You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@activemq.apache.org by gilbertoblue <gi...@gmail.com> on 2012/10/11 23:07:37 UTC
Active CPP and enabling SSL on windows
Hello
The directions for enabling SSL on windows are very lacking. I got all of
the activemq-cpp-library-3.4.3 source code and built a DLL. I'm not sure
yet if put #define HAVE_OPENSSL 1 in all of the right places. The directions
then say
set the include and library paths there as well
I don't know what this means. I have added all of the configuration info
from
http://activemq.apache.org/how-do-i-use-ssl.html
I updated my PATH statement to include the DLL directory and the
C:\OpenSSL-Win64\lib directory.
I fired up the broker but I was able to connect without specifying
-Djavax.net.ssl.keyStore=file:c:/ActiveMQ/client.ks
-Djavax.net.ssl.keyStorePassword=password
-Djavax.net.ssl.trustStore=file:c:/ActiveMQ/client.ts
-Djavax.net.ssl.trustStorePassword=password
Does anybody have some experience with ActiveMQ SSL on Windows that they can
share?
I know that a lot of people like myself would be greatly appreciative
thank you very much
--
View this message in context: http://activemq.2283324.n4.nabble.com/Active-CPP-and-enabling-SSL-on-windows-tp4657742.html
Sent from the ActiveMQ - User mailing list archive at Nabble.com.
Re: Active CPP and enabling SSL on windows
Posted by gilbertoblue <gi...@gmail.com>.
Follow directions here
http://activemq.apache.org/how-do-i-use-ssl.html
// I don't think it is necessary to update ALL of the following files but I
haven't taken the time to figure which are important
activemq-command,xml
<transportConnector name="ssl"
uri="ssl://localhost:61617?wantClientAuth=true&needClientAuth=true&transport.commandTracingEnabled=true"
/>
activemq-demo.xml // probably not needed
<transportConnector name="ssl" uri="ssl://localhost:61617"/>
activemq-dynamic-network-broker1.xml
<transportConnector name="ssl"
uri="ssl://localhost:61617?wantClientAuth=true&needClientAuth=true&transport.commandTracingEnabled=true"
/>
activemq-dynamic-network-broker2.xml
<transportConnector name="ssl"
uri="ssl://localhost:61617?wantClientAuth=true&needClientAuth=true&transport.commandTracingEnabled=true"
/>
activemq-jdbc.xml
<transportConnector name="ssl"
uri="ssl://localhost:61617?wantClientAuth=true&needClientAuth=true&transport.commandTracingEnabled=true"
/>
activemq-security.xml
<transportConnector name="ssl"
uri="ssl://localhost:61617?wantClientAuth=true&needClientAuth=true&transport.commandTracingEnabled=true"
/>
activemq-specjms.xml
<transportConnector name="ssl"
uri="ssl://localhost:61617?wantClientAuth=true&needClientAuth=true&transport.commandTracingEnabled=true"
/>
activemq-static-network-broker1.xml
<transportConnector name="ssl"
uri="ssl://localhost:61617?wantClientAuth=true&needClientAuth=true&transport.commandTracingEnabled=true"
/>
activemq-static-network-broker2.xml
<networkConnector uri="static:(ssl://localhost:61616)"
duplex="true"/>
activemq-throughput.xml
<transportConnector name="ssl"
uri="ssl://localhost:61617?needClientAuth=true" />
activemq.xml (inside <broker>
<transportConnector name="ssl"
uri="ssl://localhost:61617?needClientAuth=true" />
activemq.xml
<transportConnector name="ssl"
uri="ssl://localhost:61617?needClientAuth=true" />
// the following was placed inside AND outside of <broker>
<amq:broker useJmx="false" persistent="false">
<amq:sslContext>
<amq:sslContext
keyStore="c:/ActiveMQ/broker.ks" keyStorePassword="password"
trustStore="c:/ActiveMQ/client.ks" trustStorePassword="password"/>
</amq:sslContext>
<amq:transportConnectors>
<amq:transportConnector uri="ssl://localhost:61616" />
</amq:transportConnectors>
</amq:broker>
Download activemq-cpp-library-3.4.3 project
Download Bloodshed Dev C++
Download Open SSL
Drop all source files from activemq-cpp-library-3.4.3/src/main into a Dev
C++ project
Set Dev C++ to build a DLL
Update main/activmq/util/Config.h, insert #define HAVE_OPENSSL 1
Build DLL from Dev C++
Update system PATH variable to point to directory containing the DLL
Update system PATH variable to point to \OpenSSL-Win64\lib
Change your code so that you have
ConnectionFactory connectionFactory =
new ActiveMQConnectionFactory("ssl://localhost:61617");
Update activemq.bat to set info about keystores and trust stores, when
starting activemq precede by seting ACTIVEMQ_ENCRYPTION_PASSWORD=activemq
"%_JAVACMD%" %SUNJMX% %ACTIVEMQ_DEBUG_OPTS% %ACTIVEMQ_OPTS% %SSL_OPTS%
-Dactivemq.classpath="%ACTIVEMQ_CLASSPATH%"
-Dactivemq.home="%ACTIVEMQ_HOME%" -Dactivemq.base="%ACTIVEMQ_BASE%"
-Dactivemq.conf="%ACTIVEMQ_CONF%" -Dactivemq.data="%ACTIVEMQ_DATA%"
-Djava.io.tmpdir="%ACTIVEMQ_TMP%"
-Djavax.net.ssl.keyStore=c:/ActiveMQ/broker.ks
-Djavax.net.ssl.keyStorePassword=password
-Djavax.net.ssl.trustStore=c:/activemq/broker.ts
-Djavax.net.ssl.trustStorePassword=password -jar
"%ACTIVEMQ_HOME%/bin/run.jar" %*
Add debug command to activemq
if "%ACTIVEMQ_OPTS%" == "" set ACTIVEMQ_OPTS=-Xms1G -Xmx1G
-Djava.util.logging.config.file=logging.properties -Djavax.net.debug=ssl
When starting client add
java -Djavax.net.debug=ssl -Djavax.net.ssl.keyStore=c:/yourpath/client.ks
-Djavax.net.ssl.keyStorePassword=password
-Djavax.net.ssl.trustStore=c:/yourpath/client.ts
-Djavax.net.ssl.trustStorePassword=password
OK, I tried to cover everything. All of this will definitely help you reach
your goal of ActiveMQ invocation with server and client SSL validation
--
View this message in context: http://activemq.2283324.n4.nabble.com/Active-CPP-and-enabling-SSL-on-windows-tp4657742p4657763.html
Sent from the ActiveMQ - User mailing list archive at Nabble.com.