Uploaded image for project: 'ActiveMQ Classic'
  1. ActiveMQ Classic
  2. AMQ-5753

Not possible to use custom truststore via org.apache.activemq.jndi.ActiveMQInitialContextFactory (within a WebLogic Foreign Server)

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Duplicate
    • 5.8.0
    • None
    • None
    • None
    • Patch Available

    Description

      In our WebLogic integration we use a JMS Foreign Server using org.apache.activemq.jndi.ActiveMQInitialContextFactory. When using an SSL connection, then the activemq-client will only "see" the trust store specified with the JVM option -Djavax.net.ssl.trustStore.
      There's no way to specify a custom trust store (and key store) via the initial context properties.

      See attached patch, where I added this feature (based on 5.8.0 release). In order to specify a custom trust store, add the following properties to the initial context:

      • ssl.trustStore=/path/to/broker.ts
      • ssl.trustStorePassword=password

      I can confirm that this patch works with ApacheMQ 5.8.0 and WebLogic 10.3.6.0. I also added properties for ssl.keyStore and ssl.keyStorePassword, but I didn't test connecting with SSL client certificates yet.

      Attachments

        1. activemq-client.diff
          10 kB
          Bernhard Trummer

        Issue Links

          Activity

            People

              Unassigned Unassigned
              slash Bernhard Trummer
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: