ActiveMQ 5.16.2 Securing Webconsole using HTTPS

I have followed this guideline to secure the ActiveMQ 5.16.2 Webconsole: https://activemq.apache.org/web-console

Thus, I made the following configuration in my jetty.xml:

  1. Per default the authentification setting is true, so I just left it like that:

    <property name="authenticate" value="true" />
    
  2. I have generated a certificate amqtest.p12 and moved it into the /conf folder:

/home/amquser/apache-activemq-5.16.2/conf/amqtest.p12

  1. I have enabled the SecureConnector and changed the keyStorePath and keyStorePassword:

            <bean id="SecureConnector" class="org.eclipse.jetty.server.ServerConnector">
                <constructor-arg ref="Server" />
                <constructor-arg>
                    <bean id="handlers" class="org.eclipse.jetty.util.ssl.SslContextFactory">
    
                        <property name="keyStorePath" value="$file:${activemq.conf}/amqtest.p12" />
                        <property name="keyStorePassword" value="changeit" />
                    </bean>
                </constructor-arg>
                <property name="port" value="8162" />
            </bean>
    

Unfortunately, I receive the following error when I am trying to start ActiveMQ:

INFO | Starting Jetty server
INFO | Creating Jetty connector
WARN | ServletContext@o.e.j.s.ServletContextHandler@1ecfcbc9{/,null,STARTING} has uncovered http methods for path: /
INFO | Listening for connections at ws://amqtest:61614?maximumConnections=1000&wireFormat.maxFrameSize=104857600
INFO | Connector ws started
INFO | Apache ActiveMQ 5.16.2 (localhost, ID:amqtest-33843-1626808816420-0:1) started
INFO | For help or more information please see: http://activemq.apache.org
WARN | Store limit is 102400 mb (current store usage is 0 mb). The data directory: /home/amquser/apache-activemq-5.16.2/data/kahadb only has 2905 mb of usable space. - resetting to maximum available disk space: 2905 mb
WARN | Temporary Store limit is 51200 mb (current store usage is 0 mb). The data directory: /home/amquser/apache-activemq-5.16.2/data only has 2905 mb of usable space. - resetting to maximum available disk space: 2905 mb
INFO | ActiveMQ WebConsole available at http://0.0.0.0:8161/
INFO | ActiveMQ Jolokia REST API available at http://0.0.0.0:8161/api/jolokia/
WARN | Exception encountered during context initialization - cancelling refresh attempt: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'invokeStart' defined in class path resource [jetty.xml]: Invocatio n of init method failed; nested exception is java.lang.IllegalStateException: /home/amquser/apache-activemq-5.16.2/bin/$file:/home/amquser/apache-activemq-5.16.2/conf/amqtest.p12 is not a valid keystore
INFO | Apache ActiveMQ 5.16.2 (localhost, ID:amqtest-33843-1626808816420-0:1) is shutting down
INFO | Connector openwire stopped
INFO | Connector amqp stopped
INFO | Connector stomp stopped
INFO | Connector mqtt stopped
INFO | Connector ws stopped
INFO | Broker Plugin org.apache.activemq.broker.util.DestinationPathSeparatorBroker stopped
INFO | PListStore:[/home/amquser/apache-activemq-5.16.2/data/localhost/tmp_storage] stopped
INFO | Stopping async queue tasks
INFO | Stopping async topic tasks
INFO | Stopped KahaDB
INFO | Apache ActiveMQ 5.16.2 (localhost, ID:amqtest-33843-1626808816420-0:1) uptime 1.539 seconds
INFO | Apache ActiveMQ 5.16.2 (localhost, ID:amqtest-33843-1626808816420-0:1) is shutdown
INFO | Closing org.apache.activemq.xbean.XBeanBrokerFactory$1@6973b51b: startup date [Tue Jul 20 19:20:15 GMT 2021]; root of context hierarchy
ERROR | Failed to load: class path resource [activemq.xml], reason: Error creating bean with name 'invokeStart' defined in class path resource [jetty.xml]: Invocation of init method failed; nested exception is java.lang.IllegalStateException: / home/amquser/apache-activemq-5.16.2/bin/$file:/home/amquser/apache-activemq-5.16.2/conf/amqtest.p12 is not a valid keystore



Read more here: https://stackoverflow.com/questions/68467176/activemq-5-16-2-securing-webconsole-using-https

Content Attribution

This content was originally published by YumYum at Recent Questions - Stack Overflow, and is syndicated here via their RSS feed. You can read the original post over there.

%d bloggers like this: