Dear all, We dynamically load new client certs in our (server side) amq truststores but the broker does not reload credentials. The procedure we use to insert new certs in ts is ok, since it is the same we successfully use with apache cxf. I found this thread on nabble:
http://activemq.2283324.n4.nabble.com/Dynamic-SSL-certs-td4320452.html It is the very same issue I'm having but the answer is not so encouraging. Could someone please elaborate a little bit more on that? I tried playing around with SslContext like this: KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); KeyStore ks = KeyStore.getInstance("jks"); KeyManager[] keystoreManagers = null; ks.load(new FileInputStream(new File(broker_ks_file)), keystorepswd.toCharArray()); kmf.init(ks, keystorepswd.toCharArray()); keystoreManagers = kmf.getKeyManagers(); TrustManager[] trustStoreManagers = new TrustManager[] { new ReloadableX509TrustManager(broker_ts_file,trustorepswd)}; SslContext context = new SslContext(keystoreManagers, trustStoreManagers, null); broker.setSslContext(context); where ReloadableX509TrustManager is as explained in <http://jcalcote.wordpress.com/2010/06/22/managing-a-dynamic-java-trust-stor e/> http://jcalcote.wordpress.com/2010/06/22/managing-a-dynamic-java-trust-store / But I cannot get it working. Many thanks. Matteo
