The SSL Transport

The SSL transport allows clients to connect to a remote ActiveMQ broker using SSL over a TCP socket.

Configuration Syntax

ssl://hostname:port?transportOptions

Transport Options

The configuration options from TCP are relevant.

Example URI

ssl://localhost:61616?trace=false

SSLServerSocket options

From version 5.4 any SSLServerSocket option may be set on a TransportConnection via ?transport.XXX, for example:

ssl://localhost:61616?transport.enabledCipherSuites=SSL_RSA_WITH_RC4_128_SHA,SSL_DH_anon_WITH_3DES_EDE_CBC_SHA
ssl://localhost:61616?transport.needClientAuth=true

Other Links

You can also turn on SSL debug informations this way by adding:

-Djavax.net.debug=ssl

this way you can see what goes wrong and why you get connections closed.

"Be careful with multicast discovery"
If your XML configuration file contains the following and you wish to use SSL 
       <networkConnector uri="multicast://default"/>

Then you will currently need to comment that out.
The reason is to prevent ActiveMQ atempting to connect to itself - if you do this with a self-signed
certificate, you will get a constant spam of certificate_unknown
stacktraces to the console, as the broker is not configured with the
truststore,

Overview

Search


Sub Projects

Community

Features

Connectivity

Using ActiveMQ 5

Using ActiveMQ 4

Tools

External Tools

Support

Related Projects

Developers

Tests

Project Reports
© 2004-2011 The Apache Software Foundation.
Apache ActiveMQ, ActiveMQ, Apache, the Apache feather logo, and the Apache ActiveMQ project logo are trademarks of The Apache Software Foundation. All other marks mentioned may be trademarks or registered trademarks of their respective owners.
Graphic Design By Hiram