Activemq using SSL

ACTIVEQM Use SSL In addition to configuring the service side of the client connection is also required to use SSL, the online and official information is scattered, so collect together to write examples, a total of two parts. The first part is the configuration service side, the second part is the client test connection.

Http://activemq.apache.org/download.html

First to official download ACTIVEMQ The current version is 5.2.0,

The first section configures the service side

by official http://activemq.apache.org/how-do-i-use-ssl.html

The 4-Step generation of KS, and TS files.

Also See Tomcat ' s SSL instructions for more info. The following was provided by Colin Kilburn. Thanks colin! Using Keytool, create a certificate for the broker:

Keytool-genkey-alias Broker-keyalg Rsa-keystore BROKER.KS

Export the broker's certificate so it can is shared with clients:

Keytool-export-alias Broker-keystore Broker.ks-file Broker_cert

Create a Certificate/keystore for the client:

Keytool-genkey-alias Client-keyalg Rsa-keystore CLIENT.KS

Create a truststore for the client, and import the broker ' s certificate. This establishes, the client "trusts" the broker:

Keytool-import-alias Broker-keystore Client.ts-file Broker_cert

Configure Activemq.xml Sslcontext to match the path and password of the generated file

<sslcontext keystore= "FILE:${ACTIVEMQ.BASE}/CONF/BROKER.KS" keystorepassword= "pwd" trustStore= "file:${active Mq.base}/conf/client.ts "truststorepassword=" pwd "/>

Configure SSL ports

<transportConnectors>

<transportconnector name= "SSL" uri= "ssl://192.168.1.8:61617"/>

</transportConnectors>

Start ACTIVEMQ server configuration is complete.

The second part is the client test connection.

CLIENT.KS and client.ts files that need to be generated by the server

Import Java.io.FileInputStream;
Import Java.security.KeyStore;

Import javax.jms.Connection;
Import javax.jms.Destination;
Import javax.jms.JMSException;
Import Javax.jms.Message;
Import Javax.jms.MessageProducer;
Import javax.jms.Session;
Import Javax.net.ssl.KeyManager;
Import Javax.net.ssl.KeyManagerFactory;
Import Javax.net.ssl.TrustManager;
Import Javax.net.ssl.TrustManagerFactory;

Import Org.apache.activemq.ActiveMQSslConnectionFactory;

/**
* @author Xiaoming
*
*/
public class Sslproducer {

KeyStore Client Path
Private String KeyStore = "E://CLIENT.KS";

Truststore Client Path
Private String Truststore = "E://client.ts";

Private String Keystorepassword = "pwd";

Private String URL = "ssl://192.168.1.8:61617";

public void SendMessage () {

Connection conn = null;
Session session = NULL;
Destination dest = null;
MessageProducer PRD = null;

try{
Instantiate activemqsslconnectionfactory
Activemqsslconnectionfactory sslconnectionfactory = new Activemqsslconnectionfactory ();
Setting Up Connections
Sslconnectionfactory.setbrokerurl (URL);
Set KeyStore client path and Truststore client
Sslconnectionfactory.setkeyandtrustmanagers (Getkeymanagers (KeyStore, Keystorepassword), Gettrustmanagers ( Truststore),
New Java.security.SecureRandom ());
conn = Sslconnectionfactory.createconnection ();
Conn.start ();
Session = Conn.createsession (false, Session.auto_acknowledge);
Dest = Session.createqueue ("Testssl");
PRD = Session.createproducer (dest);
Message msg = session.createtextmessage ("Test SSL send ....");
Prd.send (msg);
SYSTEM.OUT.PRINTLN ("Send success ......");
}catch (Exception ex) {
Ex.printstacktrace ();
}finally{
try{
if (PRD!=null) {
Prd.close ();
}
if (session!=null) {
Session.close ();
}
if (conn!=null) {
Conn.close ();
}
}catch (JMSException Jex) {
Jex.printstacktrace ();
}
}



}

Private trustmanager[] Gettrustmanagers (String truststore)
Throws Java.security.NoSuchAlgorithmException,
Java.security.KeyStoreException, Java.io.IOException,
java.security.GeneralSecurityException {
System.out.println ("Initiating trustmanagers");

KeyStore KS = keystore.getinstance ("JKS");
Ks.load (New FileInputStream (truststore), null);
Trustmanagerfactory TMF = trustmanagerfactory
. getinstance (Trustmanagerfactory.getdefaultalgorithm ());
Tmf.init (KS);

System.out.println ("initiated trustmanagers");

return Tmf.gettrustmanagers ();
}

Private keymanager[] Getkeymanagers (String keyStore, String Keystorepassword)
Throws Java.security.NoSuchAlgorithmException,
Java.security.KeyStoreException,
Java.security.GeneralSecurityException,
Java.security.cert.CertificateException, Java.io.IOException,
java.security.UnrecoverableKeyException {
System.out.println ("Initiating keymanagers");

KeyStore KS = keystore.getinstance ("JKS");
Ks.load (New FileInputStream (KeyStore), Keystorepassword.tochararray ());
Keymanagerfactory KMF = keymanagerfactory.getinstance (keymanagerfactory
. Getdefaultalgorithm ());
Kmf.init (KS, Keystorepassword.tochararray ());

System.out.println ("initiated keymanagers");

return Kmf.getkeymanagers ();

}

public static void Main (string[] args) {
Sslproducer sslproducer = new Sslproducer ();
Sslproducer.sendmessage ();
}

}

Test Send Message ...