Author: buildbot
Date: Fri Jun 12 18:21:03 2015
New Revision: 954613
Log:
Production update by buildbot for activemq
Modified:
websites/production/activemq/content/cache/main.pageCache
websites/production/activemq/content/how-do-i-use-ssl.html
websites/production/activemq/content/jmx.html
Modified: websites/production/activemq/content/cache/main.pageCache
==============================================================================
Binary files - no diff available.
Modified: websites/production/activemq/content/how-do-i-use-ssl.html
==============================================================================
--- websites/production/activemq/content/how-do-i-use-ssl.html (original)
+++ websites/production/activemq/content/how-do-i-use-ssl.html Fri Jun 12
18:21:03 2015
@@ -99,8 +99,8 @@
<script class="theme: Default; brush: java; gutter: false"
type="syntaxhighlighter"><![CDATA[keytool -genkey -alias client -keyalg RSA
-keystore client.ks]]></script>
</div></div></li><li><p>Create a truststore for the client, and import the
broker's certificate. This establishes that the client "trusts" the
broker:</p><div class="code panel pdl" style="border-width: 1px;"><div
class="codeContent panelContent pdl">
<script class="theme: Default; brush: java; gutter: false"
type="syntaxhighlighter"><![CDATA[keytool -import -alias broker -keystore
client.ts -file broker_cert]]></script>
-</div></div></li></ol><h3 id="HowdoIuseSSL-StartingtheBroker">Starting the
Broker</h3><h4 id="HowdoIuseSSL-Usingthejavax.net.ssl.*SystemProperties">Using
the javax.net.ssl.* System Properties</h4><p>Before starting the broker's VM
set the SSL_OPTS enviorment variable so that it knows to use the broker
keystore.</p><div class="code panel pdl" style="border-width: 1px;"><div
class="codeContent panelContent pdl">
-<script class="theme: Default; brush: java; gutter: false"
type="syntaxhighlighter"><![CDATA[export SSL_OPTS =
-Djavax.net.ssl.keyStore=/path/to/broker.ks
-Djavax.net.ssl.keyStorePassword=password
+</div></div></li></ol><h3 id="HowdoIuseSSL-StartingtheBroker">Starting the
Broker</h3><h4 id="HowdoIuseSSL-Usingthejavax.net.ssl.*SystemProperties">Using
the javax.net.ssl.* System Properties</h4><p>Before starting the broker's VM
set the ACTIVEMQ_SSL_OPTS environment variable so that it knows to use the
broker keystore.  (note that in previous versions of ActiveMQ this
property was called SSL_OPTS in some scripts.  As of v5.12.0 all scripts
use ACTIVEMQ_SSL_OPTS)</p><div class="code panel pdl" style="border-width:
1px;"><div class="codeContent panelContent pdl">
+<script class="theme: Default; brush: java; gutter: false"
type="syntaxhighlighter"><![CDATA[export ACTIVEMQ_SSL_OPTS =
-Djavax.net.ssl.keyStore=/path/to/broker.ks
-Djavax.net.ssl.keyStorePassword=password
]]></script>
</div></div><h4
id="HowdoIuseSSL-UsingSpringtoconfigureSSLforaBrokerinstance">Using Spring to
configure SSL for a Broker instance</h4><p>Sometimes the use of javax.net.ssl.*
system properties is not appropriate as they effect all SSL users in a JVM.
ActiveMQ 5.2.x adds an <sslContext> element to the <amq:broker>
that allows a broker specific set of SSL properties to be configured.</p><p>The
SslContext <a shape="rect" class="external-link"
href="https://svn.apache.org/repos/asf/activemq/trunk/activemq-unit-tests/src/test/java/org/apache/activemq/transport/tcp/SslContextBrokerServiceTest.java";>test
case</a> validates starting an SSL transport listener using the configuration
specified in the broker Xbean. The SslContext element is added to the broker as
follows:</p><div class="code panel pdl" style="border-width: 1px;"><div
class="codeContent panelContent pdl">
<script class="theme: Default; brush: java; gutter: false"
type="syntaxhighlighter"><![CDATA[<beans
@@ -137,7 +137,7 @@ javax.net.ssl.trustStore=/path/to/client
<script class="theme: Default; brush: java; gutter: false"
type="syntaxhighlighter"><![CDATA[keytool -import -alias client -keystore
broker.ts -file client_cert]]></script>
</div></div></li><li><p>Add</p><div class="code panel pdl"
style="border-width: 1px;"><div class="codeContent panelContent pdl">
<script class="theme: Default; brush: java; gutter: false"
type="syntaxhighlighter"><![CDATA[-Djavax.net.ssl.trustStore=/path/to/broker.ts]]></script>
-</div></div><p>to SSL_OPTS</p></li><li><p>Instruct ActiveMQ to require client
authentication by setting the following in activemq.xml:</p><div class="code
panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
+</div></div><p>to ACTIVEMQ_SSL_OPTS</p></li><li><p>Instruct ActiveMQ to
require client authentication by setting the following in activemq.xml:</p><div
class="code panel pdl" style="border-width: 1px;"><div class="codeContent
panelContent pdl">
<script class="theme: Default; brush: java; gutter: false"
type="syntaxhighlighter"><![CDATA[ <transportConnectors>
<transportConnector name="ssl"
uri="ssl://localhost:61617?needClientAuth=true" />
</transportConnectors>]]></script>
Modified: websites/production/activemq/content/jmx.html
==============================================================================
--- websites/production/activemq/content/jmx.html (original)
+++ websites/production/activemq/content/jmx.html Fri Jun 12 18:21:03 2015
@@ -123,16 +123,16 @@ controlRole readwrite
monitorRole abc123
controlRole abcd1234
]]></script>
-</div></div><p>(Make sure both files are not world readable - more info can be
find <a shape="rect" class="external-link"
href="http://java.sun.com/j2se/1.5.0/docs/guide/management/agent.html#auth";
rel="nofollow">here</a> to protect files)</p><p>For more details you can see
the <a shape="rect" class="external-link"
href="http://tomcat.apache.org/tomcat-5.5-doc/monitoring.html";>Monitoring
Tomcat Document</a></p><p>3. Modify the "activemq" startup script (in bin) to
enable the Java 1.5+ JMX connector</p><p>Find the "SUNJMX=" line and change it
too:</p><div class="code panel pdl" style="border-width: 1px;"><div
class="codeContent panelContent pdl">
+</div></div><p>(Make sure both files are not world readable - more info can be
find <a shape="rect" class="external-link"
href="http://java.sun.com/j2se/1.5.0/docs/guide/management/agent.html#auth";
rel="nofollow">here</a> to protect files)</p><p>For more details you can see
the <a shape="rect" class="external-link"
href="http://tomcat.apache.org/tomcat-5.5-doc/monitoring.html";>Monitoring
Tomcat Document</a></p><p>3. Modify the "activemq" startup script (in bin) to
enable the Java 1.5+ JMX connector</p><p>Find the "ACTIVEMQ_SUNJMX_START=" line
and change it too the following: (note that in previous versions of ActiveMQ
this property was called SUNJMX in some scripts.  As of v5.12.0 all
scripts use ACTIVEMQ_SUNJMX_START):</p><div class="code panel pdl"
style="border-width: 1px;"><div class="codeContent panelContent pdl">
<script class="theme: Default; brush: java; gutter: false"
type="syntaxhighlighter"><![CDATA[1. Windows
- SUNJMX=-Dcom.sun.management.jmxremote.port=1616
-Dcom.sun.management.jmxremote.ssl=false \
+ ACTIVEMQ_SUNJMX_START=-Dcom.sun.management.jmxremote.port=1616
-Dcom.sun.management.jmxremote.ssl=false \
-Dcom.sun.management.jmxremote.password.file=%ACTIVEMQ_BASE%/conf/jmx.password \
-Dcom.sun.management.jmxremote.access.file=%ACTIVEMQ_BASE%/conf/jmx.access
2. Unix
- SUNJMX="-Dcom.sun.management.jmxremote.port=1616
-Dcom.sun.management.jmxremote.ssl=false \
+ ACTIVEMQ_SUNJMX_START="-Dcom.sun.management.jmxremote.port=1616
-Dcom.sun.management.jmxremote.ssl=false \
-Dcom.sun.management.jmxremote.password.file=${ACTIVEMQ_BASE}/conf/jmx.password
\
-Dcom.sun.management.jmxremote.access.file=${ACTIVEMQ_BASE}/conf/jmx.access"
]]></script>
@@ -141,7 +141,7 @@ controlRole abcd1234
ACTIVEMQ_HOME=DRIVE_LETTER:/where/ActiveMQ/is/installed
ACTIVEMQ_BASE=%ACTIVEMQ_HOME%
-SUNJMX=-Dcom.sun.management.jmxremote.port=1616
-Dcom.sun.management.jmxremote.ssl=false \
+ACTIVEMQ_SUNJMX_START=-Dcom.sun.management.jmxremote.port=1616
-Dcom.sun.management.jmxremote.ssl=false \
-Dcom.sun.management.jmxremote.password.file=%ACTIVEMQ_BASE%/conf/jmx.password \
-Dcom.sun.management.jmxremote.access.file=%ACTIVEMQ_BASE%/conf/jmx.access
@@ -149,7 +149,7 @@ SUNJMX=-Dcom.sun.management.jmxremote.po
ACTIVEMQ_HOME=DRIVE_LETTER:/where/ActiveMQ/is/installed
ACTIVEMQ_BASE=${ACTIVEMQ_HOME}
-SUNJMX="-Dcom.sun.management.jmxremote.port=1616
-Dcom.sun.management.jmxremote.ssl=false \
+ACTIVEMQ_SUNJMX_START="-Dcom.sun.management.jmxremote.port=1616
-Dcom.sun.management.jmxremote.ssl=false \
-Dcom.sun.management.jmxremote.password.file=${ACTIVEMQ_BASE}/conf/jmx.password
\
-Dcom.sun.management.jmxremote.access.file=${ACTIVEMQ_BASE}/conf/jmx.access"
]]></script>
@@ -164,10 +164,10 @@ SUNJMX="-Dcom.sun.management.jmxrem
</broker>
]]></script>
</div></div><p>In 4.0.1 or later, on Java 1.5 or later we try and use the
default platform MBeanServer (so that things like the JVM threads & memory
settings are visible).</p><p>If you wish to change the Java 5 JMX settings you
can use various <a shape="rect" class="external-link"
href="http://java.sun.com/j2se/1.5.0/docs/guide/management/agent.html#properties";
rel="nofollow">JMX system properties</a></p><p>For example you can enable
remote JMX connections to the Sun JMX connector, via setting the following
environment variable (using <strong>set</strong> or <strong>export</strong>
depending on your platform). These settings only configure the Sun JMX
connector within Java 1.5+, not the JMX connector that ActiveMQ creates by
default.</p><div class="code panel pdl" style="border-width: 1px;"><div
class="codeContent panelContent pdl">
-<script class="theme: Default; brush: java; gutter: false"
type="syntaxhighlighter"><![CDATA[SUNJMX=-Dcom.sun.management.jmxremote=true
-Dcom.sun.management.jmxremote.port=1616 \
+<script class="theme: Default; brush: java; gutter: false"
type="syntaxhighlighter"><![CDATA[ACTIVEMQ_SUNJMX_START=-Dcom.sun.management.jmxremote=true
-Dcom.sun.management.jmxremote.port=1616 \
-Dcom.sun.management.jmxremote.authenticate=false
-Dcom.sun.management.jmxremote.ssl=false
]]></script>
-</div></div><p>(The SUNJMX environment variable is simple used by the
"activemq" startup script, as additional startup parameters for java. If you
start ActiveMQ directly, you'll have to pass these parameters yourself.)</p><h4
id="JMX-ManagementContextPropertiesReference">ManagementContext Properties
Reference</h4><div class="table-wrap"><table
class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1"
class="confluenceTh"><p>Property Name</p></th><th colspan="1" rowspan="1"
class="confluenceTh"><p>Default Value</p></th><th colspan="1" rowspan="1"
class="confluenceTh"><p>Description</p></th></tr><tr><td colspan="1"
rowspan="1" class="confluenceTd"><p>useMBeanServer</p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p>true</p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p>If true then it avoids creating a new MBean server if a
MBeanServer has already been created in the JVM</p></td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"><p>jmxDomainName</p></td
><td colspan="1" rowspan="1"
>class="confluenceTd"><p>org.apache.activemq</p></td><td colspan="1"
>rowspan="1" class="confluenceTd"><p>The jmx domain that all objects names
>will use</p></td></tr><tr><td colspan="1" rowspan="1"
>class="confluenceTd"><p>createMBeanServer</p></td><td colspan="1" rowspan="1"
>class="confluenceTd"><p>true</p></td><td colspan="1" rowspan="1"
>class="confluenceTd"><p>If we should create the MBeanServer is none is
>found.</p></td></tr><tr><td colspan="1" rowspan="1"
>class="confluenceTd"><p>createConnector</p></td><td colspan="1" rowspan="1"
>class="confluenceTd"><p>true</p></td><td colspan="1" rowspan="1"
>class="confluenceTd"><p>If we should create a JMX connector (to allow remote
>management) for the MBeanServer</p></td></tr><tr><td colspan="1" rowspan="1"
>class="confluenceTd"><p>connectorPort</p></td><td colspan="1" rowspan="1"
>class="confluenceTd"><p>1099</p></td><td colspan="1" rowspan="1"
>class="confluenceTd"><p>The port that the JMX connector will use</p></td
></tr><tr><td colspan="1" rowspan="1"
>class="confluenceTd"><p>connectorHost</p></td><td colspan="1" rowspan="1"
>class="confluenceTd"><p>localhost</p></td><td colspan="1" rowspan="1"
>class="confluenceTd"><p>The host that the JMX connector and RMI server (if
>rmiServerPort>0) will use</p></td></tr><tr><td colspan="1" rowspan="1"
>class="confluenceTd"><p>rmiServerPort</p></td><td colspan="1" rowspan="1"
>class="confluenceTd"><p>0</p></td><td colspan="1" rowspan="1"
>class="confluenceTd"><p>The RMI server port, handy if port usage needs to be
>restricted behind a firewall</p></td></tr><tr><td colspan="1" rowspan="1"
>class="confluenceTd"><p>connectorPath</p></td><td colspan="1" rowspan="1"
>class="confluenceTd"><p>/jmxrmi</p></td><td colspan="1" rowspan="1"
>class="confluenceTd"><p>The path that JMX connector will be registered
>under</p></td></tr><tr><td colspan="1" rowspan="1"
>class="confluenceTd"><p>findTigerMBeanServer</p></td><td colspan="1"
>rowspan="1" class="confluenceTd"><p>true</p></
td><td colspan="1" rowspan="1" class="confluenceTd"><p>Enables/disables the
searching for the Java 5 platform
MBeanServer</p></td></tr></tbody></table></div></div>
+</div></div><p>(The ACTIVEMQ_SUNJMX_START environment variable is simple used
by the "activemq" startup script, as additional startup parameters for java. If
you start ActiveMQ directly, you'll have to pass these parameters
yourself.)</p><h4
id="JMX-ManagementContextPropertiesReference">ManagementContext Properties
Reference</h4><div class="table-wrap"><table
class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1"
class="confluenceTh"><p>Property Name</p></th><th colspan="1" rowspan="1"
class="confluenceTh"><p>Default Value</p></th><th colspan="1" rowspan="1"
class="confluenceTh"><p>Description</p></th></tr><tr><td colspan="1"
rowspan="1" class="confluenceTd"><p>useMBeanServer</p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p>true</p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p>If true then it avoids creating a new MBean server if a
MBeanServer has already been created in the JVM</p></td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"><p>jmxDom
ainName</p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p>org.apache.activemq</p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p>The jmx domain that all objects names will
use</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p>createMBeanServer</p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p>true</p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p>If we should create the MBeanServer is none is
found.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p>createConnector</p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p>true</p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p>If we should create a JMX connector (to allow remote
management) for the MBeanServer</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p>connectorPort</p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p>1099</p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p>The port that the JMX connector w
ill use</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p>connectorHost</p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p>localhost</p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p>The host that the JMX connector and RMI server (if
rmiServerPort>0) will use</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p>rmiServerPort</p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p>0</p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p>The RMI server port, handy if port usage needs to be
restricted behind a firewall</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p>connectorPath</p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p>/jmxrmi</p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p>The path that JMX connector will be registered
under</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p>findTigerMBeanServer</p></td><td colspan="1"
rowspan="1" class="confluenceTd
"><p>true</p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p>Enables/disables the searching for the Java 5 platform
MBeanServer</p></td></tr></tbody></table></div></div>
</td>
<td valign="top">
<div class="navigation">
