LibraryToggle FramesPrintFeedback

The purpose of this tutorial is to show how you can deploy a secure Fuse Message Broker broker in the OSGi container, where one or more of the broker's endpoints has SSL/TLS enabled. Unlike an insecure broker, you cannot deploy a secure broker simply by dropping its XML configuration file into the hot deploy directory, as described in Hot Deployment in Deploying into the OSGi Container. This is because a secure broker must be accompanied by X.509 certificates and their keys. It is necessary, therefore, to package the broker configuration file together with its certificates and keys in a single OSGi bundle.

This tutorial explains how to use the Maven build tool to create an OSGi bundle containing the secure broker's configuration and its accompanying certificates and keys. After deploying the broker into the OSGi container, you test it using the sample JMS clients from the standalone Fuse Message Broker distribution (which you can obtain from the ESB download page).

The following prerequisites are needed for this tutorial:

You must customize the POM file in order to generate an OSGi bundle, as follows:

  1. Follow the POM customization steps described in Modifying an Existing Maven Project in Deploying into the OSGi Container.

  2. In the configuration of the Maven bundle plug-in, modify the bundle instructions to import additional Java packages, as follows:

    <project ... >
      ...
      <build>
        ...
          <plugin>
            <groupId>org.apache.felix</groupId>
            <artifactId>maven-bundle-plugin</artifactId>
            <extensions>true</extensions>
            <configuration>
              <instructions>
                <Bundle-SymbolicName>
                  ${project.artifactId}
                </Bundle-SymbolicName>
    	            <Import-Package>org.apache.activemq.xbean,
                                org.apache.activemq.spring,
                                org.apache.activemq.broker,
                                org.apache.activemq.security,
                                org.apache.activemq.jaas,
                                org.apache.activemq.pool,
                                org.apache.activemq.camel.component,
                                org.apache.camel.component.jms,
                                *</Import-Package>
              </instructions>
            </configuration>
          </plugin>
        </plugins>
      </build>
      ...
    </project>
[Note]Note

Not all of these packages are required by the current tutorial. It is convenient, however, to add all of the packages required by the subsequent tutorials at this point.

To test the broker configured in the OSGi container, you are going to use the example consumer tool and producer tool supplied with the standalone version of Fuse Message Broker.

Configure the consumer and the producer clients to pick up the client trust store. Edit the Ant build file, ActiveMQInstallDir/example/build.xml, and add the javax.net.ssl.trustStore and javax.net.ssl.trustStorePassword JSSE system properties to the consumer target and the producer target as shown in the following example:

In the context of the Ant build tool, this is equivalent to adding the system properties to the command line.

Comments powered by Disqus