Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Setting trust store programatically in ActiveMQSslConnectionFactory seems to fail

Tags:

java

ssl

ssl-certificate

jms

activemq-classic

I have been working on a java activemq client software to connect to a ssl powered broker, but setting the trust store programatically through:

// Configure the secure connection factory.
ActiveMQSslConnectionFactory connectionFactory = new ActiveMQSslConnectionFactory(url);
connectionFactory.setTrustStore("/conf/client.ts"); // truststore which includes the certificate of the broaker
connectionFactory.setTrustStorePassword("password");

as indicated here. However, that throw a

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed Error

Following the response of the QA Resolving javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed Error? I was able to successfully connect the client to the broker by adding the broker certificate to my java installation's trusted certificates.

However, in this case, I do not want each user using the application to import the certificate on their java distribution, but rather that the client application already carries the broker certificate. How can I do that preferably using the ActiveMQSslConnectionFactory class?

like image 723
Thomas Avatar asked Mar 25 '26 06:03

Thomas

1 Answers

From what I understand, you need to trust all the incoming self-signed certificates.

You could try this way (create a trust-manager which does not validate and then register it:

TrustManager[] trustAllCerts = new TrustManager[] { 
    new X509TrustManager() {     
        public java.security.cert.X509Certificate[] getAcceptedIssuers() { 
            return null;
        } 
        public void checkClientTrusted( 
            java.security.cert.X509Certificate[] certificates, String authType) {
            } 
        public void checkServerTrusted( 
            java.security.cert.X509Certificate[] certificates, String authType) {
        }
    } 
}; 

try {
    SSLContext sslContext = SSLContext.getInstance("SSL"); 
    sslContext.init(null, trustAllCerts, new java.security.SecureRandom()); 
    HttpsURLConnection.setDefaultSSLSocketFactory(sslContext.getSocketFactory());
} catch (GeneralSecurityException e) {
} 

//then do the ssl conversation.
like image 111
Chris Avatar answered Mar 27 '26 19:03

Chris
Sign in to Comment

Related questions

onActivityResult() function when Activity is recreated?
How to use Powermockito so that private void methods are skipped [duplicate]
Producing multiple outputs from a Camel Processor/Component
How to find the next in order successor in a binary tree?
"getIntent()" - How it works
Loading and sorting two OneToMany-relationships at once with JPA
returnin jsp with Jersey 2.6
Using JSF 2.2.5 with Google App Engine
Difference between stop and terminate options of tomcat in eclipse
Eclipse Java Formatter - Align Fields in Columns; Not Working

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!