... ssl://localhost:61616?socket.enabledCipherSuites=SSL_RSA_WITH_RC4_128_SHA,SSL_DH_anon_WITH_3DES_EDE_CBC_SHA Hostname Validation (Starting with version 5.15.6) From version 5.15.6 ActiveMQ now supports TLS Hostname validation. This has been enabled by default for the ActiveMQ client and is off by default on the broker. To configure: Server side configuration of hostname validation The default for the server side is to disable Hostname validation and this can be configured with ?transport.verifyHostName. This is only relevant for 2-way SSL and will cause the client's CN of their certificate to be compared to their hostname to verify they match. Example for how to enable on server side if desired:
No Format |
ssl://localhost:61616?transport.verifyHostName=true
|
Client side configuration of hostname validation The default for the ActiveMQ client is to enable Hostname validation and this can be configured with ?socket.verifyHostName. This will cause the CN of the server certificate to be compared to the server hostname to verify they match. Example to disable:
No Format |
ssl://localhost:61616?socket.verifyHostName=false
|
Other Links
... |