In my Spring Boot app part of my application.yml
is as follows:
spring:
activemq:
broker-url: ssl://10.68.84.40:61617
user: admin
password: admin
packages:
trust-all: true
Where 10.68.84.40:61617
is an endpoint added to activemq.xml
:
<transportConnector name="ssl" uri="ssl://0.0.0.0:61617?maximumConnections=1000&wireFormat.maxFrameSize=104857600"/>
Spring Boot official document is way too brief about usage of ActiveMQ. I dig into org.springframework.boot.autoconfigure.jms.activemq.ActiveMQProperties
source code and see that setting spring.activemq.packages.trust-all
to true should trust all server certs, but it still gets sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
.
Then I see another property spring.activemq.packages.trusted
, but I wonder what should be put there.
Added: using openssl, sees CN of the server cert is just localhost
. The application is calling using an IP.
The setting spring.activemq.packages.trust-all
has nothing to do with SSL certificates and Spring's source code gives no indication that it does. It's related to the deserialization of JMS ObjectMessage
instances. See more in the ActiveMQ "Classic" documentation .
If you really want the client to trust all SSL certificates then simply add trustAll=true
to your broker-url
, eg:
spring:
activemq:
broker-url: ssl://10.68.84.40:61617?trustAll=true
...
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.