4 Replies Latest reply on Aug 10, 2012 4:51 PM by Tapasi Paul

    SSL and HornetQ in AS 6.1

    Fernando Lozano Newbie

      I'm trying to configure HornetQ on AS 6.1 so it accepts encrypted connections. I coud not find a tutorial on the subject, and only very sparse documentation, but from what I got this should work. But the JavaSE client cannot connect.

       

      The client works if I lookup for a non-SSL connecton factory. If It looks for an SSL-enabled connenction factory, it gets an

      javax.jms.JMSException: Failed to create session factory

       

      When calling createConnection:

      ConnectionFactory jmsConnectionFactory = (ConnectionFactory)ctx.lookup("SSLXAConnectionFactory");

      con = jmsConnectionFactory.createConnection();

       

      I changed hornetq-configuration.xml to add a connector and an acceptor:

       

            <connector name="netty-ssl">

               <factory-class>org.hornetq.core.remoting.impl.netty.NettyConnectorFactory</factory-class>

               <param key="host" value="${jboss.bind.address:localhost}"/>

               <param key="port" value="${hornetq.remoting.netty.ssl.port:5446}"/>

               <param key="ssl-enabled" value="true"/>

               <param key="ssl-enabled" value="true"/>

               <param key="key-store-path" value="${jboss.server.home.dir}/conf/jms.keystore"/>

               <param key="key-store-password" value="secreta"/>

            </connector>

       

            <acceptor name="netty-ssl">

               <factory-class>org.hornetq.core.remoting.impl.netty.NettyAcceptorFactory</factory-class>

               <param key="host"  value="${jboss.bind.address:localhost}"/>

               <param key="port"  value="${hornetq.remoting.netty.port.ssl:5446}"/>

               <param key="ssl-enabled" value="true"/>

               <param key="key-store-path" value="${jboss.server.home.dir}/conf/jms.keystore"/>

               <param key="key-store-password" value="secreta"/>

               <param key="trust-store-path" value="${jboss.server.home.dir}/conf/cliente.truststore"/>

               <param key="trust-store-password" value="secreta"/>

            </acceptor>

       

      And changed hornetq-jms.xml to bind to JNDI a conection factory using them:

       

         <connection-factory name="NettySSLConnectionFactory">

            <xa>true</xa>

            <connectors>

               <connector-ref connector-name="netty-ssl"/>

            </connectors>

            <entries>

               <entry name="/SSLConnectionFactory"/>

               <entry name="/SSLXAConnectionFactory"/>

            </entries>

         </connection-factory>

       

      JBoss AS 6.1 starts without an error in server.log

       

      jms.keystore and client.truststore were generated using keytool, the same way it works to configure a remoting ssl invoker for EJB3.

       

      I even download hornetq standalone and looked at the examples, it looks like I did the same as sample "ssl-enabled", but it won't work for me.

       

      Please, any hint on what I did wrong?

       

       

      []s, Fernando Lozano