helpermethod
Reputation: 62304
ActiveMQ - Providing both TCP and SSL transport connections
I am currently tasked to configure two ActiveMQ transport connections, one unencrypted connection using plain tcp (for testing purposes) and one encrypted connection using SSL and the JAAS plugin.
This is my activemq.xml
<transportConnectors>
<transportConnector name="openwire" uri="tcp://0.0.0.0:61616?maximumConnections=1000&wireFormat.maxFrameSize=104857600"/>
<transportConnector name="ssl" uri="ssl://0.0.0.0:61617?trace=true&needClientAuth=true"/>
</transportConnectors>
<plugins>
<jaasCertificateAuthenticationPlugin configuration="CertLogin" />
</plugins>
The problem is that as soon as I use the JAAS plugin the normal tcp connection requires me to use a SSL certificate for authentication.
org.apache.activemq.broker.TransportConnection | ActiveMQ Transport: tcp:///127.0.0.1:54042@61616
java.lang.SecurityException: Unable to authenticate transport without SSL certificate.
Is there some way I can still use the tcp connection with using an SSL certificate?
Upvotes: 2
Views: 2383
Answers (1)
Tim Bish
Reputation: 18421
For this you want to use the JAAS Dual Authentication Plugin which is a hybrid of the certificate based version and the standard user / pass authentication model based on whether the client is using SSL or not.
Upvotes: 2
Related Questions
- ActiveMQ over SSL to a .NET client
- how to assign certificate for ActiveMQ ssl transport Connector?
- ActiveMQ amqp+ssl in Quarkus JMS
- I have a with JMS - ActiveMQ using http and https protocols
- How to activemq in ssl
- ActiveMQ SSL Connection KeyStore and TrustStore Type
- Configuring SSL channel connectivity on MQ client machine
- Create ActiveMQ Connection on TLS1.2
- ActiveMQ, SSL, and transport connectors
- Configuring ActiveMQ transport