Jump to: navigation, search

ActiveMQ—SSL for JMS CP

This page provides an example of how to enable SSL with the ActiveMQ provider.

Enabling SSL with the ActiveMQ provider

Important
ActiveMQ client jar of version 5.14.2 or later is needed.
  1. Prepare the TLS certificates, as described in the Genesys Security Deployment Guide.
  2. Copy cert.jks and truststore.jks into the following folder: <Apache ActiveMQ installation directory>/conf.
  3. Open the file activemq.xml in the folder <Apache ActiveMQ installation directory>/conf and add the following lines:
    <transportConnectors>
    ...
    <transportConnectorname="ssl"uri="ssl://0.0.0.0:<ssl_port>?trace=true&needClientAuth=true"/>
    ...
    </transportConnectors>
    <sslContext>
    <sslContextkeyStore="file:${activemq.base}/conf/cert.jks"
    keyStorePassword="YourKeyStorePassword"
    trustStore="file:${activemq.base}/conf/truststore.jks"
    trustStorePassword="YourTrustStorePassword"/>
    </sslContext>
  4. Restart Active MQ to let it read new configuration.
  5. In the Capture Point application options, in the settings section, edit the following options:
    • jms-provider-url=ssl://<activemq_host>:<ssl_port>
    • jms-initial-context-factory=org.apache.activemq.jndi.ActiveMQSslInitialContextFactory
  6. In the Capture Point application, create a section jms-additional-context-attributes with following options:
    • connection.ConnectionFactory.keyStore=<path to local keystore file>
    • connection.ConnectionFactory.keyStorePassword=<local keystore password>
    • connection.ConnectionFactory.keyStoreType=jks
    • connection.ConnectionFactory.trustStore=<path to local truststore file>
    • connection.ConnectionFactory.trustStorePassword=<local keystore password>
    • connection.ConnectionFactory.trustStoreType=jks
  7. To debug SSL, add the following option into the Interaction Server Application options, section java-options:
    -Djavax.net.debug=ssl:handshake,data,trustmanager,record
This page was last edited on August 12, 2020, at 09:52.

Feedback

Comment on this article:

blog comments powered by Disqus