Hello, We are attempting to configure embedded ActiveMQ broker over https and failing to do so. Any attempt to start the broker results in jetty.ssl.password prompt. After entering the password the following exception is generated.
2010-02-02 15:47:10.931::INFO: jetty-6.1.11 2010-02-02 15:47:10.938::INFO: Started sslsocketconnec...@0.0.0.0:62010 INFO - TransportConnector - Connector https://0.0.0.0:62010?trace=true Started 2010-02-02 15:47:10.939::WARN: EXCEPTION javax.net.ssl.SSLException: No available certificate or key corresponds to the SSL cipher suites which are enabled. at com.sun.net.ssl.internal.ssl.SSLServerSocketImpl.checkEnabledSuites(SSLServerSocketImpl.java:307) at com.sun.net.ssl.internal.ssl.SSLServerSocketImpl.accept(SSLServerSocketImpl.java:253) at org.mortbay.jetty.security.SslSocketConnector.accept(SslSocketConnector.java:172) at org.mortbay.jetty.AbstractConnector$Acceptor.run(AbstractConnector.java:707) at org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:488) jetty.ssl.password : Tcp and HTTP transport works just fine. Any help is appreciated. Below is the configuration and code snippets. - jetty 6.1.11 started via Maven jetty plugin: ... <plugin> <groupId>org.mortbay.jetty</groupId> <artifactId>maven-jetty-plugin</artifactId> <version>${jetty.version}</version> <configuration> <connectors> <connector implementation="org.mortbay.jetty.nio.SelectChannelConnector"> <port>8082</port> </connector> <connector implementation="org.mortbay.jetty.security.SslSocketConnector"> <port>8443</port> <keystore>${project.build.directory}/jetty-ssl.keystore</keystore> <password>password</password> <keyPassword>password</keyPassword> </connector> </connectors> <webAppConfig> <contextPath>....</contextPath> </webAppConfig> </configuration> </plugin> ... - ActiveMQ embedded broker is embedded within webapp and started runtime: .... @Override public void initialize(Map<String, Object> m) throws Exception { this.svc = new BrokerService(); for (int i = 1;; i++) { String key = "connector" + i; if (!m.containsKey(key)) {break;} this.svc.addConnector((String) m.get(key)); } initSSL(); this.svc.start(); } private void initSSL() throws Exception { TrustManager[] tms = getTrustManagers(); KeyManager[] kms = getKeyManagers(); SSLContext context = SSLContext.getInstance("SSL"); context.init(kms, tms, null); SslContext ctxt = new SslContext(); ctxt.setSSLContext(context); SslContext.setCurrentSslContext(ctxt); } private TrustManager[] getTrustManagers() throws Exception { // First, get the default TrustManagerFactory. String alg = TrustManagerFactory.getDefaultAlgorithm(); TrustManagerFactory tmFact = TrustManagerFactory.getInstance(alg); KeyStore ks = loadKeyStore(); tmFact.init(ks); // And now get the TrustManagers TrustManager[] tms = tmFact.getTrustManagers(); return tms; } private KeyManager[] getKeyManagers() throws Exception { // First, get the default KeyManagerFactory. String alg = KeyManagerFactory.getDefaultAlgorithm(); KeyManagerFactory kmFact = KeyManagerFactory.getInstance(alg); KeyStore ks = loadKeyStore(); // Now we initialise the KeyManagerFactory with this KeyStore kmFact.init(ks, ssl_password.toCharArray()); // And now get the KeyManagers KeyManager[] kms = kmFact.getKeyManagers(); return kms; } private KeyStore loadKeyStore() throws Exception { FileInputStream fis = null; KeyStore ks = null; try { fis = new FileInputStream(ssl_path); ks = KeyStore.getInstance("jks"); ks.load(fis, ssl_password.toCharArray()); } finally {if (fis != null) fis.close();} return ks; } private BrokerService svc; private final static String ssl_password = "password"; private final static String ssl_path = "/var/com/company/keys/jetty.jks"; Thank you, Boris. -- View this message in context: http://old.nabble.com/Configuring-ActiveMQ-Embedded-Broker-over-HTTPS-tp27429414p27429414.html Sent from the ActiveMQ - User mailing list archive at Nabble.com.
