[CONF] Apache ActiveMQ > How do I use SSL

[Christopher L. Shannon (Confluence)]

Christopher L. Shannon edited the page: How do I use SSL ... Before starting the broker's VM set the ACTIVEMQ_SSL_OPTS enviorment OPTS environment variable so that it knows to use the broker keystore.  (note that in previous versions of ActiveMQ this property was called SSL_OPTS in some scripts.  As of v5.12.0 all scripts use ACTIVEMQ_SSL_OPTS) Code Block export ACTIVEMQ_SSL_OPTS = -Djavax.net.ssl.keyStore=/path/to/broker.ks -Djavax.net.ssl.keyStorePassword=password ... Export the client's certificate so it can be shared with broker: Code Block keytool -export -alias client -keystore client.ks -file client_cert Create a truststore for the broker, and import the client's certificate. This establishes that the broker "trusts" the client: Code Block keytool -import -alias client -keystore broker.ts -file client_cert Add Code Block -Djavax.net.ssl.trustStore=/path/to/broker.ts to ACTIVEMQ_SSL_OPTS Instruct ActiveMQ to require client authentication by setting the following in activemq.xml: Code Block <transportConnectors> <transportConnector name="ssl" uri="ssl://localhost:61617?needClientAuth=true" /> </transportConnectors> ... View Online · Like · View Changes Stop watching space · Manage Notifications This message was sent by Atlassian Confluence 5.0.3, Team Collaboration Software