Hello,

I have generated a certificate for my machine using openssl 1.0.2 (openssl
req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -nodes).

I have created a new Authentication Provider of type "External".

I have created a new KeyStore of type "Non Java Key Store" and uploaded the
private key and certificate generated by the previous step.

I have created a new TrustStore of type "Non Java Key Store" and uploaded
the certificate generated by the first step.

I have created an AMQP port with the following configuration
        Name: AMQPS
        Port Type: AMQP
        Port Number: 10400
        Protocols: AMQP_1_0
        Authentication Provider: sslWithTlsProvider
        Binding address: *
        Transports: SSL
        Key Store: SslCertificateStore
        Need SSL Client Certificate: Yes
        Want SSL Client Certificate: Yes
        Trust Stores: SSLTrustStore
        Number of connection threads: 8

I restarted the broker after all of this configuration.

Now, I want to have a JMS consumer connect to this broker using SSL. I
couldn't find any documentation about it beside the doc page
(https://qpid.apache.org/releases/qpid-jms-0.8.0/docs/index.html) which
doesn't provide an example or detailed information.

I created a trustStore for the JMS client and added the certificate to it
(keytool -import -file cert.pem --keystore D:\qpid-broker\myTrustStore) but
it isn't working

Can you please help me setup a working example?

PS: I am using Non Java stores becasue I will have Proton-c clients later
on.

public static void main(String[] args) throws JMSException {
    System.setProperty("javax.net.ssl.trustStore",
"D:\\qpid-broker\\myTrustStore");
    System.setProperty("javax.net.ssl.trustStorePassword", "password");
    ConnectionFactory connectionFactory = new
JmsConnectionFactory("amqps://aboutros:10400");
    Connection connection = connectionFactory.createConnection();
}

Error: javax.net.ssl.SSLException: Received fatal alert: bad_certificate

Regards,
Adel



--
View this message in context: 
http://qpid.2158936.n2.nabble.com/Qpid-Java-Broker-6-0-0-Using-SSL-with-JMS-clients-for-AMQP-tp7644953.html
Sent from the Apache Qpid users mailing list archive at Nabble.com.

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to