You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@activemq.apache.org by johnluo1 <jo...@gmail.com> on 2010/06/17 23:39:19 UTC
hiding ssl store passwords
Hi,
I want to use SSL for my transportConnector. But I don't want the passwords
to be either stored in activemq.xml or show up in command line.
1.) If I specify like following, password will be stored as clear text in
activem.xml
<sslContext>
<sslContext
keyStore="broker.ks" keyStorePassword="password"
trustStore="client.ts" trustStorePassword="password"/>
</sslContext>
2.) If I use SSL_OPTS like following, and if I do a "ps -aef |grep
activemq", I will see the passwords in command line.
export SSL_OPTS="-Djavax.net.ssl.keyStore=broker.ks
-Djavax.net.ssl.keyStorePassword=password
-Djavax.net.ssl.trustStore=client.ts
-Djavax.net.ssl.trustStorePassword=password"
I have a standalone utility for getting the passwords. What would be the
easiest way to achieve my goal?
Thanks in advance!!
John
--
View this message in context: http://old.nabble.com/hiding-ssl-store-passwords-tp28919978p28919978.html
Sent from the ActiveMQ - User mailing list archive at Nabble.com.
Re: hiding ssl store passwords
Posted by Gary Tully <ga...@gmail.com>.
There is some good documentation at
http://activemq.apache.org/encrypted-passwords.html
On 17 July 2013 14:30, strunk <na...@st-werkstatt.de> wrote:
> THis question is still relevant for me.
> I had a look at the description of
> https://issues.apache.org/jira/browse/AMQ-2460 .
> It seems that the issue was implemented in Active MQ 5.4.1.
> Are there any examples or a best practice how to use it?
>
> Thanks
> Wolfgang
>
>
>
> --
> View this message in context: http://activemq.2283324.n4.nabble.com/hiding-ssl-store-passwords-tp2368314p4669411.html
> Sent from the ActiveMQ - User mailing list archive at Nabble.com.
--
http://redhat.com
http://blog.garytully.com
Re: hiding ssl store passwords
Posted by strunk <na...@st-werkstatt.de>.
THis question is still relevant for me.
I had a look at the description of
https://issues.apache.org/jira/browse/AMQ-2460 .
It seems that the issue was implemented in Active MQ 5.4.1.
Are there any examples or a best practice how to use it?
Thanks
Wolfgang
--
View this message in context: http://activemq.2283324.n4.nabble.com/hiding-ssl-store-passwords-tp2368314p4669411.html
Sent from the ActiveMQ - User mailing list archive at Nabble.com.
Re: hiding ssl store passwords
Posted by Dejan Bosanac <de...@nighttale.net>.
Hi John,
there's an open feature request to support this
https://issues.apache.org/activemq/browse/AMQ-2460
Maybe you can start looking there.
<https://issues.apache.org/activemq/browse/AMQ-2460>Cheers
--
Dejan Bosanac - http://twitter.com/dejanb
Open Source Integration - http://fusesource.com/
ActiveMQ in Action - http://www.manning.com/snyder/
Blog - http://www.nighttale.net
On Thu, Jun 17, 2010 at 11:39 PM, johnluo1 <jo...@gmail.com> wrote:
>
> Hi,
>
> I want to use SSL for my transportConnector. But I don't want the passwords
> to be either stored in activemq.xml or show up in command line.
>
> 1.) If I specify like following, password will be stored as clear text in
> activem.xml
> <sslContext>
> <sslContext
> keyStore="broker.ks" keyStorePassword="password"
> trustStore="client.ts" trustStorePassword="password"/>
> </sslContext>
>
> 2.) If I use SSL_OPTS like following, and if I do a "ps -aef |grep
> activemq", I will see the passwords in command line.
>
> export SSL_OPTS="-Djavax.net.ssl.keyStore=broker.ks
> -Djavax.net.ssl.keyStorePassword=password
> -Djavax.net.ssl.trustStore=client.ts
> -Djavax.net.ssl.trustStorePassword=password"
>
> I have a standalone utility for getting the passwords. What would be the
> easiest way to achieve my goal?
>
> Thanks in advance!!
> John
>
>
> --
> View this message in context:
> http://old.nabble.com/hiding-ssl-store-passwords-tp28919978p28919978.html
> Sent from the ActiveMQ - User mailing list archive at Nabble.com.
>
>