1

I'm trying to send secure messages over SSL with ActiveMQ, using the Apache NMS API for .NET.

In the broker.xml I tried adding "sslEnabled=true" to the default acceptor:

<acceptor name="artemis">tcp://0.0.0.0:61616?sslEnabled=true;tcpSendBufferSize=1048576;tcpReceiveBufferSize=1048576;protocols=CORE,AMQP,STOMP,HORNETQ,MQTT,OPENWIRE;useEpoll=true;amqpCredits=1000;amqpLowCredits=300</acceptor>

I'm trying to set up a consumer like this:

IConnectionFactory factory = new ConnectionFactory("activemq:tcp://localhost:61616");
connection = (Connection)factory.CreateConnection();                       
connection.Start();
ISession session = connection.CreateSession();
IDestination destination = session.GetTopic("topic1");
consumer = session.CreateConsumer(destination);
consumer.Listener += new MessageListener(HandleMessage);

When the code reaches the line connection.Start(), I get this exception:

Channel was inactive for too long: tcp://localhost:61616/

I have tried changing the connection url like this (ssl in the middle instead of tcp):

IConnectionFactory factory = new ConnectionFactory("activemq:ssl://localhost:61616");

And then I got this exception:

Unable to read data from the transport connection: An established connection was aborted by the software in your host machine

What am I doing wrong here? How can I send and receive secured messages?

Justin Bertram
  • 29,372
  • 4
  • 21
  • 43
CodeMonkey
  • 11,196
  • 30
  • 112
  • 203
  • From cmd.exe >Ping localhost. Is the machine IP returned or the loopback 127.0.0.1? Check if the service is running cmd.exe >Netstat -a which will give list of TCP connection and ports. – jdweng Oct 02 '19 at 12:58
  • "Reply from ::1: time<1ms" – CodeMonkey Oct 02 '19 at 13:04
  • Also, when not using the addition in the acceptor of "sslEnabled=true", and just trying to send regular messages, it does work – CodeMonkey Oct 02 '19 at 13:07
  • I get same results. The localhost file has all comments (starting with #). The localhost file is located in folder : C:\Windows\System32\drivers\etc. You probably want to use the environmental variable COMPUTERNAME and use the name instead of localhost. You can get list of environmental variable cmd.exe >SET – jdweng Oct 02 '19 at 13:11
  • it's 127.0.0.1 like expected – CodeMonkey Oct 02 '19 at 13:14
  • Is the service running using Netstat? If the service is running and is connected to 127.0.0.1 you cannot also use 127.0.0.1. So you must use the machine IP address or name. Service should really use IP.Any instead of the loopback so the clients can use loopback. – jdweng Oct 02 '19 at 13:22
  • The service is running. Like I said, when it works when using regualr tcp and not SSL. So what should be the change here? – CodeMonkey Oct 02 '19 at 13:24
  • See codeproject : https://www.codeproject.com/Articles/1000189/A-Working-TCP-Client-and-Server-With-SSL – jdweng Oct 02 '19 at 13:29
  • @jdweng that's not ActiveMQ with Apache NMS – CodeMonkey Oct 02 '19 at 13:31
  • You need to get the certificate from the FACTORY. See if this codeproject is better : https://www.codeproject.com/Articles/1063910/WebSocket-Server-in-Csharp – jdweng Oct 02 '19 at 14:18
  • Have you tried this `var cf = new Apache.NMS.Stomp.ConnectionFactory("stomp:ssl://0.0.0.0:61613")`? – Hoang Phuoc Truong Oct 03 '19 at 04:10
  • @HoangPhuocTruong I've tried IConnectionFactory factory = new ConnectionFactory("activemq:ssl://localhost:61616") – CodeMonkey Oct 06 '19 at 06:27
  • @jdweng how do i create certificates? By Factory, you refer to the ConnectionFactory in my code? – CodeMonkey Oct 06 '19 at 06:28
  • See following : https://stackoverflow.com/questions/13806299/how-to-create-a-self-signed-certificate-using-c – jdweng Oct 06 '19 at 10:51

0 Answers0