ActiveMQ中使用SSL

一、生成相应的证书文件
 1、keytool -genkey -alias broker -keyalg RSA -keystore 
 2、keytool -export -alias broker -keystore c:/mybroker.ks -file 

 3、keytool -genkey -alias client -keyalg RSA -keystore c:/myclient.ks 

 4、keytool -import -alias broker -keystore c:/myclient.ts -file c:/mybroker_cert 

 把上面生成的文件拷贝到${activemq.base}/conf/目录下
 然后将如下配置考到相应的activemq.xml文件中
 <transportConnector name="ssl" uri="ssl://localhost:61617"/>
 
 <sslContext keyStore="file:${activemq.base}/conf/mybroker.ks" keyStorePassword="test123" trustStore="file:${activemq.base}/conf/myclient.ts" trustStorePassword="test123"/>
 
二、编写如下测试类
package org.apache.activemq.book.ch3;

import java.security.KeyStore;

import javax.jms.Connection;
import javax.jms.Destination;
import javax.jms.JMSException;
import javax.jms.MessageConsumer;
import javax.jms.Session;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;

import org.apache.activemq.ActiveMQSslConnectionFactory;
import org.apache.activemq.book.ch2.portfolio.Listener;

public class SSLConsumer {

 private static transient ActiveMQSslConnectionFactory factory;
 private transient Connection connection;
 private transient Session session;

 // keystore client path
 private String keyStore = "myclient.ks";

 // truststore client path
 private String trustStore = "myclient.ts";

 private String keyStorePassword = "test123";

 private String url = "ssl://localhost:61617";

 public SSLConsumer() throws Exception {
  // 实例化 ActiveMQSslConnectionFactory
  factory = new ActiveMQSslConnectionFactory();
  factory.setBrokerURL(url);
  factory.setKeyAndTrustManagers(getKeyManagers(keyStore,
    keyStorePassword), getTrustManagers(trustStore),
    new java.security.SecureRandom());
  connection = factory.createConnection();
  connection.start();
  session = connection.createSession(false, Session.AUTO_ACKNOWLEDGE);
 }

 public void close() throws JMSException {
  if (connection != null) {
   connection.close();
  }
 }

 public static void main(String[] args) throws Exception {
  

  // define connection URI
  SSLConsumer consumer = new SSLConsumer();

  // extract topics from the rest of arguments
  String[] topics = new String[]{"JAVA","IONA"};
  //System.arraycopy(args, 1, topics, 0, args.length - 1);
  for (String stock : topics) {
   Destination destination = consumer.getSession().createTopic(
     "STOCKS." + stock);
   MessageConsumer messageConsumer = consumer.getSession()
     .createConsumer(destination);
   messageConsumer.setMessageListener(new Listener());
  }
 }

 public Session getSession() {
  return session;
 }

 private KeyManager[] getKeyManagers(String keyStore, String keyStorePassword)
   throws java.security.NoSuchAlgorithmException,
   java.security.KeyStoreException,
   java.security.GeneralSecurityException,
   java.security.cert.CertificateException, java.io.IOException,
   java.security.UnrecoverableKeyException {
  System.out.println("Initiating KeyManagers");

  KeyStore ks = KeyStore.getInstance("JKS");
  ks.load(ClassLoader.getSystemResourceAsStream(keyStore), keyStorePassword.toCharArray());
  KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory
    .getDefaultAlgorithm());
  kmf.init(ks, keyStorePassword.toCharArray());

  System.out.println("Initiated KeyManagers");

  return kmf.getKeyManagers();

 }

 private TrustManager[] getTrustManagers(String trustStore)
   throws java.security.NoSuchAlgorithmException,
   java.security.KeyStoreException, java.io.IOException,
   java.security.GeneralSecurityException {
  System.out.println("Initiating TrustManagers");

  KeyStore ks = KeyStore.getInstance("JKS");
  ks.load(ClassLoader.getSystemResourceAsStream(trustStore), null);
  TrustManagerFactory tmf = TrustManagerFactory
    .getInstance(TrustManagerFactory.getDefaultAlgorithm());
  tmf.init(ks);

  System.out.println("Initiated TrustManagers");

  return tmf.getTrustManagers();
 }

}