4 Replies Latest reply on Feb 22, 2013 12:23 PM by milanmilas

Camel route - ActiveMQ from http to Https

milanmilas Feb 20, 2013 6:51 AM

I have changed my ActiveMq.xml file in Fuse ESB:

<sslContext keyStore="file:$/conf/mybroker.ts" keyStorePassword="password" trustStore="file:$/conf/mybroker.ts"

trustStorePassword="password"/>

I have generated the certificate using:

Preparing certificates

1. Producer

keytool -genkey -alias prod -keyalg RSA -keystore prod.ks

CN=prod, OU=esb, O=all, L=London, ST=Unknown, C=UK

2. Consumer

keytool -genkey -alias con -keyalg RSA -keystore con.ks

CN= con, OU=esb, O=all, L=London, ST=Unknown, C=UK

Creating a truststore

$ keytool -export -alias prod -keystore prod.ks -file prod_cert

$ keytool -export -alias con -keystore cons.ks -file con_cert

$ keytool -import -alias prod -keystore mybroker.ts -file prod_cert

$ keytool -import -alias -keystore mybroker.ts -file con_cert

I am not getting any error and my route is not starting?

tsp is working fine

1. Re: Camel route - ActiveMQ from http to Https

milanmilas Feb 20, 2013 12:27 PM (in response to milanmilas)

org.apache.activemq.ActiveMQSslConnectionFactory is definitly expecting ssl not
https, so this is definitly not correct configuration.

The problem is that I am not able to find how to configure ActiveMQ in Camel
with https protocol?!
Actions
2. Re: Camel route - ActiveMQ from http to Https

dejanb_dejan Feb 20, 2013 12:54 PM (in response to milanmilas)

Hi,

you should try using standard connection factory over ssl one for https transport. Also, note that http(s) transport requires some additional dependencies, as show here

http://activemq.apache.org/http-and-https-transports-reference.html

You'll need activemq-optional.jar (or activemq-http.jar starting with 5.8.0) and xstream and http-client in your classpath.

Hope this helps.

Edited by: dejanb on Feb 20, 2013 6:54 PM
Actions
3. Re: Camel route - ActiveMQ from http to Https

milanmilas Feb 22, 2013 7:36 AM (in response to dejanb_dejan)

I did manage to connect to my Queue using sample from ActiveMQ book using Https.
As bundle is not Console application ( -Djavax.net.ssl.keyStore= ......)
I need to set System properties in Blueprint:

System.setProperty("javax.net.ssl.trustStore","M:/Projects/conf/mybroker.ts");
System.setProperty("javax.net.ssl.trustStorePassword","password");
System.setProperty("javax.net.ssl.keyStore","M:/Projects/conf/conshrnhsp.ks");
System.setProperty("javax.net.ssl.keyStorePassword","password");

I have tried to use MethodInvokingFactoryBean but Blueprint stops waiting on namespace:
xmlns:util="http://www.springframework.org/schema/util"

As well if this works I am not sure if I could use only /conf/mybroker.ts instead of full
path.

How can I set javax.net.ssl.* in Blueprint?

Edited by: milanmilas on Feb 22, 2013 12:36 PM
Actions
4. Re: Camel route - ActiveMQ from http to Https

milanmilas Feb 22, 2013 12:23 PM (in response to milanmilas)

Final solution:
GenerateCertificate
(must use localhost or server name, depending how you define URL in Caml, names must match)

keytool -genkey -alias localhost -keyalg RSA -keystore server.ks
keytool -export -alias localhost -keystore server.ks -file server_cert
keytool -import -alias -keystore localhost client.ts -file server_cert

activemq.xml

            <sslContext keyStore="file:$/conf/server1.ks"                         keyStorePassword="password"                         trustStore="file:$/conf/mybroker.ts"
                        trustStorePassword="password"/>


Is this correct way or is there a better way of setting trust and keystore from Camel?

Edited by: milanmilas on Feb 22, 2013 5:23 PM
Actions

Go to original post