Hi! I'm trying to get ActiveMQ 4.1.2 working with jaasCertificateAuthenticationPlugin. As a result JaasCertificateAuthenticationBroker class at line 75 throws SecurityException. I'm a bit confused because I was unable to find any info regarding this exception. As well plain SSL connection is established well and is working - certificates and keys are defined for ActiveMQ in SSL_OPTS environment variable:
SSL_OPTS=-Djavax.net.ssl.keyStorePassword=<password> -Djavax.net.ssl.keyStore="path\broker.ks" and for options are passed as JVM arguments as follows: -Djavax.net.ssl.keyStore="path\client.ks" -Djavax.net.ssl.keyStorePassword="<password>" -Djavax.net.ssl.trustStore="path\client.ts" and client connection which is created using Spring xml configuration is defined like this: <amq:connectionFactory id="jmsConnectionFactory" userName="system" password="manager" brokerURL="ssl://127.0.0.1:61617"/> accordingly it looks like jaas configuration files (located in {$ACTIVEMQ_BASE}/conf) are correctly picked up by ActiveMQ: ------------- login.ocnfiguration: activemq-domain { org.apache.activemq.jaas.PropertiesLoginModule required debug=true org.apache.activemq.jaas.properties.user="users.properties" org.apache.activemq.jaas.properties.group="groups.properties"; }; ------------- users.properties: system=manager user=password guest=password ------------- groups.properties: admins=system tempDestinationAdmins=system,user users=system,user guests=guest ------------- at last activemq.xml - configuration file holds theese lines: <plugins> <jaasCertificateAuthenticationPlugin/> </plugins> as I've read in http://activemq.apache.org/security.html http://activemq.apache.org/security.html if no configuration is defined by default "login.configuration" file will be picked up and used. So the main question how should I pass certificate to ActiveMQ server if JVM args are not sufficient? -- View this message in context: http://www.nabble.com/Unable-to-authenticate-transport-without-SSL-certificate-tp18979774p18979774.html Sent from the ActiveMQ - User mailing list archive at Nabble.com.