1

I have a server where we have installed ActiveMQ and also generate the necessary certificates for SSL.

I have added a broker certificate to my local machine's Keystore and then tried to connect ActiveMQ over SSL but getting an error like: not able to connect using ipaddress:61617.

Everything is working fine with TCP but the problem is when I tried to connect over SSL.

Here is the code snippet for connecting to ActiveMQ.

IConnectionFactory factory = new NMSConnectionFactory(AMQURL);
IConnection AMQConnection = factory.CreateConnection();
AMQConnection.ClientId = ClientId;
AMQConnection.Start();
ISession AMQSession = AMQConnection.CreateSession();

I am referring to this documentation for setting up SSL.

Here is the Active MQ endpoint that I am trying to connect. activemq:ssl://server-ip-address:61617

I am using Apache.NMS.ActiveMQ version 1.7.2

I have added the following line in trasportconnectors section in activemq.xml file.

sueb mijaki
  • 13
  • 5
  • @JustinBertram Here is the Active MQ endpoint that I am trying to connect. activemq:ssl://server-ip-address:61617 I am using Apache.NMS.ActiveMQ version 1.7.2 – sueb mijaki Oct 14 '20 at 14:34
  • What about the `transportConnector` configuration you're using on the broker? – Justin Bertram Oct 14 '20 at 14:43
  • @JustinBertram Yes, i have added following line in trasportconnectors section in activemq.xml file – sueb mijaki Oct 14 '20 at 15:07
  • @JustinBertram I have added the following line in trasportconnectors section in activemq.xml file. – sueb mijaki Oct 14 '20 at 15:09
  • Is your client running on the same server as your broker? If not, then using `localhost` for the `transportConnector` won't work as remote clients won't be able to reach it. – Justin Bertram Oct 14 '20 at 17:30

1 Answers1

0

In order to connect to the broker your client needs to be configured with information about the SSL certificates it should trust and if using mutual authentication you'd need to supply the client key.

There is an article that covers some details about this process here.

Alternatively I believe there is a means of storing the key and trust store data within the Windows registry and or local machine stores, some documentation here.

Tim Bish
  • 17,475
  • 4
  • 32
  • 42