ActiveMQ to ActiveMQ SSL issues

Fri, 03 Jul 2009 04:41:57 -0700 

I have 2 servers running JBoss.

Server A has activemq-web-console-5.2.0.war with a Broker installed in it. I
have SSL and TCP set up on this server.

Server B has activemq-ra.rar and I have no broker running. Instead I have
pointed it to Server A's broker.

When I point Server B to Server A's TCP URL it works fine. The MDB on Server
B recieves messages with no problems. With I try an connect via SSL I get
errors and exceptions back:

12:16:36,618 ERROR [ActiveMQEndpointWorker] Failed to connect to broker
[ssl://ServerA:61617]: Could not connect to broker URL: ssl://ServerA:61617.
Reason: javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected
error: java.security.InvalidAlgorithmParameterException: t
he trustAnchors parameter must be non-empty
javax.jms.JMSException: Could not connect to broker URL:
ssl://ServerAlocal:61617. Reason: javax.net.ssl.SSLException:
java.lang.RuntimeException: Unexpected error:
java.security.InvalidAlgorithmParameterException: the trustAnchors parameter
must be non-empty

My config is thus:

ra.xml:

    <resourceadapter>
        
        
<resourceadapter-class>org.apache.activemq.ra.ActiveMQResourceAdapter</resourceadapter-class>
        
                <config-property>
            <description>
              The URL to the ActiveMQ server that you want this connection
to connect to.  If using
              an embedded broker, this value should be 'vm://localhost'.
            </description>
            <config-property-name>ServerUrl</config-property-name>
            <config-property-type>java.lang.String</config-property-type>
           
<config-property-value>ssl://ServerA:61617</config-property-value>
        </config-property>

How can I set up the SSL connection between the 2 servers?

I have tested connecting to ServerA over SSL with a standard Java program
specifying the trustStore etc... in the System Properties. This worked a
treat, but thats my program creating the connection and not ActiveMQ.

Does the resource adapter for ActiveMQ cope with SSL.?

I have added the following to the JBoss start-up:

set JAVA_OPTS=%JAVA_OPTS% -Djavax.net.ssl.debug=all 
set JAVA_OPTS=%JAVA_OPTS% -Djavax.net.ssl.trustStore=client.ts
set JAVA_OPTS=%JAVA_OPTS% -Djavax.net.ssl.trustStorePassword=password
set JAVA_OPTS=%JAVA_OPTS% -Djavax.net.ssl.keyStore=client.ks
set JAVA_OPTS=%JAVA_OPTS% -Djavax.net.ssl.keyStorePassword=password

But they don't have any effect.

Can anyone advise where I put the SSL settings in the resource adapter
please?

Cheers
Chris
-- 
View this message in context: 
http://www.nabble.com/ActiveMQ-to-ActiveMQ-SSL-issues-tp24321802p24321802.html
Sent from the ActiveMQ - User mailing list archive at Nabble.com.

Reply via email to