Hi Geurt,
You are welcome, as for the ssl client displaying '1000', I have not noticed this myself but then I was using 5.8-snapshot version. Sending this to the user list in case someone else might have seen this. --Claudio >________________________________ > From: Geurt Schimmel <gschim...@schubergphilis.com> >To: 'Claudio Corsi' <clco...@yahoo.com> >Sent: Thursday, December 13, 2012 4:28 AM >Subject: RE: SSL: could not load resource > > > >Hi Claudio, > >It works - many thanks ! > >Btw - both the broker and this ssl-client display ‘1000’ when starting - >harmless, but annoying. Have you seen this before ? > >Kind regards, > >Geurt > >From:Claudio Corsi [mailto:clco...@yahoo.com] >Sent: Wednesday, December 12, 2012 7:37 PM >To: Geurt Schimmel >Subject: Re: SSL: could not load resource > >Oh, I completely misunderstood what you were having problems with. I had >assumed you were talking about the broker and not the client. > >I took the failover example that you pointed me to and was able to convert it >to reproduce the error that you are seeing. > >I looked at the code and was able to get around the issue by replacing the >parameter passed to the setTrustStore call. > >Replace the following: > > connectionFactory.setTrustStore("/opt/activemq/conf/client.ts"); > >with: > > connectionFactory.setTrustStore(new >File("/opt/activemq/conf/client.ts").toURI().toString()); > >this will resolve the issue that you are seeing. > >The factory class is using the passed file name to constructor a URL instance. > It looks like the constructor does not know how to >handle a simple file name. >It then uses the current thread context class loader to find the file as a >resource but that does not seem to work because you have not included / as >part of your classpath. >Even then it seems that including the classpath does not work but then I did >not investigate further at the moment. > >This is the same issue with the failover test that is attached to the issue >you mentioned. > > >>________________________________ >> >>From:Geurt Schimmel <gschim...@schubergphilis.com> >>To: "users@activemq.apache.org" <users@activemq.apache.org>; 'Claudio Corsi' >><clco...@yahoo.com> >>Sent: Tuesday, December 11, 2012 5:35 PM >>Subject: RE: SSL: could not load resource >> >>Disabling the keystore-code in the source and setting the values at runtime >>fixes the problem, so don't think the problem is in the broker-configuration: >> >> <sslContext> >> <sslContext >> keyStore="file:${activemq.conf}/broker.ks" >> keyStorePassword="xxxxxxxxx" >> trustStore="file:${activemq.conf}/client.ts" >> trustStorePassword="xxxxxxxxx"/> >> </sslContext> >> >>Snippet of Producer.java: >> >>import javax.jms.Connection; >>import javax.jms.Destination; >>import javax.jms.MessageProducer; >>import javax.jms.Session; >>import javax.jms.TextMessage; >> >>import org.apache.activemq.ActiveMQSslConnectionFactory; >> >>public class Producer { >> private static String user = "guest"; >> private static String password = "password"; >> >> private static String url = "ssl://127.0.0.1:61616"; >> private static String subject = "GUEST.FOO"; >> >> public static void main(String[] args) throws Exception { >> ActiveMQSslConnectionFactory connectionFactory = new >>ActiveMQSslConnectionFactory(url); >> >> >>connectionFactory.setTrustStore("/opt/activemq/conf/client.ts"); >> connectionFactory.setTrustStorePassword("xxxxxxxx"); >> >>And after removing setTrustStore() and setTrustStorePassword(), it works by >>setting trustStore system properties: >> >>java -Djavax.net.ssl.trustStore=/opt/activemq/conf/client.ts >>-Djavax.net.ssl.trustStorePassword=xxxxxx Producer >> >>For failover URIs, it's a known problem, not fixed in ActiveMQ 5.7: >>https://issues.apache.org/jira/browse/AMQ-3785 >> >>But my problem is with a simple SSL URI in the broker-configuration: >><transportConnector name="openwire" uri="ssl://0.0.0.0:61616"/> >> >> >>-----Original Message----- >>From: Claudio Corsi [mailto:clco...@yahoo.com] >>Sent: Tuesday, December 11, 2012 6:04 PM >>To: users@activemq.apache.org >>Subject: Re: SSL: could not load resource >> >>I do not doubt that you are using ssl but are you setting up the >>configuration using the sslContext element within the configuration file? >> >>This allow you to set the key and trust store files and their required >>passwords. >> >>for instance, >> >><amq:broker useJmx="false" persistent="false"> <amq:sslContext> >><amq:sslContext keyStore="server.keystore" keyStorePassword="password" >>trustStore="client.keystore" trustStorePassword="password"/> >></amq:sslContext> <amq:transportConnectors> <amq:transportConnector uri="ssl://localhost:61616" /> </amq:transportConnectors> </amq:broker> >> >>You can also use the technique where you scramble the password and then pass >>the key using an environment variable. >>I do not know how this is done off the top my head but can look for a >>reference. >> >> >> >>>________________________________ >>> From: Geurt Schimmel <gschim...@schubergphilis.com> >>>To: "users@activemq.apache.org" <users@activemq.apache.org>; 'Claudio >>>Corsi' <clco...@yahoo.com> >>>Sent: Tuesday, December 11, 2012 11:23 AM >>>Subject: RE: SSL: could not load resource >>> >>>All brokers run SSL as the only communication-protocol and intercommunicate >>>over SSL. >>> >>>-----Original Message----- >>>From: Claudio Corsi [mailto:clco...@yahoo.com] >>>Sent: Tuesday, December 11, 2012 5:17 PM >>>To: users@activemq.apache.org >>>Subject: Re: SSL: could not load resource >>> >>>Did you try to use the sslContext element to set your store information >>>withint he broker configuration file? >>> >>>Here is a link http://activemq.apache.org/how-do-i-use-ssl.html. >>> >>> >>> >>>>________________________________ >>>> From: Geurt Schimmel <gschim...@schubergphilis.com> >>>>To: "users@activemq.apache.org" <users@activemq.apache.org> >>>>Sent: Tuesday, December 11, 2012 9:54 AM >>>>Subject: RE: SSL: could not load resource >>>> >>>>Created key- and truststores for a number of brokers, so not using the >>>>packaged .ks and .ts files. >>>> >>>>Tried different truststores in different locations, tried a path to a >>>>truststore that didn't exist, just to see what happens. In all cases, the >>>>same error. Apparently, the point where the keystore is accessed is not >>>>reached. Setting the same variables/values in JAVA_OPTS works: >>>> >>>>java -Djavax.net.ssl.trustStore=/opt/activemq/conf/client.ts >>>>-Djavax.net.ssl.trustStorePassword=xxxxxxxx Producer >>>> >>>>-----Original Message----- >>>>From: Christian Posta [mailto:christian.po...@gmail.com] >>>>Sent: Tuesday, December 11, 2012 3:41 PM >>>>To: users@activemq.apache.org >>>>Subject: Re: SSL: could not load resource >>>> >>>>Is the client truststore in that location? /opt/activemq/conf/client.ts I >>>>think there was some issues with packaging activemq 5.7 and some of the >>>>client keystores might have been missing. >>>> >>>>You'll have to copy from the 5.6.0 version >>>> >>>> >>>> >>>> >>>>On Tue, Dec 11, 2012 at 7:05 AM, Geurt Schimmel < >>>>gschim...@schubergphilis.com> wrote: >>>> >>>>> Hi, >>>>> >>>>> My broker is running SSL only, with a 'simple' transportConnector: >>>>> <transportConnector name="openwire" uri="ssl://0.0.0.0:61616"/> >>>>> >>>>> When trying to run a java-client: >>>>> >>>>> Exception in thread "main" javax.jms.JMSException: Could not create >>>>>Transport. Reason: java.io.IOException: Could not load resource: >>>>> /opt/activemq/conf/client.ts >>>>> at >>>>> >>>>>org.apache.activemq.util.JMSExceptionSupport.create(JMSExceptionSuppo >>>>>r >>>>>t.java:35) >>>>> at >>>>> >>>>>org.apache.activemq.ActiveMQSslConnectionFactory.createTransport(Acti >>>>>v >>>>>eMQSslConnectionFactory.java:115) >>>>> at >>>>> >>>>>org.apache.activemq.ActiveMQConnectionFactory.createActiveMQConnectio >>>>>n >>>>>(ActiveMQConnectionFactory.java:277) >>>>> at >>>>> >>>>>org.apache.activemq.ActiveMQConnectionFactory.createConnection(Active >>>>>M >>>>>QConnectionFactory.java:202) >>>>> at Producer.main(Producer.java:32) Caused by: >>>>> java.io.IOException: Could not load resource: >>>>> /opt/activemq/conf/client.ts >>>>> at >>>>> >>>>>org.apache.activemq.ActiveMQSslConnectionFactory.getUrlOrResourceAsSt >>>>>r >>>>>eam(ActiveMQSslConnectionFactory.java:188) >>>>> at >>>>> >>>>>org.apache.activemq.ActiveMQSslConnectionFactory.createTrustManager(A >>>>>c >>>>>tiveMQSslConnectionFactory.java:126) >>>>> at >>>>> >>>>>org.apache.activemq.ActiveMQSslConnectionFactory.createTransport(Acti >>>>>v >>>>>eMQSslConnectionFactory.java:108) >>>>> ... 3 more >>>>> >>>>> Removed the java-code that deals with the truststore and moved the >>>>> functionality to JAVA_OPTS, but this is not what I want/expected. >>>>> Using activemq-all-5.7-SNAPSHOT.jar. >>>>> >>>>> Thought this problem only occurs when using an SSL failover URI ? >>>>> >>>>> Thanks, >>>>> Geurt >>>>> >>>> >>>> >>>> >>>>-- >>>>*Christian Posta* >>>>http://www.christianposta.com/blog >>>>twitter: @christianposta >>>> >>>> >>>> >>> >>> >>> >> >> > >
