Aug 10th, 2012, 08:32 AM
ActiveMQ SSL authentication and security assistance
Emergint has been using ActiveMQ for a number of years now in our health care consulting efforts. We have been greatly pleased with its stability and performance, particularly version 4.1.2. We are planning to move some capabilities from a locally-hosted environment to "the cloud" where we need some additional data transport protection beyond what we have currently employed. We are testing the AMQ SSL transport with "needClientAuth=true" and an associated trust store on each end of the allowed connection points; we need to insure that only trusted clients will have access to the queues. So far, we are unable to break the desired protection scheme - only trusted clients are able to produce or consume messages to the AMQ broker. We are utilizing the configuration steps specified here, http://activemq.apache.org/how-do-i-use-ssl.html , and we are not using any custom plug-ins in the broker associated with the SSL transport.
We have configured a broker on a public address in our DMZ for additional testing. If anyone is willing and able, please attempt to post messages to any queue or pull the remaining text message (generated by the example producer client) from queue FOO.BAR from the following URL:
All attempts to produce or consume data should fail; if anyone is able to succeed, please boast accordingly - I will also be monitoring the log file daily. I will be glad to post testing results or additional configuration items that members may desire in order to assist others who may need this sort of configuration. Thanks in advance for any assistance.
Timothy W. Ellis, M.S.
Sr Systems Architect / Software Engineering Mgr
Louisville , KY 40202
Tags for this Thread