Using SSL with Apache NMS on a windows machine

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Using SSL with Apache NMS on a windows machine

Yonatan Nir
I'm using a Windows machine trying to send secure messages over SSL with ActiveMQ, using the Apache NMS API for .NET and I really have no idea what to do.

In the broker.xml I tried adding "sslEnabled=true" to the default acceptor:

    <acceptor name="artemis">tcp://0.0.0.0:61616?sslEnabled=true;tcpSendBufferSize=1048576;tcpReceiveBufferSize=1048576;protocols=CORE,AMQP,STOMP,HORNETQ,MQTT,OPENWIRE;useEpoll=true;amqpCredits=1000;amqpLowCredits=300</acceptor>

I'm trying to set up a consumer like this:

    IConnectionFactory factory = new ConnectionFactory("activemq:stcp://localhost:61616");
    connection = (Connection)factory.CreateConnection();
    connection.Start();
    ISession session = connection.CreateSession();
    IDestination destination = session.GetTopic("topic1");
    consumer = session.CreateConsumer(destination);
    consumer.Listener += new MessageListener(HandleMessage);

When the code reaches the line `connection.Start()`, I get this exception:

>Channel was inactive for too long: tcp://localhost:61616/

I have tried changing the connection url like this (ssl in the middle instead of tcp):

    IConnectionFactory factory = new ConnectionFactory("activemq:ssl://localhost:61616");

And then I got this exception:

>Unable to read data from the transport connection: An established connection was aborted by the software in your host machine

What am I doing wrong here? How can I send and receive secured messages?

vit
Reply | Threaded
Open this post in threaded view
|

Re: Using SSL with Apache NMS on a windows machine

vit
I develop below code for establish SSL connection with AMQ server:
               string url = "ssl://<server>:<port>"
               ITransportFactory sslTransportFactory = new
SslTransportFactory();

                SslTransportFactory ssl = new SslTransportFactory();
                ssl.ClientCertSubject = <subject in cert>;
                ssl.ClientCertPassword = <cert password>;
                ssl.KeyStoreName = "MY";
                ssl.KeyStoreLocation = "CurrentUser";
                ssl.SslProtocol = "Tls12";  //protocol, check which is using
in AMQ version
                var ssl_url = new Uri(url);
                ITransport transport = ssl.CreateTransport(ssl_url);
                connection = new Connection(ssl_url, transport, new
IdGenerator());
Significant part is to import Root and client certificates on client and
server machines. Usually, you should have server certificate which you
import in Trusted Root folder (use mmc Windows tool) and  client certificate
into Personal (or named MY) folder.



--
Sent from: http://activemq.2283324.n4.nabble.com/ActiveMQ-User-f2341805.html