You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@camel.apache.org by milanmilas <mi...@gmail.com> on 2013/02/21 10:56:55 UTC
Camel route - ActiveMQ from http to Https
I have changed my ActiveMq.xml file in Fuse ESB:
<transportConnectors>
<transportConnector name="tcp" uri="tcp://0.0.0.0:61616"/>
<transportConnector name="http" uri="http://localhost:8277?trace=true"/>
<transportConnector name="https" uri="https://localhost:8289?trace=true"/>
</transportConnectors>
<sslContext>
<sslContext keyStore="file:${data}/conf/mybroker.ts"
keyStorePassword="password"
trustStore="file:${data}/conf/mybroker.ts"
trustStorePassword="password"/>
</sslContext>
My camel route configuration is:
<bean id="jmsConnectionFactory"
class="org.apache.activemq.ActiveMQSslConnectionFactory">
<property name="brokerURL" value="https://localhost:8289"/>
<property name="trustStore" value="/conf/mybroker.ts"/>
<property name="trustStorePassword" value="password"/>
</bean>
<bean id="jmsConfig"
class="org.apache.camel.component.jms.JmsConfiguration">
<property name="connectionFactory" ref="jmsConnectionFactory"/>
</bean>
<bean id="activemqSource"
class="org.apache.activemq.camel.component.ActiveMQComponent">
<property name="configuration" ref="jmsConfig"/>
<property name="clientId" value="1"/>
<property name="durableSubscriptionName" value="sp11"/>
<property name="acknowledgementModeName" value="AUTO_ACKNOWLEDGE" />
</bean>
I have generated the certificate using:
Preparing certificates
1. Producer
keytool -genkey -alias prod -keyalg RSA -keystore prod.ks
CN=prod, OU=esb, O=all, L=London, ST=Unknown, C=UK
2. Consumer
keytool -genkey -alias con -keyalg RSA -keystore con.ks
CN= con, OU=esb, O=all, L=London, ST=Unknown, C=UK
Creating a truststore
$ keytool -export -alias prod -keystore prod.ks -file prod_cert
$ keytool -export -alias con -keystore cons.ks -file con_cert
$ keytool -import -alias prod -keystore mybroker.ts -file prod_cert
$ keytool -import -alias -keystore mybroker.ts -file con_cert
I am not getting any error and my route is not starting?
tsp is working fine
-------------------------------->88<------------------------------
org.apache.activemq.ActiveMQSslConnectionFactory is definitly expecting ssl
not
https, so this is definitly not correct configuration.
The problem is that I am not able to find how to configure ActiveMQ in Camel
with https protocol?!
--
View this message in context: http://camel.465427.n5.nabble.com/Camel-route-ActiveMQ-from-http-to-Https-tp5727932.html
Sent from the Camel - Users mailing list archive at Nabble.com.
Re: Camel route - ActiveMQ from http to Https
Posted by milanmilas <mi...@gmail.com>.
Final solution:
GenerateCertificate
(must use localhost or server name, depending how you define URL in Caml,
names must match)
keytool -genkey -alias localhost -keyalg RSA -keystore server.ks
keytool -export -alias localhost -keystore server.ks -file server_cert
keytool -import -alias -keystore localhost client.ts -file server_cert
activemq.xml
<transportConnector name="https" uri="https://localhost:8443?trace=true"/
<sslContext>
<sslContext keyStore="file:${data}/conf/server1.ks"
keyStorePassword="seaward"
trustStore="file:${data}/conf/mybroker.ts"
trustStorePassword="seaward"/>
</sslContext>
Camel:
public class SetSystemProperties {
private static final transient Logger LOG =
LoggerFactory.getLogger(SetSystemProperties.class);
public SetSystemProperties(){
LOG.info("processing SetSystemProperties");
System.setProperty("javax.net.ssl.trustStore","M:/Projects/conf/server.ts");
System.setProperty("javax.net.ssl.trustStorePassword","password");
System.setProperty("javax.net.ssl.keyStore","M:/Projects/conf/conshrnhsp.ks");
System.setProperty("javax.net.ssl.keyStorePassword","password");
}
}
<bean id="initialiseSSL"
class="com.allocatesoftware.camel.nhsp.hr.SetSystemProperties" />
<bean id="activemqSource"
class="org.apache.activemq.camel.component.ActiveMQComponent">
<property name="brokerURL" value="https://localhost:8443"/>
<property name="clientId" value="1"/>
<property name="durableSubscriptionName" value="nhsp11"/>
<property name="acknowledgementModeName" value="AUTO_ACKNOWLEDGE" />
</bean>
Is this correct way or is there a better way of setting trust and keystore
from Camel?
--
View this message in context: http://camel.465427.n5.nabble.com/Camel-route-ActiveMQ-from-http-to-Https-tp5727932p5728040.html
Sent from the Camel - Users mailing list archive at Nabble.com.
Re: Camel route - ActiveMQ from http to Https
Posted by milanmilas <mi...@gmail.com>.
I did manage to connect to my Queue using sample from ActiveMQ book using
Https.
As bundle is not Console application ( -Djavax.net.ssl.keyStore= ......)
I need to set System properties in Blueprint:
System.setProperty("javax.net.ssl.trustStore","M:/Projects/conf/mybroker.ts");
System.setProperty("javax.net.ssl.trustStorePassword","password");
System.setProperty("javax.net.ssl.keyStore","M:/Projects/conf/conshrnhsp.ks");
System.setProperty("javax.net.ssl.keyStorePassword","password");
I have tried to use MethodInvokingFactoryBean but Blueprint stops waiting on
namespace:
xmlns:util="http://www.springframework.org/schema/util"
As well if this works I am not sure if I could use only /conf/mybroker.ts
instead of full
path.
<bean id="systemPrereqs"
class="org.springframework.beans.factory.config.MethodInvokingFactoryBean">
<property name="targetObject" value="#{@systemProperties}" />
<property name="targetMethod" value="putAll" />
<property name="arguments">
<util:properties>
<prop key="javax.net.ssl.trustStore"
value="M:/Projects/conf/mybroker.ts" />
<prop key="javax.net.ssl.trustStorePassword">password</prop>
<prop key="javax.net.ssl.keyStore"
value="M:/Projects/conf/conshrnhsp.ks" />
<prop key="javax.net.ssl.keyStorePassword">password</prop>
</util:properties>
</property>
</bean>
How do can I set javax.net.ssl.* in Blueprint?
--
View this message in context: http://camel.465427.n5.nabble.com/Camel-route-ActiveMQ-from-http-to-Https-tp5727932p5728016.html
Sent from the Camel - Users mailing list archive at Nabble.com.