thanks for the heads up, I added a little info about the dummy key stores.
2009/3/10 huntc <hu...@mac.com> > > It appears that my problem was due to the cert and keystores supplied with > my > 5.1.0 installation. When I generated my keystore I did not specify a CN. > However there was a CN in the keystore with the value "localhost" from the > installation. I guess the broker just used the first cert under the alias > "broker" which would have been the older, and expired CN of "localhost". > > Removing conf/broker.ks and re-generating it along with exporting a cert > made things work perfectly. > > On Mac OS X I also chose to install the cert system wide using the command: > > sudo keytool -import -alias broker -keystore > /Library/Java/Home/lib/security/cacerts -file > /Applications/apache-activemq-5.1.0/conf/broker.cert > > The only downside with this approach is that system upgrades could > potentially override the certs. > > BTW: it'd be nice to have the ActiveMQ wiki updated in respect of SSL - > perhaps a mention to remove the existing keystore first would be useful. > :-) > -- > View this message in context: > http://www.nabble.com/Mac-OS-X-Active-MQ-SSL-tp22428287p22432178.html > Sent from the ActiveMQ - User mailing list archive at Nabble.com. > > -- http://blog.garytully.com Open Source SOA http://FUSESource.com