[
https://issues.apache.org/jira/browse/ARTEMIS-2412?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16879490#comment-16879490
]
Justin Bertram commented on ARTEMIS-2412:
-----------------------------------------
bq. It's only possible by "stuffing" everything inside the brokerURL, which
isn't nice.
I can see how using the URL might not be especially nice for your particular
use-case, but I've found the ability to configure everything in the URL
exceedingly convenient for many other use-cases.
Until this is changed you can configure SSL with something like the following:
{code:xml}
<Resource name="jms/CONNECTION-FACTORY" auth="Container"
type="org.apache.activemq.artemis.jms.client.ActiveMQConnectionFactory"
description="JMS Connection Factory"
factory="org.apache.activemq.artemis.jndi.JNDIReferenceFactory"
brokerURL="tcp://localhost:14617?sslEnabled=true;trustStorePath=/pathto/client.ts;trustStorePassword=trustPass;keyStorePath=/path/to/client.ks;keyStorePassword=keyPass"/>
{code}
I believe [the
documentation|http://activemq.apache.org/components/artemis/documentation/latest/configuring-transports.html]
covers all the SSL-related transport properties.
If the changes you requested are implemented I would expect the setter names to
match the existing transport properties which means it would look something
like this:
{code:xml}
<Resource name="jms/CONNECTION-FACTORY" auth="Container"
type="org.apache.activemq.artemis.jms.client.ActiveMQConnectionFactory"
description="JMS Connection Factory"
factory="org.apache.activemq.artemis.jndi.JNDIReferenceFactory"
brokerURL="tcp://localhost:14617"
sslEnabled="true"
trustStorePath="/pathto/client.ts"
keyStorePath="/path/to/client.ks"
trustStorePassword="trustPass"
keyStorePassword="keyPass"/>
{code}
> Full connection configuration through JNDI
> ------------------------------------------
>
> Key: ARTEMIS-2412
> URL: https://issues.apache.org/jira/browse/ARTEMIS-2412
> Project: ActiveMQ Artemis
> Issue Type: New Feature
> Affects Versions: 2.9.0
> Reporter: Maarten Boekhold
> Priority: Minor
>
> With the native Artemis JMS classes, eg
> {{org.apache.activemq.artemis.jndi.JNDIReferenceFactory}}, it is not possible
> to configure the SSL parameters through JNDI properties. It's only possible
> by "stuffing" everything inside the {{brokerURL}}, which isn't nice.
> To put into context, with the "plain ol' ActiveMQ" {{JNDIReferenceFactory}},
> you can do (borrowing from the Tomcat syntax to define a JNDI resource):
> {code:java}
> <Resource name="jms/CONNECTION-FACTORY" auth="Container"
> type="org.apache.activemq.ActiveMQSslConnectionFactory"
> description="JMS Connection Factory"
> factory="org.apache.activemq.jndi.JNDIReferenceFactory"
> brokerURL="ssl://localhost:14617"
> trustStore="/pathto/client.ts"
> keyStore="/path/to/client.ks"
> trustStorePassword="trustPass"
> keyStorePassword="keyPass"/>{code}
> The equivalent is not possible with the Artemis native JMS API. Instead you
> need to encode things inside the {{brokerURL}} (which btw is poorly
> documented on which options are available).
> The request is to enhance
> {{org.apache.activemq.artemis.jms.client.ActiveMQConnectionFactory}} with
> additional "setter" methods that allow you to specify parameters such as
> "ssl-enable", "trustStore", "keyStore", "trustStorePassword",
> "keyStorePassword". The "buildFromProperties()" method should then take care
> of passing the values in the JNDI binding to the
> {{ActiveMQConnectionFactory}}, which will then use it to correctly initialize
> the connection.
> Eg. the expectation is to be able to do the following to configure an Artemis
> "native" ActiveMQConnectionFactory for SSL:
> {code:java}
> <Resource name="jms/CONNECTION-FACTORY" auth="Container"
>
> type="org.apache.activemq.artemis.jms.client.ActiveMQConnectionFactory"
> description="JMS Connection Factory"
> factory="org.apache.activemq.artemis.jndi.JNDIReferenceFactory"
> brokerURL="tcp://localhost:14617"
> ssl-enable="true"
> trustStore="/pathto/client.ts"
> keyStore="/path/to/client.ks"
> trustStorePassword="trustPass"
> keyStorePassword="keyPass"/>
> {code}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
