how to create amqp connection using apache qpid library and dynamic certificate string (instead of path to certificate) in java

Question

Currently creating amqp connection by overriding setRemoteURI("") of JmsConnectionFactory(qpid apache) application-context.xml

<bean id="amqpConfig" class="org.apache.camel.component.jms.JmsConfiguration">
    <property name="connectionFactory">
        <bean class="com.abc.AMQPSConnectionFactory">
        </bean>
    </property>
</bean>
    
    
<bean id="amqp" class="org.apache.camel.component.amqp.AMQPComponent">
    <property name="testConnectionOnStartup" value="true" />
    <property name="configuration" ref="amqpConfig" />
</bean>

My AMQPSConnectionFactory - currently is creating amqp connection with given KEYSTORELOCATION, KEYSTOREPASSWORD, KEYSTORETYPE by overriding setRemoteURI("") of JmsConnectionFactory as shown

public class AMQPSConnectionFactory extends JmsConnectionFactory {
       public AMQPSConnectionFactory() {
        setRemoteURI("URL?jms.prefetchPolicy.queuePrefetch=true&transport.keyStoreLocation=KEYSTORELOC&transport.keyStorePassword=KEYSTOREPASSWORD&transport.keyStoreType=KEYSTORETYPE&transport.trustAll=true&transport.enabledProtocols=TLSv1.2");
    }
}

How can I create amqp connection by passing the base 64 encoded CERTIFICATE string (instead of the KEYSTORELOCATION), base 64 encoded PASSWORD of that certificate(instead of KEYSTOREPASSWORD) and KEYSTORETYPE at the run time?

Issue: I cannot keep certificate at a path(to give KEYSTORELOCATION in uri), but need to use the certificate string itself

Tim Bish · Answer 1 · 2020-10-05T13:53:48.557

0

The closest match for what you are asking is the SSLContext override which allows you to provide your own SSLContext that the client would use during the SSL handshake. There is no mechanism to provide a certificate directly to the connection factory and I doubt any such mechanism will be added.

 JmsConnectionFactory factory = new JmsConnectionFactory("amqps://localhost:5673");
 factory.setSslContext(<your-own-context>);

edited Oct 05 '20 at 13:53

answered Oct 01 '20 at 20:16

Tim Bish

17,475
4
32
42

can you share an example of how to override SSLContext – Myra Oct 05 '20 at 13:23
added a code snippet, the methods are all documented in the factory – Tim Bish Oct 05 '20 at 13:54
final InputStream in = getCertificateAsInputStream(); final KeyStore ks = KeyStore.getInstance("PKCS12"); ks.load(in, getPassword()); KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); kmf.init(ks, getPassword()); final TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); tmf.init(ks); SSLContext context = SSLContext.getInstance("TLSv1.2"); context.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null); Results in issue-Cause: General SSLEngine problem – Myra Oct 06 '20 at 17:16

how to create amqp connection using apache qpid library and dynamic certificate string (instead of path to certificate) in java

1 Answers1