We have a relative simple topology where there are a few machines configured as network of brokers. Each machine has one broker, and then one or more activemq client applications. Each client only connects to the broker on local host. Every broker statically connects to every other broker.
We have a requirement that all traffic on the wire be encrypted, so we are using SSL for the network connectors between brokers. The local traffic between the clients and the localhost broker uses plaintext openwire, i.e. a tcp transport. The relative section from the .conf file looks something like this: <networkConnectors> <networkConnector name="superman-to-batman" uri="static:(ssl://batman:24001)"/> <networkConnector name="superman-to-flash" uri="static:(ssl://flash:24001)"/> </networkConnectors> <transportConnectors> <transportConnector name="open" uri="tcp://127.0.0.1:24002" /> <transportConnector name="ssl" uri="ssl://0.0.0.0:24001" /> </transportConnectors> For testing purposes we have been using the demo broker.ks, broker.ts, client,ks, client.ts files that ship with activemq. We now want to generate our own files. I've read how-do-i-use-ssl<http://activemq.apache.org/how-do-i-use-ssl.html> but there is something mysterious to me that I want to understand. I see in activemq-demo.xml where the broker.ks and broker.ts files are configured, but I don't see where client.ks and client.ts are configured. These files are referenced in how-do-i-use-ssl<http://activemq.apache.org/how-do-i-use-ssl.html>, where it says: When starting the client's VM, specify the following system properties: javax.net.ssl.keyStore=/path/to/client.ks javax.net.ssl.keyStorePassword=password javax.net.ssl.trustStore=/path/to/client.ts However, we never did this to our configuration, and I can't find where it might have been done for us in the default configuration. So, all this boils down to the simple question: how does activemq-demo.xml work? Where is client.ks and client.ts configured for this demo? Thanks, Jim Lloyd