Reputation: 93
We had to remove SSLV3 support. So we changed activemq configuration. we added transportConnector and set enabledProtocol='TLS1.1,TLS1.2'. So that it should support on TLS1.1 or TLS1.2 But i am not getting how should i specify protocol when i am creating connection. Now it is giving me error SSLV2Hello is disabled. So my question is how should i give protocol list while creating connection. I tried it SSLSocket but could not go through. Can somebody please give me clue..
String keyStorePath = "abc.ks";
String keyStorePassword = "XYZ";
String trustStore = "cks.ts";
java.lang.System.setProperty("", keyStorePath);
java.lang.System.setProperty("", keyStorePassword);
java.lang.System.setProperty("", trustStore);
String connectionURL = 'URL?initialReconnectDelay=10&maxReconnectDelay=10&maxReconnectAttempts=2&jms.watchTopicAdvisories=false&wireFormat.maxInactivityDuration=3600000';
ConnectionFactory factory = new ActiveMQSslConnectionFactory(connectionURL);
Connection connection = factory.createConnection(user, pwd);
Upvotes: 1
Views: 3182
Reputation: 93
Finally it worked for me.
String keyStorePassword = "123456";
String configPath = "C:\\ssl\\";
String keyStorePath = configPath + "client.ks";
KeyStore ks = KeyStore.getInstance("jks");
String trustStore = configPath + "trust.ts";
java.lang.System.setProperty("", trustStore);
java.lang.System.setProperty("", keyStorePassword);
InputStream ksIs = new FileInputStream(keyStorePath);
try {
ks.load(ksIs, keyStorePassword.toCharArray());
} finally {
if (ksIs != null) {
KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
kmf.init(ks, keyStorePassword.toCharArray());
TrustManager[] trustAllCerts = new TrustManager[] {
new X509TrustManager() {
public void checkClientTrusted([] certs, String authType) {
public void checkServerTrusted([] certs, String authType) {
public[] getAcceptedIssuers() {
return null;
final SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
ConnectionFactory factory = new ActiveMQSslConnectionFactory(URL);
sslContext.init(kmf.getKeyManagers(), trustAllCerts, new SecureRandom());
SslContext context = new SslContext();
Connection connection = factory.createConnection(loginName, pwd);
Session session = connection.createSession(false, Session.AUTO_ACKNOWLEDGE);
MessageProducer nonPersistentProducer = session.createProducer(null);
Upvotes: 2