You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@activemq.apache.org by jdorny <jo...@control-pt.com> on 2014/01/30 06:34:56 UTC

ssl client with JCEKS keystore/truststore

Our security environment is using a JCEKS keystore and truststore.  I have
been able to change the format in the Broker SSLContext to use JCEKS instead
of the default jks.  However, on the client side setup I use an
ActiveMQSslConnectionFactory, which has a jks default and does not seem to
have any method that I can find to change to a different format.  I need to
use JCEKS for the secret key capability and are using this for other digital
signature and message encryption capabilities.  It does not make sense that
I should need to create an alternate truststore just because the default
format does not work.

Is there a way to change the keystore/truststore format for
ActiveMQSslConnectionFactory?



--
View this message in context: http://activemq.2283324.n4.nabble.com/ssl-client-with-JCEKS-keystore-truststore-tp4677002.html
Sent from the ActiveMQ - User mailing list archive at Nabble.com.

Re: ssl client with JCEKS keystore/truststore

Posted by artnaseef <ar...@artnaseef.com>.

It's possible to set the key and trust managers on the
ActiveMQSslConnectionFactory using setKeyAndTrustManagers().

If you look through the code for ActiveMQSslConnectionFactory, you'll find
code that shows how to create the KeyManager[], etc.



--
View this message in context: http://activemq.2283324.n4.nabble.com/ssl-client-with-JCEKS-keystore-truststore-tp4677002p4677107.html
Sent from the ActiveMQ - User mailing list archive at Nabble.com.