Apart from configuration using JSSE system properties, the Openwire/SSL protocol (with
schema, ssl:
) also supports an option to set its SSL security context using the
broker configuration file.
![]() | Note |
---|---|
The methods for setting the security context described in this section are available exclusively for the Openwire/SSL protocol. These features are not supported by the HTTPS protocol. |
To configure the Openwire/SSL security context in the broker configuration file, edit
the attributes in the sslContext
element. For example, the default broker
configuration file, conf/activemq.xml
, includes the following entry:
<beans ...> ... <broker ...> <sslContext> <sslContext keyStore="file:${activemq.base}/conf/broker.ks" keyStorePassword="password" trustStore="file:${activemq.base}/conf/broker.ts" trustStorePassword="password"/> </sslContext> ... </broker> ... </beans>
Where the activemq.base
property is defined in the
activemq[.bat|.sh]
script. You can specify any of the following
sslContext
attributes:
keyStore
—equivalent to settingjavax.net.ssl.keyStore
.keyStorePassword
—equivalent to settingjavax.net.ssl.keyStorePassword
.keyStoreType
—equivalent to settingjavax.net.ssl.keyStoreType
.keyStoreAlgorithm
—defaults to JKS.trustStore
—equivalent to settingjavax.net.ssl.trustStore
.trustStorePassword
—equivalent to settingjavax.net.ssl.trustStorePassword
.trustStoreType
—equivalent to settingjavax.net.ssl.trustStoreType
.