A Phony Certificate" has the steps I use to
create and configure a keystore for SSL testing.
--Kevin
Thanks
Tomas Restrepo
[EMAIL PROTECTED]
http://www.winterdom.com/weblog/
