We use ActiveMQ as a message bus between our publisher and subscriber Server nodes.
I am currently looking at how to secure this communication. We have two options… 1) Using it in its current form and applying IPSec over the communications between the two servers. However this will mean that the credentials used when establishing the connections, would be stored in plaintext in the services configuration file. 2) Setting it up to use SSL and thus any authentication for the connections made to it are done via the use of certificates. However for the service to access its certificate store, it means the password for that certificate store is in plaintext in the services configuration file. In each of the 2 options we have a problem with storing credentials in plain text on File system. Is there any option or possibility to store these credentials in a FIPs 140-2 compliant encrypted format in those config files? -- View this message in context: http://activemq.2283324.n4.nabble.com/Securing-Active-MQ-Communication-tp4707108.html Sent from the ActiveMQ - User mailing list archive at Nabble.com.