On 01/29/2014 01:13 PM, Christoffer Sawicki wrote:
Hello!
I'm trying to connect the ActiveMQ NMS client to a server with a
self-signed SSL certificate.
I've added the server certificate to Mono's "Trust", "My" and "CA"
truststores with `certmgr -add -c <object-type> message-queue.crt` but the
connections still yield a SslPolicyErrors.RemoteCertificateChainErrors.
I've found some sources on the web that hint that this is what happens with
self-signed certificates.
Am I missing something? Should I add the certificate somewhere else?
Last time I dabbled with self-signed certificates in .NET I wrote a
custom RemoteCertificateValidationCallback but that's not possible with the
current AMQ NMS API.
I'm thinking about providing a patch
for Apache.NMS.ActiveMQ.Transport.Tcp.SslTransport(Factory) that allows one
to configure brokerCert* just like clientCert* and use that certificate
file in ValidateServerCertificate. Would such a patch be accepted?
Regards,
Christoffer
You can create a patch and attach it to a Jira issue for review.
--
Tim Bish
Sr Software Engineer | RedHat Inc.
tim.b...@redhat.com | www.fusesource.com | www.redhat.com
skype: tabish121 | twitter: @tabish121
blog: http://timbish.blogspot.com/
