I'm trying to configure HornetQ on AS 6.1 so it accepts encrypted connections. I coud not find a tutorial on the subject, and only very sparse documentation, but from what I got this should work. But the JavaSE client cannot connect.
The client works if I lookup for a non-SSL connecton factory. If It looks for an SSL-enabled connenction factory, it gets an
javax.jms.JMSException: Failed to create session factory
When calling createConnection:
ConnectionFactory jmsConnectionFactory = (ConnectionFactory)ctx.lookup("SSLXAConnectionFactory");
con = jmsConnectionFactory.createConnection();
I changed hornetq-configuration.xml to add a connector and an acceptor:
<connector name="netty-ssl">
<factory-class>org.hornetq.core.remoting.impl.netty.NettyConnectorFactory</factory-class>
<param key="host" value="${jboss.bind.address:localhost}"/>
<param key="port" value="${hornetq.remoting.netty.ssl.port:5446}"/>
<param key="ssl-enabled" value="true"/>
<param key="ssl-enabled" value="true"/>
<param key="key-store-path" value="${jboss.server.home.dir}/conf/jms.keystore"/>
<param key="key-store-password" value="secreta"/>
</connector>
<acceptor name="netty-ssl">
<factory-class>org.hornetq.core.remoting.impl.netty.NettyAcceptorFactory</factory-class>
<param key="host" value="${jboss.bind.address:localhost}"/>
<param key="port" value="${hornetq.remoting.netty.port.ssl:5446}"/>
<param key="ssl-enabled" value="true"/>
<param key="key-store-path" value="${jboss.server.home.dir}/conf/jms.keystore"/>
<param key="key-store-password" value="secreta"/>
<param key="trust-store-path" value="${jboss.server.home.dir}/conf/cliente.truststore"/>
<param key="trust-store-password" value="secreta"/>
</acceptor>
And changed hornetq-jms.xml to bind to JNDI a conection factory using them:
<connection-factory name="NettySSLConnectionFactory">
<xa>true</xa>
<connectors>
<connector-ref connector-name="netty-ssl"/>
</connectors>
<entries>
<entry name="/SSLConnectionFactory"/>
<entry name="/SSLXAConnectionFactory"/>
</entries>
</connection-factory>
JBoss AS 6.1 starts without an error in server.log
jms.keystore and client.truststore were generated using keytool, the same way it works to configure a remoting ssl invoker for EJB3.
I even download hornetq standalone and looked at the examples, it looks like I did the same as sample "ssl-enabled", but it won't work for me.
Please, any hint on what I did wrong?
[]s, Fernando Lozano