Follow directions here
http://activemq.apache.org/how-do-i-use-ssl.html
// I don't think it is necessary to update ALL of the following files but I
haven't taken the time to figure which are important
activemq-command,xml
transportConnector name=ssl
uri=ssl://localhost:61617?wantClientAuth=trueamp;needClientAuth=trueamp;transport.commandTracingEnabled=true
/
activemq-demo.xml // probably not needed
transportConnector name=ssl uri=ssl://localhost:61617/
activemq-dynamic-network-broker1.xml
transportConnector name=ssl
uri=ssl://localhost:61617?wantClientAuth=trueamp;needClientAuth=trueamp;transport.commandTracingEnabled=true
/
activemq-dynamic-network-broker2.xml
transportConnector name=ssl
uri=ssl://localhost:61617?wantClientAuth=trueamp;needClientAuth=trueamp;transport.commandTracingEnabled=true
/
activemq-jdbc.xml
transportConnector name=ssl
uri=ssl://localhost:61617?wantClientAuth=trueamp;needClientAuth=trueamp;transport.commandTracingEnabled=true
/
activemq-security.xml
transportConnector name=ssl
uri=ssl://localhost:61617?wantClientAuth=trueamp;needClientAuth=trueamp;transport.commandTracingEnabled=true
/
activemq-specjms.xml
transportConnector name=ssl
uri=ssl://localhost:61617?wantClientAuth=trueamp;needClientAuth=trueamp;transport.commandTracingEnabled=true
/
activemq-static-network-broker1.xml
transportConnector name=ssl
uri=ssl://localhost:61617?wantClientAuth=trueamp;needClientAuth=trueamp;transport.commandTracingEnabled=true
/
activemq-static-network-broker2.xml
networkConnector uri=static:(ssl://localhost:61616)
duplex=true/
activemq-throughput.xml
transportConnector name=ssl
uri=ssl://localhost:61617?needClientAuth=true /
activemq.xml (inside broker
transportConnector name=ssl
uri=ssl://localhost:61617?needClientAuth=true /
activemq.xml
transportConnector name=ssl
uri=ssl://localhost:61617?needClientAuth=true /
// the following was placed inside AND outside of broker
amq:broker useJmx=false persistent=false
amq:sslContext
amq:sslContext
keyStore=c:/ActiveMQ/broker.ks keyStorePassword=password
trustStore=c:/ActiveMQ/client.ks
trustStorePassword=password/
/amq:sslContext
amq:transportConnectors
amq:transportConnector uri=ssl://localhost:61616 /
/amq:transportConnectors
/amq:broker
Download activemq-cpp-library-3.4.3 project
Download Bloodshed Dev C++
Download Open SSL
Drop all source files from activemq-cpp-library-3.4.3/src/main into a Dev
C++ project
Set Dev C++ to build a DLL
Update main/activmq/util/Config.h, insert #define HAVE_OPENSSL 1
Build DLL from Dev C++
Update system PATH variable to point to directory containing the DLL
Update system PATH variable to point to \OpenSSL-Win64\lib
Change your code so that you have
ConnectionFactory connectionFactory =
new ActiveMQConnectionFactory(ssl://localhost:61617);
Update activemq.bat to set info about keystores and trust stores, when
starting activemq precede by seting ACTIVEMQ_ENCRYPTION_PASSWORD=activemq
%_JAVACMD% %SUNJMX% %ACTIVEMQ_DEBUG_OPTS% %ACTIVEMQ_OPTS% %SSL_OPTS%
-Dactivemq.classpath=%ACTIVEMQ_CLASSPATH%
-Dactivemq.home=%ACTIVEMQ_HOME% -Dactivemq.base=%ACTIVEMQ_BASE%
-Dactivemq.conf=%ACTIVEMQ_CONF% -Dactivemq.data=%ACTIVEMQ_DATA%
-Djava.io.tmpdir=%ACTIVEMQ_TMP%
-Djavax.net.ssl.keyStore=c:/ActiveMQ/broker.ks
-Djavax.net.ssl.keyStorePassword=password
-Djavax.net.ssl.trustStore=c:/activemq/broker.ts
-Djavax.net.ssl.trustStorePassword=password -jar
%ACTIVEMQ_HOME%/bin/run.jar %*
Add debug command to activemq
if %ACTIVEMQ_OPTS% == set ACTIVEMQ_OPTS=-Xms1G -Xmx1G
-Djava.util.logging.config.file=logging.properties -Djavax.net.debug=ssl
When starting client add
java -Djavax.net.debug=ssl -Djavax.net.ssl.keyStore=c:/yourpath/client.ks
-Djavax.net.ssl.keyStorePassword=password
-Djavax.net.ssl.trustStore=c:/yourpath/client.ts
-Djavax.net.ssl.trustStorePassword=password
OK, I tried to cover everything. All of this will definitely help you reach
your goal of ActiveMQ invocation with server and client SSL validation
--
View this message in context:
http://activemq.2283324.n4.nabble.com/Active-CPP-and-enabling-SSL-on-windows-tp4657742p4657763.html
Sent from the ActiveMQ - User mailing list archive at Nabble.com.