4 Replies Latest reply on Feb 22, 2013 12:23 PM by Milan Milas

    Camel route - ActiveMQ from http to Https

    Milan Milas Newbie

      I have changed my ActiveMq.xml file in Fuse ESB:

       

              

                  <sslContext keyStore="file:$/conf/mybroker.ts"                         keyStorePassword="password"                         trustStore="file:$/conf/mybroker.ts"

                              trustStorePassword="password"/>

               

       

      I have generated the certificate using:

       

      Preparing certificates

      1.     Producer

      keytool -genkey -alias prod -keyalg RSA -keystore prod.ks

      CN=prod, OU=esb, O=all, L=London, ST=Unknown, C=UK

       

      2.     Consumer

      keytool -genkey -alias con -keyalg RSA -keystore con.ks

      CN= con, OU=esb, O=all, L=London, ST=Unknown, C=UK

       

      Creating a truststore

      $ keytool -export -alias prod -keystore prod.ks -file prod_cert

       

      $ keytool -export -alias con -keystore cons.ks -file con_cert

       

      $ keytool -import -alias prod -keystore mybroker.ts -file prod_cert

      $ keytool -import -alias -keystore mybroker.ts -file con_cert

       

      I am not getting any error and my route is not starting?

      tsp is working fine

        • 1. Re: Camel route - ActiveMQ from http to Https
          Milan Milas Newbie

          org.apache.activemq.ActiveMQSslConnectionFactory is definitly expecting ssl not

          https, so this is definitly not correct configuration.

           

          The problem is that I am not able to find how to configure ActiveMQ in Camel

          with https protocol?!

          • 2. Re: Camel route - ActiveMQ from http to Https
            Dejan Bosanac Newbie

            Hi,

             

            you should try using standard connection factory over ssl one for https transport. Also, note that http(s) transport requires some additional dependencies, as show here

             

            http://activemq.apache.org/http-and-https-transports-reference.html

             

            You'll need activemq-optional.jar (or activemq-http.jar starting with 5.8.0) and xstream and http-client in your classpath.

             

            Hope this helps.

             

            Edited by: dejanb on Feb 20, 2013 6:54 PM

            • 3. Re: Camel route - ActiveMQ from http to Https
              Milan Milas Newbie

              I did manage to connect to my Queue using sample from ActiveMQ book using Https.

              As bundle is not Console application ( -Djavax.net.ssl.keyStore= ......)

                I need to set System properties in Blueprint:

               

              System.setProperty("javax.net.ssl.trustStore","M:/Projects/conf/mybroker.ts");

              System.setProperty("javax.net.ssl.trustStorePassword","password");

              System.setProperty("javax.net.ssl.keyStore","M:/Projects/conf/conshrnhsp.ks");

              System.setProperty("javax.net.ssl.keyStorePassword","password");

               

              I have tried to use MethodInvokingFactoryBean but Blueprint stops waiting on namespace:

              xmlns:util="http://www.springframework.org/schema/util"

               

              As well if this works I am not sure if I could use only /conf/mybroker.ts instead of full

              path.

               

               

               

              How can I set javax.net.ssl.* in Blueprint?

               

              Edited by: milanmilas on Feb 22, 2013 12:36 PM

              • 4. Re: Camel route - ActiveMQ from http to Https
                Milan Milas Newbie

                Final solution:

                GenerateCertificate

                (must use localhost or server name, depending how you define URL in Caml, names must match)

                 

                keytool -genkey -alias localhost -keyalg RSA -keystore server.ks

                keytool -export -alias localhost -keystore server.ks -file server_cert

                keytool -import -alias -keystore localhost client.ts -file server_cert

                 

                 

                activemq.xml

                 

                            <sslContext keyStore="file:$/conf/server1.ks"                         keyStorePassword="password"                         trustStore="file:$/conf/mybroker.ts"

                                        trustStorePassword="password"/>

                         

                 

                Is this correct way or is there a better way of setting trust and keystore from Camel?

                 

                Edited by: milanmilas on Feb 22, 2013 5:23 PM