Revision history [back]

To establish an SSL connection with self-signed certificates when connecting to ActiveMQ "Classic", follow these steps:

1. Generate a self-signed certificate for the broker by using the keytool command: keytool -genkey -alias broker -keyalg RSA -keystore broker.ks -validity 365
2. Export the broker's certificate to a file: keytool -export -alias broker -file broker.crt -keystore broker.ks
3. Import the broker's certificate into the truststore of the client by using the keytool command: keytool -import -alias broker -file broker.crt -keystore client.ts
4. Configure the Activemq.xml file to enable SSL by adding the following lines: <sslContext> <sslContext keyStore="broker.ks" keyStorePassword="password" trustStore="broker.ts" trustStorePassword="password" /> </sslContext> <transportConnector name="ssl" uri="ssl://localhost:61617" /> Note: Replace "localhost" and "61617" with the appropriate values for your environment.
5. Restart the broker.
6. Configure the connection factory of the client to use SSL and point it to the truststore file containing the broker's self-signed certificate: ActiveMQSslConnectionFactory connectionFactory = new ActiveMQSslConnectionFactory(); connectionFactory.setBrokerURL("ssl://localhost:61617"); connectionFactory.setTrustStore("broker.ts"); connectionFactory.setTrustStorePassword("password");
7. Create a connection to the broker by using the connection factory: Connection connection = connectionFactory.createConnection(); connection.start();
8. Use the connection to send and receive messages from the broker.