You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@activemq.apache.org by usha <us...@gmail.com> on 2013/11/07 07:36:27 UTC

Subscribe activemq which is using ssl-certificate by C# client application

We have configured ssl using certificate authentication. And followed the
steps given in this link.
http://activemq.apache.org/how-do-i-use-ssl.html.

Activemq started successfully.

Issues faced : 
1. "A call to the SSPI failed" exception raised.  
2. If we change the port from 61616 to 61617, "Could not connect to broker
URL: ssl://localhost:61617/. Reason: The remote certificate is invalid
according to the validation procedure." exception occured.
3. The code block which we used in client side as follows
IConnectionFactory _connectionFactory;
                 //_connectionFactorys = new ActiveMQConnectionFactory();
                 Uri connecturi = new Uri("activemq:ssl://localhost:61617");
                 _connectionFactory = new ConnectionFactory(connecturi); //{
UseCompression = true, AlwaysSyncSend = true };
                 //Default User
                _connection = _connectionFactory.CreateConnection();
                            
                _connection.Start();
Queries:
1.Where we have to mention the client certificate?
2.What are the steps we need to follow to connect and subscribe the broker
which is using ssl certificate authentication?
3. Is there any samples for subscribing activemq from c# client application,
which is using sslcontext?

Kindly share the samples and ur suggestion asap to solve the issue. attached
the config file for reference.





activemq.xml
<http://activemq.2283324.n4.nabble.com/file/n4673988/activemq.xml>  
activemq-static-network-broker1.xml
<http://activemq.2283324.n4.nabble.com/file/n4673988/activemq-static-network-broker1.xml>  
activemq-static-network-broker2.xml
<http://activemq.2283324.n4.nabble.com/file/n4673988/activemq-static-network-broker2.xml>  
app.config <http://activemq.2283324.n4.nabble.com/file/n4673988/app.config>  



--
View this message in context: http://activemq.2283324.n4.nabble.com/Subscribe-activemq-which-is-using-ssl-certificate-by-C-client-application-tp4673988.html
Sent from the ActiveMQ - User mailing list archive at Nabble.com.

Re: Subscribe activemq which is using ssl-certificate by C# client application

Posted by "usha [via ActiveMQ]" <ml...@n4.nabble.com>.

Hi Tim,
I have tried the "transport.servername" attribute which you given in the
link. After that I can able to subscribe the active mq. But my query is not
about the server certificate.

1. What is the purpose of creating the client certificate?
2. If more than one clients are trying to subscribe, do I need to provide
only servername alone? Is that correct way to providing the certificate
validation from client side?


Kindly provide your answers for the above two.

Best Regards,
Usha.K




______________________________________
If you reply to this email, your message will be added to the discussion below:
http://activemq.2283324.n4.nabble.com/Subscribe-activemq-which-is-using-ssl-certificate-by-C-client-application-tp4673988p4674295.html
This email was sent by usha (via Nabble)
To receive all replies by email, subscribe to this discussion: http://activemq.2283324.n4.nabble.com/template/NamlServlet.jtp?macro=subscribe_by_code&node=4673988&code=dXNlcnNAYWN0aXZlbXEuYXBhY2hlLm9yZ3w0NjczOTg4fDE1MjI3MjQ1ODg=

Re: Subscribe activemq which is using ssl-certificate by C# client application

Posted by usha <us...@gmail.com>.

Hi Tim,
I have tried the "transport.servername" attribute which you given in the
link. After that I can able to subscribe the active mq. But my query is not
about the server certificate.

1. What is the purpose of creating the client certificate?
2. If more than one clients are trying to subscribe, do I need to provide
only servername alone? Is that correct way to providing the certificate
validation from client side?


Kindly provide your answers for the above two.

Best Regards,
Usha.K



--
View this message in context: http://activemq.2283324.n4.nabble.com/Subscribe-activemq-which-is-using-ssl-certificate-by-C-client-application-tp4673988p4674295.html
Sent from the ActiveMQ - User mailing list archive at Nabble.com.

Re: Subscribe activemq which is using ssl-certificate by C# client application

Posted by Timothy Bish <ta...@gmail.com>.

I blogged about this before:
http://timbish.blogspot.com/2010/04/ussing-ssl-in-nmsactivemq.html

On 11/08/2013 10:15 AM, Christian Posta wrote:
> Not 100% how it works in .NET...but your .NET client needs to "trust"
> the server's SSL cert.
> might try a quick google for setting up ssl in .NET...
>
> On Wed, Nov 6, 2013 at 11:36 PM, usha <us...@gmail.com> wrote:
>> We have configured ssl using certificate authentication. And followed the
>> steps given in this link.
>> http://activemq.apache.org/how-do-i-use-ssl.html.
>>
>> Activemq started successfully.
>>
>> Issues faced :
>> 1. "A call to the SSPI failed" exception raised.
>> 2. If we change the port from 61616 to 61617, "Could not connect to broker
>> URL: ssl://localhost:61617/. Reason: The remote certificate is invalid
>> according to the validation procedure." exception occured.
>> 3. The code block which we used in client side as follows
>> IConnectionFactory _connectionFactory;
>>                   //_connectionFactorys = new ActiveMQConnectionFactory();
>>                   Uri connecturi = new Uri("activemq:ssl://localhost:61617");
>>                   _connectionFactory = new ConnectionFactory(connecturi); //{
>> UseCompression = true, AlwaysSyncSend = true };
>>                   //Default User
>>                  _connection = _connectionFactory.CreateConnection();
>>
>>                  _connection.Start();
>> Queries:
>> 1.Where we have to mention the client certificate?
>> 2.What are the steps we need to follow to connect and subscribe the broker
>> which is using ssl certificate authentication?
>> 3. Is there any samples for subscribing activemq from c# client application,
>> which is using sslcontext?
>>
>> Kindly share the samples and ur suggestion asap to solve the issue. attached
>> the config file for reference.
>>
>>
>>
>>
>>
>> activemq.xml
>> <http://activemq.2283324.n4.nabble.com/file/n4673988/activemq.xml>
>> activemq-static-network-broker1.xml
>> <http://activemq.2283324.n4.nabble.com/file/n4673988/activemq-static-network-broker1.xml>
>> activemq-static-network-broker2.xml
>> <http://activemq.2283324.n4.nabble.com/file/n4673988/activemq-static-network-broker2.xml>
>> app.config <http://activemq.2283324.n4.nabble.com/file/n4673988/app.config>
>>
>>
>>
>> --
>> View this message in context: http://activemq.2283324.n4.nabble.com/Subscribe-activemq-which-is-using-ssl-certificate-by-C-client-application-tp4673988.html
>> Sent from the ActiveMQ - User mailing list archive at Nabble.com.
>
>


-- 
Tim Bish
Sr Software Engineer | RedHat Inc.
tim.bish@redhat.com | www.fusesource.com | www.redhat.com
skype: tabish121 | twitter: @tabish121
blog: http://timbish.blogspot.com/

Re: Subscribe activemq which is using ssl-certificate by C# client application

Posted by Christian Posta <ch...@gmail.com>.

Not 100% how it works in .NET...but your .NET client needs to "trust"
the server's SSL cert.
might try a quick google for setting up ssl in .NET...

On Wed, Nov 6, 2013 at 11:36 PM, usha <us...@gmail.com> wrote:
> We have configured ssl using certificate authentication. And followed the
> steps given in this link.
> http://activemq.apache.org/how-do-i-use-ssl.html.
>
> Activemq started successfully.
>
> Issues faced :
> 1. "A call to the SSPI failed" exception raised.
> 2. If we change the port from 61616 to 61617, "Could not connect to broker
> URL: ssl://localhost:61617/. Reason: The remote certificate is invalid
> according to the validation procedure." exception occured.
> 3. The code block which we used in client side as follows
> IConnectionFactory _connectionFactory;
>                  //_connectionFactorys = new ActiveMQConnectionFactory();
>                  Uri connecturi = new Uri("activemq:ssl://localhost:61617");
>                  _connectionFactory = new ConnectionFactory(connecturi); //{
> UseCompression = true, AlwaysSyncSend = true };
>                  //Default User
>                 _connection = _connectionFactory.CreateConnection();
>
>                 _connection.Start();
> Queries:
> 1.Where we have to mention the client certificate?
> 2.What are the steps we need to follow to connect and subscribe the broker
> which is using ssl certificate authentication?
> 3. Is there any samples for subscribing activemq from c# client application,
> which is using sslcontext?
>
> Kindly share the samples and ur suggestion asap to solve the issue. attached
> the config file for reference.
>
>
>
>
>
> activemq.xml
> <http://activemq.2283324.n4.nabble.com/file/n4673988/activemq.xml>
> activemq-static-network-broker1.xml
> <http://activemq.2283324.n4.nabble.com/file/n4673988/activemq-static-network-broker1.xml>
> activemq-static-network-broker2.xml
> <http://activemq.2283324.n4.nabble.com/file/n4673988/activemq-static-network-broker2.xml>
> app.config <http://activemq.2283324.n4.nabble.com/file/n4673988/app.config>
>
>
>
> --
> View this message in context: http://activemq.2283324.n4.nabble.com/Subscribe-activemq-which-is-using-ssl-certificate-by-C-client-application-tp4673988.html
> Sent from the ActiveMQ - User mailing list archive at Nabble.com.



-- 
Christian Posta
http://www.christianposta.com/blog
twitter: @christianposta