SSLCertStores also accept a String:
setSSLCertStores(java.lang.String stores)
Specifies a list of LDAP servers used for certificate revocation list
(CRL) checking.
Regards
JB
On 12/16/2015 08:38 AM, Oliver Wulff wrote:
Hi JB
SSLCertStores is a collection of CertStore objects. I've tried this but it
didn't work:
<property name="SSLCertStores">
<list>
<value>/test/.keystore</value>
</list>
</property>
I don't want to use the default JSSE settings within karaf as it can affect
other components. Also CXF creates custom SSLSocketFactory instances based on
the conduit definition.
Initially, I just want to get it running. An idea could be to have support in
Karaf an SSLSocketFactory Manager which can be administered through the karaf
shell and referenced where ever required.
Thanks
Oli
________________________________________
Von: Jean-Baptiste Onofré <[email protected]>
Gesendet: Mittwoch, 16. Dezember 2015 08:08
An: [email protected]
Betreff: Re: jms:create and configure WebsphereMQ with SSL
Hi Oli,
you can directly specify the key store, etc on the
MQQueueConnectionFactory (coming from MQConnectionFactory):
<property name="SSLCertStore" value="/path/to/keystore.jks"/>
<property name="SSLCipherSuite" value="..."/>
etc
The SSLSocketFactory can be null, if that case, the JSSE default
SSLSocketFactory is used.
So, updating the blueprint should work (AFAIR, I already used this way
for a customer).
Regards
JB
On 12/15/2015 09:35 PM, Oliver Wulff wrote:
Hi there
I could successfully create a QueueConnectionFactory with jms:create and
could successfully connect to the Websphere MQ server running remotely.
The jms:create creates the following blueprint:
<bean id="wmqConnectionFactory"
class="com.ibm.mq.jms.MQQueueConnectionFactory">
<property name="transportType" value="1" />
<property name="hostName" value="localhost" />
<property name="port" value="19420" />
<property name="queueManager" value="AAQ1DM4" />
<property name="channel" value="AAQ1DM4.CLIENT.WAS1" />
</bean>
I'm trying now to connect securely to Websphere MQ broker but I'm
struggeling because the class com.ibm.mq.jms.MQQueueConnectionFactory
provides the option to set an SSLSocketFactory only.
https://www-01.ibm.com/support/knowledgecenter/SSFKSJ_7.5.0/com.ibm.mq.javadoc.doc/WMQJMSClasses/com/ibm/mq/jms/MQConnectionFactory.html
Initially I started creating an SSLSocketFactory with Blueprint bean
definition but it's hacky, IMHO.
I like to define this kind of configurations outside of the camel routes
I deploy into Karaf but need your advise what the best approach might
be. Maybe we can extend the jms commands to support SSL as well - also
for ActiveMQ.
Thanks
Oli
--
Jean-Baptiste Onofré
[email protected]
http://blog.nanthrax.net
Talend - http://www.talend.com
--
Jean-Baptiste Onofré
[email protected]
http://blog.nanthrax.net
Talend - http://www.talend.com
