Re: CLIENT_CERT using TransportConfiguration

Mon, 23 May 2016 11:37:44 -0700 

The SSLContext in 
org.apache.activemq.artemis.core.remoting.impl.netty.NettyConnector is not 
exposed, and I can't think of any other way you could pass an in-memory cert to 
the connector with the existing code.  However, you could perhaps implement 
your own org.apache.activemq.artemis.spi.core.remoting.ConnectorFactory and 
extend org.apache.activemq.artemis.core.remoting.impl.netty.NettyConnector and 
do what you want that way.

To be clear, there are two different properties you can set for the key store - 
javax.net.ssl.keyStore or org.apache.activemq.ssl.keyStore (with the latter 
taking precedence).


Justin

----- Original Message -----
From: "gturner" <george.tur...@lmco.com>
To: users@activemq.apache.org
Sent: Monday, May 23, 2016 10:30:59 AM
Subject: CLIENT_CERT using TransportConfiguration

I am using the following code:

            Map<String, Object> connectionParams = new HashMap<>();
            connectionParams.put(TransportConstants.HOST_PROP_NAME,
"socmission");
            connectionParams.put(TransportConstants.PORT_PROP_NAME, "8443");
            connectionParams.put(TransportConstants.SSL_ENABLED_PROP_NAME,
"true");
           
connectionParams.put(TransportConstants.HTTP_UPGRADE_ENABLED_PROP_NAME,
"true");
           
connectionParams.put(TransportConstants.HTTP_UPGRADE_ENDPOINT_PROP_NAME,
"https-acceptor");
            TransportConfiguration transportConfiguration = new
TransportConfiguration(
               
"org.apache.activemq.artemis.core.remoting.impl.netty.NettyConnectorFactory",
connectionParams);
            ConnectionFactory cf =
ActiveMQJMSClient.createConnectionFactoryWithoutHA(JMSFactoryType.TOPIC_CF,
transportConfiguration);
            Connection connection = cf.createConnection();
            connection.start();
            session = connection.createSession(false,
Session.AUTO_ACKNOWLEDGE);
            Topic t = (Topic) ctx.lookup(topicJndi);


But in order to connect SSL, the only option is to set the system keystore
option.  Is there any option like an SSLContext that would allow me to set
the client certificate in memory instead of writing it out to file to pass
to the system variable?



--
View this message in context: 
http://activemq.2283324.n4.nabble.com/CLIENT-CERT-using-TransportConfiguration-tp4712258.html
Sent from the ActiveMQ - User mailing list archive at Nabble.com.

Reply via email to