一、生成相应的证书文件
1、keytool -genkey -alias broker -keyalg RSA -keystore
2、keytool -export -alias broker -keystore c:/mybroker.ks -file
3、keytool -genkey -alias client -keyalg RSA -keystore c:/myclient.ks
4、keytool -import -alias broker -keystore c:/myclient.ts -file c:/mybroker_cert
把上面生成的文件拷贝到${activemq.base}/conf/目录下
然后将如下配置考到相应的activemq.xml文件中
<transportConnector name="ssl" uri="ssl://localhost:61617"/>
<sslContext keyStore="file:${activemq.base}/conf/mybroker.ks" keyStorePassword="test123" trustStore="file:${activemq.base}/conf/myclient.ts" trustStorePassword="test123"/>
二、编写如下测试类
package org.apache.activemq.book.ch3;
import java.security.KeyStore;
import javax.jms.Connection;
import javax.jms.Destination;
import javax.jms.JMSException;
import javax.jms.MessageConsumer;
import javax.jms.Session;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import org.apache.activemq.ActiveMQSslConnectionFactory;
import org.apache.activemq.book.ch2.portfolio.Listener;
public class SSLConsumer {
private static transient ActiveMQSslConnectionFactory factory;
private transient Connection connection;
private transient Session session;
// keystore client path
private String keyStore = "myclient.ks";
// truststore client path
private String trustStore = "myclient.ts";
private String keyStorePassword = "test123";
private String url = "ssl://localhost:61617";
public SSLConsumer() throws Exception {
// 实例化 ActiveMQSslConnectionFactory
factory = new ActiveMQSslConnectionFactory();
factory.setBrokerURL(url);
factory.setKeyAndTrustManagers(getKeyManagers(keyStore,
keyStorePassword), getTrustManagers(trustStore),
new java.security.SecureRandom());
connection = factory.createConnection();
connection.start();
session = connection.createSession(false, Session.AUTO_ACKNOWLEDGE);
}
public void close() throws JMSException {
if (connection != null) {
connection.close();
}
}
public static void main(String[] args) throws Exception {
// define connection URI
SSLConsumer consumer = new SSLConsumer();
// extract topics from the rest of arguments
String[] topics = new String[]{"JAVA","IONA"};
//System.arraycopy(args, 1, topics, 0, args.length - 1);
for (String stock : topics) {
Destination destination = consumer.getSession().createTopic(
"STOCKS." + stock);
MessageConsumer messageConsumer = consumer.getSession()
.createConsumer(destination);
messageConsumer.setMessageListener(new Listener());
}
}
public Session getSession() {
return session;
}
private KeyManager[] getKeyManagers(String keyStore, String keyStorePassword)
throws java.security.NoSuchAlgorithmException,
java.security.KeyStoreException,
java.security.GeneralSecurityException,
java.security.cert.CertificateException, java.io.IOException,
java.security.UnrecoverableKeyException {
System.out.println("Initiating KeyManagers");
KeyStore ks = KeyStore.getInstance("JKS");
ks.load(ClassLoader.getSystemResourceAsStream(keyStore), keyStorePassword.toCharArray());
KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory
.getDefaultAlgorithm());
kmf.init(ks, keyStorePassword.toCharArray());
System.out.println("Initiated KeyManagers");
return kmf.getKeyManagers();
}
private TrustManager[] getTrustManagers(String trustStore)
throws java.security.NoSuchAlgorithmException,
java.security.KeyStoreException, java.io.IOException,
java.security.GeneralSecurityException {
System.out.println("Initiating TrustManagers");
KeyStore ks = KeyStore.getInstance("JKS");
ks.load(ClassLoader.getSystemResourceAsStream(trustStore), null);
TrustManagerFactory tmf = TrustManagerFactory
.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(ks);
System.out.println("Initiated TrustManagers");
return tmf.getTrustManagers();
}
}