ActiveMQ - 创建侦听SSL(TLS)传输错误的嵌入式代理

时间:2012-04-29 17:30:31

标签: java activemq

我想创建一个嵌入式ActiveMQ代理,它使用客户端身份验证机制(TLS)侦听SSL协议。

这是我希望这样做的代码:

//loading keystore from file    
KeyStore keystore = KeyStore.getInstance("pkcs12");

File ksfile = new File("/home/me/client1.pkcs12");
FileInputStream ksfis = new FileInputStream(ksfile);

keystore.load(ksfis, "password".toCharArray());

//loading truststore from file
KeyStore truststore = KeyStore.getInstance("jks");
truststore.load(new FileInputStream(new File("/home/me/client1.truststore")), "password"
                .toCharArray());

KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory
        .getDefaultAlgorithm());
kmf.init(keystore, "password".toCharArray());

TrustManagerFactory tmf = TrustManagerFactory
        .getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(truststore);

//broker definition
String cfURI = "ssl://localhost:2032";
BrokerService brokerService = new BrokerService();
brokerService.addConnector(cfURI);

//configure ssl context for the broker
SslContext sslContext = new SslContext(kmf.getKeyManagers(),tmf.getTrustManagers(), null);

//need client authentication
sslContext.getSSLContext().getDefaultSSLParameters().setNeedClientAuth(true);
sslContext.getSSLContext().getDefaultSSLParameters().setWantClientAuth(true);

brokerService.setSslContext(sslContext);
brokerService.start();

当我在主程序中执行前面的代码时,我收到以下错误:

GRAVE: Could not accept connection : javax.net.ssl.SSLException: No available certificate or key corresponds to the SSL cipher suites which are enabled.

任何建议都很好!

感谢阅读。

2 个答案:

答案 0 :(得分:1)

您的客户端是否已从其信任库中的代理设置证书?我担心你遇到的问题。

除此之外,如果你粘贴客户端代码也可能会有所帮助

答案 1 :(得分:0)

从客户端连接时,我使用ActiveMQConnectionFactory而不是ActiveMQSslConnectionFactory来获取此错误