I have created a patch for this issue and added it to the issue that you
mentioned in this email.
The fix allows you to pass a store that is not a valid classpath entry or url
string.
>________________________________
> From: Geurt Schimmel <gschim...@schubergphilis.com>
>To: "users@activemq.apache.org" <users@activemq.apache.org>; 'Claudio Corsi'
><clco...@yahoo.com>
>Sent: Tuesday, December 11, 2012 5:35 PM
>Subject: RE: SSL: could not load resource
>
>Disabling the keystore-code in the source and setting the values at runtime
>fixes the problem, so don't think the problem is in the broker-configuration:
>
> <sslContext>
> <sslContext
> keyStore="file:${activemq.conf}/broker.ks"
> keyStorePassword="xxxxxxxxx"
> trustStore="file:${activemq.conf}/client.ts"
> trustStorePassword="xxxxxxxxx"/>
> </sslContext>
>
>Snippet of Producer.java:
>
>import javax.jms.Connection;
>import javax.jms.Destination;
>import javax.jms.MessageProducer;
>import javax.jms.Session;
>import javax.jms.TextMessage;
>
>import org.apache.activemq.ActiveMQSslConnectionFactory;
>
>public class Producer {
> private static String user = "guest";
> private static String password = "password";
>
> private static String url = "ssl://127.0.0.1:61616";
> private static String subject = "GUEST.FOO";
>
> public static void main(String[] args) throws Exception {
> ActiveMQSslConnectionFactory connectionFactory = new
>ActiveMQSslConnectionFactory(url);
>
>
>connectionFactory.setTrustStore("/opt/activemq/conf/client.ts");
> connectionFactory.setTrustStorePassword("xxxxxxxx");
>
>And after removing setTrustStore() and setTrustStorePassword(), it works by
>setting trustStore system properties:
>
>java -Djavax.net.ssl.trustStore=/opt/activemq/conf/client.ts
>-Djavax.net.ssl.trustStorePassword=xxxxxx Producer
>
>For failover URIs, it's a known problem, not fixed in ActiveMQ 5.7:
>https://issues.apache.org/jira/browse/AMQ-3785
>
>But my problem is with a simple SSL URI in the broker-configuration:
><transportConnector name="openwire" uri="ssl://0.0.0.0:61616"/>
>
>
>-----Original Message-----
>From: Claudio Corsi [mailto:clco...@yahoo.com]
>Sent: Tuesday, December 11, 2012 6:04 PM
>To: users@activemq.apache.org
>Subject: Re: SSL: could not load resource
>
>I do not doubt that you are using ssl but are you setting up the configuration
>using the sslContext element within the configuration file?
>
>This allow you to set the key and trust store files and their required
>passwords.
>
>for instance,
>
><amq:broker useJmx="false" persistent="false"> <amq:sslContext>
><amq:sslContext keyStore="server.keystore" keyStorePassword="password"
>trustStore="client.keystore" trustStorePassword="password"/> </amq:sslContext>
><amq:transportConnectors> <amq:transportConnector uri="ssl://localhost:61616"
>/> </amq:transportConnectors> </amq:broker>
>
>You can also use the technique where you scramble the password and then pass
>the key using an environment variable.
>I do not know how this is done off the top my head but can look for a
>reference.
>
>
>
>>________________________________
>> From: Geurt Schimmel <gschim...@schubergphilis.com>
>>To: "users@activemq.apache.org" <users@activemq.apache.org>; 'Claudio
>>Corsi' <clco...@yahoo.com>
>>Sent: Tuesday, December 11, 2012 11:23 AM
>>Subject: RE: SSL: could not load resource
>>
>>All brokers run SSL as the only communication-protocol and intercommunicate
>>over SSL.
>>
>>-----Original Message-----
>>From: Claudio Corsi [mailto:clco...@yahoo.com]
>>Sent: Tuesday, December 11, 2012 5:17 PM
>>To: users@activemq.apache.org
>>Subject: Re: SSL: could not load resource
>>
>>Did you try to use the sslContext element to set your store information
>>withint he broker configuration file?
>>
>>Here is a link http://activemq.apache.org/how-do-i-use-ssl.html.
>>
>>
>>
>>>________________________________
>>> From: Geurt Schimmel <gschim...@schubergphilis.com>
>>>To: "users@activemq.apache.org" <users@activemq.apache.org>
>>>Sent: Tuesday, December 11, 2012 9:54 AM
>>>Subject: RE: SSL: could not load resource
>>>
>>>Created key- and truststores for a number of brokers, so not using the
>>>packaged .ks and .ts files.
>>>
>>>Tried different truststores in different locations, tried a path to a
>>>truststore that didn't exist, just to see what happens. In all cases, the
>>>same error. Apparently, the point where the keystore is accessed is not
>>>reached. Setting the same variables/values in JAVA_OPTS works:
>>>
>>>java -Djavax.net.ssl.trustStore=/opt/activemq/conf/client.ts
>>>-Djavax.net.ssl.trustStorePassword=xxxxxxxx Producer
>>>
>>>-----Original Message-----
>>>From: Christian Posta [mailto:christian.po...@gmail.com]
>>>Sent: Tuesday, December 11, 2012 3:41 PM
>>>To: users@activemq.apache.org
>>>Subject: Re: SSL: could not load resource
>>>
>>>Is the client truststore in that location? /opt/activemq/conf/client.ts I
>>>think there was some issues with packaging activemq 5.7 and some of the
>>>client keystores might have been missing.
>>>
>>>You'll have to copy from the 5.6.0 version
>>>
>>>
>>>
>>>
>>>On Tue, Dec 11, 2012 at 7:05 AM, Geurt Schimmel <
>>>gschim...@schubergphilis.com> wrote:
>>>
>>>> Hi,
>>>>
>>>> My broker is running SSL only, with a 'simple' transportConnector:
>>>> <transportConnector name="openwire" uri="ssl://0.0.0.0:61616"/>
>>>>
>>>> When trying to run a java-client:
>>>>
>>>> Exception in thread "main" javax.jms.JMSException: Could not create
>>>>Transport. Reason: java.io.IOException: Could not load resource:
>>>> /opt/activemq/conf/client.ts
>>>> at
>>>>
>>>>org.apache.activemq.util.JMSExceptionSupport.create(JMSExceptionSuppo
>>>>r
>>>>t.java:35)
>>>> at
>>>>
>>>>org.apache.activemq.ActiveMQSslConnectionFactory.createTransport(Acti
>>>>v
>>>>eMQSslConnectionFactory.java:115)
>>>> at
>>>>
>>>>org.apache.activemq.ActiveMQConnectionFactory.createActiveMQConnectio
>>>>n
>>>>(ActiveMQConnectionFactory.java:277)
>>>> at
>>>>
>>>>org.apache.activemq.ActiveMQConnectionFactory.createConnection(Active
>>>>M
>>>>QConnectionFactory.java:202)
>>>> at Producer.main(Producer.java:32) Caused by:
>>>> java.io.IOException: Could not load resource:
>>>> /opt/activemq/conf/client.ts
>>>> at
>>>>
>>>>org.apache.activemq.ActiveMQSslConnectionFactory.getUrlOrResourceAsSt
>>>>r
>>>>eam(ActiveMQSslConnectionFactory.java:188)
>>>> at
>>>>
>>>>org.apache.activemq.ActiveMQSslConnectionFactory.createTrustManager(A
>>>>c
>>>>tiveMQSslConnectionFactory.java:126)
>>>> at
>>>>
>>>>org.apache.activemq.ActiveMQSslConnectionFactory.createTransport(Acti
>>>>v
>>>>eMQSslConnectionFactory.java:108)
>>>> ... 3 more
>>>>
>>>> Removed the java-code that deals with the truststore and moved the
>>>> functionality to JAVA_OPTS, but this is not what I want/expected.
>>>> Using activemq-all-5.7-SNAPSHOT.jar.
>>>>
>>>> Thought this problem only occurs when using an SSL failover URI ?
>>>>
>>>> Thanks,
>>>> Geurt
>>>>
>>>
>>>
>>>
>>>--
>>>*Christian Posta*
>>>http://www.christianposta.com/blog
>>>twitter: @christianposta
>>>
>>>
>>>
>>
>>
>>
>
>
>
