doc/book/src/java-broker/Configure-Java-Qpid-to-use-a-SSL-connection.xml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84

<?xml version="1.0" encoding="utf-8"?>

<!--
 
 Licensed to the Apache Software Foundation (ASF) under one
 or more contributor license agreements.  See the NOTICE file
 distributed with this work for additional information
 regarding copyright ownership.  The ASF licenses this file
 to you under the Apache License, Version 2.0 (the
 "License"); you may not use this file except in compliance
 with the License.  You may obtain a copy of the License at
 
   http://www.apache.org/licenses/LICENSE-2.0
 
 Unless required by applicable law or agreed to in writing,
 software distributed under the License is distributed on an
 "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 KIND, either express or implied.  See the License for the
 specific language governing permissions and limitations
 under the License.
 
-->

<section id="Qpid-Java-SSL"><title>
      Configure Java Qpid to use a SSL connection.
    </title>

    <section role="h2" id="ConfigureJavaQpidtouseaSSLconnection.-UsingSSLconnectionwithQpidJava."><title>
            Using SSL connection with Qpid Java.
          </title>
	  <para>
            This section will show how to use SSL to enable secure
            connections between a Java client and broker.
          </para>
<!--h2--></section>
    <section role="h2" id="ConfigureJavaQpidtouseaSSLconnection.-Setup"><title>
            Setup
          </title>
    <section role="h3" id="ConfigureJavaQpidtouseaSSLconnection.-BrokerSetup"><title>
            Broker
            Setup
          </title>
	  <para>
            The broker configuration file (config.xml) needs to be updated to
            include the SSL keystore location details.
          </para>
                        
<programlisting>
&lt;!-- Additions required to Connector Section --&gt;

&lt;ssl&gt;
    &lt;enabled&gt;true&lt;/enabled&gt;
    &lt;sslOnly&gt;true&lt;/sslOnly&gt;
    &lt;keyStorePath&gt;/path/to/keystore.ks&lt;/keyStorePath&gt;
    &lt;keyStorePassword&gt;keystorepass&lt;/keyStorePassword&gt;
&lt;/ssl&gt;
</programlisting>
            
          <para>
            The sslOnly option is included here for completeness however this
            will disable the unencrypted port and leave only the SSL port
            listening for connections.
          </para>
<!--h3--></section>
    <section role="h3" id="ConfigureJavaQpidtouseaSSLconnection.-ClientSetup"><title>
            Client
            Setup
          </title>
	  <para>
            The best place to start looking is class
            <emphasis>SSLConfiguration</emphasis> this is provided to the connection
            during creation however there is currently no example that
            demonstrates its use.
          </para>
<!--h3--></section>
<!--h2--></section>

    <section role="h2" id="ConfigureJavaQpidtouseaSSLconnection.-Performingtheconnection."><title>
            Performing
            the connection.
          </title>
	  <para/>
    <!--h2--></section>
</section>