Hi, I have setup the ssl in the broker as follows,
<sslContext> <sslContext keyStore="file:${activemq.base}/conf/broker.ks" keyStorePassword="password" trustStore="file:${activemq.base}/conf/broker.ts" trustStorePassword="password"/> </sslContext> And specified he transport connector as, <transportConnector name="ssl" uri="ssl://0.0.0.0:443"/> With this configuraton broker starts, but when I connect to it using a java consumer as, ActiveMQConnectionFactory factory = new ActiveMQConnectionFactory("ssl://<server-ip>:443"); I got the error, Could not connect to broker URL: ssl://<server-ip>:443. Reason: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target And in the activemq logs, it says, ERROR | Could not accept connection : javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown I have followed the steps specified in http://activemq.apache.org/how-do-i-use-ssl.html, to generate and register the certificate. Also, set the SSL_OPTS=-Djavax.net.ssl.keyStore=MessageBrokerRoot/conf/broker.ks. But still getting the same error. How can I set the, javax.net.ssl.keyStore=/path/to/client.ks javax.net.ssl.keyStorePassword=password javax.net.ssl.trustStore=/path/to/client.ts And do I need to do any thing different at the client side, while connecting instead of changing url form tcp to ssl. Let me know your inputs. Thanks Manu -- View this message in context: http://activemq.2283324.n4.nabble.com/Unable-to-connect-to-broker-over-ssl-tp4041082p4041082.html Sent from the ActiveMQ - User mailing list archive at Nabble.com.