Re: How to specify SSL Ciphers

Wed, 18 Feb 2009 18:02:45 -0800 

Dejan, 

Thanks for the quick reply.  I tried socket.enabledCipherSuites in the
transport url (ssl://localhost:port?socket.enabledCipherSuites=..."), it
does not work.  I tried to set it in the SSL_OPTS, didn't work either.  

Can you be more specific on how to add <sslParameters> to <sslContext>
configuration?

now my config for sslContext is 
e.g.
        <sslContext>
            <sslContext keyStore="file:${activemq.base}/conf/mykeystore.ks"
keyStorePassword="mykspw"
trustStore="file:${activemq.base}/conf/mytruststore"
trustStorePassword="mytspw"/>
        </sslContext>

Don't know how to add it exactly.

Thanks.
Hans


Dejan Bosanac wrote:
> 
> Hi,
> 
> can you try socket.enabledCipherSuites parameter, but I'm not sure how
> Introspection support works for String[]? The other option would be to add
> <sslParameters> to <sslContext> configuration.
> 
> Cheers
> --
> Dejan Bosanac
> 
> Open Source Integration - http://fusesource.com/
> ActiveMQ in Action - http://www.manning.com/snyder/
> Blog - http://www.nighttale.net
> 
> 
> On Wed, Feb 18, 2009 at 3:28 AM, ihanslee <[email protected]> wrote:
> 
>>
>> does anyone get an answer to this?   much Thanks in advance.
>>
>> Thanks,
>> Hans
>>
>>
>> mrh wrote:
>> >
>> > According to JSSE, it is possible to specify cipher suites in the
>> > SSLSocket class:
>> >
>> > http://java.sun.com/j2se/1.5.0/docs/api/javax/net/ssl/SSLSocket.html
>> >
>> > Is it possible in the ActiveMQConnectionFactory to access this property
>> so
>> > that we can set the cipher suites for communication with the broker?
>> >
>> > Maybe in the transport options of the URI (for example:
>> > ssl://localhost:port?enabledCipherSuites=...")?
>> > Or in the ActiveMQ.xml file?
>> > Or, even the SSL_OPTS property?
>> >
>> > I'm still trying to understand the Introspection and was curious if
>> this
>> > is possible?
>> >
>> > Thanks,
>> > mrh
>> >
>>
>> --
>> View this message in context:
>> http://www.nabble.com/How-to-specify-SSL-Ciphers-tp21958278p22070952.html
>> Sent from the ActiveMQ - User mailing list archive at Nabble.com.
>>
>>
> 
> 
> -----
> Dejan Bosanac
> 
> Open Source Integration - http://fusesource.com/
> ActiveMQ in Action - http://www.manning.com/snyder/
> Blog - http://www.nighttale.net
> 

-- 
View this message in context: 
http://www.nabble.com/How-to-specify-SSL-Ciphers-tp21958278p22092628.html
Sent from the ActiveMQ - User mailing list archive at Nabble.com.

Reply via email to