Hi, Did you try removing the properties after the context has been created?
----------------------------- This E-mail is for the sole use of the intended recipient and may contain confidential and/or privileged material. Any reading, review, reliance, distribution, printing or storage of this E-mail by others than the intended recipient is strictly prohibited without the express permission of the sender. If you are not the intended recipient, please contact the sender immediately and delete all copies from your mailbox and other archives. ----------------------------- -----Oorspronkelijk bericht----- Van: mevans7 [mailto:[email protected]] Verzonden: Tuesday 6 June 2017 0:36 Aan: [email protected] Onderwerp: NettyConnector explicitly initializes SSLContext instead of using default BOTTOM LINE: I need a secure way to initialize the SSLContext in org.apache.activemq.artemis.core.remoting.impl.netty.NettyConnector. (No keystore password in system properties.) USE CASE: I'm trying to configure a client to read JMS messages from Wildfly using SSL. This works ONLY if I specify these either with -D or System.setProperty(): -Djavax.net.ssl.keyStore=<my-keystore-file-path> -Djavax.net.ssl.keyStorePassword=<my-key-pass> -Djavax.net.ssl.trustStore=<my-truststore-file-path> -Djavax.net.ssl.trustStorePassword=<my-trust-pass> My problem is this: for security purposes, I cannot put the password in the System properties. (These are too easy to dump out using various tools.) So, I programatically initialize the default SSLContext. BUT, NettyConnector does not use the default SSLContext. It explicitly reads the above properties and creates its own SSLContext. QUESTION: - How can I securely pass the truststore and keystore passwords to NettyConnector? - Why doesn't NettyConnector just use the default SSLContext, which can be configured with the same system parameters as above? -- View this message in context: http://camel.465427.n5.nabble.com/NettyConnector-explicitly-initializes-SSLContext-instead-of-using-default-tp5801857.html Sent from the Camel - Users mailing list archive at Nabble.com.
