SSL via JMS

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

SSL via JMS

vijay
Hi,

We want to transition from using an anonymous cipher suite to certificate based client authentication for connecting to the swiftmq server. The IIT Software provides very useful information on these authentication methods: http://www.swiftmq.com/products/router/jsse/index.html

However, whilst we are transiting we want to have both anonymous ciphers and client authentication switched on. Can anyone advise how can set up two listeners for this on our swiftmq 9.3.1 instance?

Thanks you.
Vijay
Reply | Threaded
Open this post in threaded view
|

Re: SSL via JMS

IIT Software
Administrator
Using both at once is a problem as the JSSESocketFactory is using system properties for configuration. What you could do is to create your own socket factory that extends JSSESocketFactory. Then overwrite these methods:

    protected void setEnabledCipherSuites(SSLSocket socket) throws IOException

    protected void setEnabledCipherSuites(SSLServerSocket socket) throws IOException

JSSESocketFactory does all the stuff with system properties swiftmq.jsse.* inside these methods. Use your custom socket factory for the 2nd listener. It needs to be in the class path of both router and clients.