The SSL transport allows clients to connect to a remote ActiveMQ broker using SSL over a TCP socket.
The configuration options from TCP are relevant.
From version 5.4 any SSLServerSocket option may be set on a TransportConnection via ?transport.XXX, for example:
JMS clients can simply use the ActiveMQSslConnectionFactory together with an ssl:// broker url as the following Spring configuration illustrates
Unless the broker's SSL transport is configured for transport.needClientAuth=true, the client won't need a keystore but requires a truststore in order to validate the broker's certificate.
You can also turn on SSL debug informations this way by adding:
this way you can see what goes wrong and why you get connections closed.