You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@activemq.apache.org by "Nathan Mittler (JIRA)" <ji...@apache.org> on 2007/10/17 14:32:25 UTC

[jira] Commented: (AMQCPP-140) Add SSL transport

    [ https://issues.apache.org/activemq/browse/AMQCPP-140?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_40398 ] 

Nathan Mittler commented on AMQCPP-140:
---------------------------------------

Just some thoughts on the user interface for the ssl transport, based on how it works in the Java client (http://activemq.apache.org/how-do-i-use-ssl.html)...

1) SSL transport-specific properties could be passed in via the connection URI.  This is in keeping with the other transports.

2)  The ActiveMQ-CPP's decaf library, has support for handling environment variables.  It would be fairly simple to allow the default behavior of the SSL transport to be determined by the following environment variables:

decaf.net.ssl.keyStore=/path/to/client.ks
decaf.net.ssl.keyStorePassword=password
decaf.net.ssl.trustStore=/path/to/client.ts

If no SSL transport arguments are passed in via the connection uri, these environment variables could be used to automatically configure SSL.

3) The following SSL transport arguments in the connection uri would override the system properties:

"ssl://localhost:11111?ssl.keyStore=/path/to/client.ks&ssl.keyStore.Password=password&ssl.trustStore=/path/to/client.ts"







> Add SSL transport
> -----------------
>
>                 Key: AMQCPP-140
>                 URL: https://issues.apache.org/activemq/browse/AMQCPP-140
>             Project: ActiveMQ C++ Client
>          Issue Type: New Feature
>    Affects Versions: 2.2
>            Reporter: Nathan Mittler
>            Assignee: Nathan Mittler
>             Fix For: 2.2
>
>
> Need a secure transport for activemq-cpp.  Some options for ssl support:
> 1) OpenSSL - fairly robust set of ssl functions
> 2) APR - trunk has added support for ssl sockets.  An attractive option, given that we're already starting to incorporate API in other areas.
> Should create a Java-like set of classes in decaf to add basic ssl support, then use those classes to make an SSLTransport in activemq-cpp.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.