Embedded ActiveMQ with SSL

By | August 15, 2016

In this post I will show how to run an embedded instance of ActiveMQ that uses SSL for communication. In the process I will also show how to configure a JMS client to use SSL.
The resulting project is available on GitHub.

I have omitted the keystore and truststore in this article – if you want to use the exact ones I have used in the example project, they are available in the GitHub repository.

Maven pom.xml File

The example project is a Maven project with  the following pom.xml file.

Nothing fancy in here; Spring is used for the unit-test and for the JMS client, the unit-tests are implemented using JUnit4. Note that Java 8 is used.

Properties File

I am using a properties file to be able to easily configure the different aspects of JMS communication, such as keystore and truststore, JMS broker URL and so on. Note that there are two different JMS broker URLs; one used by the client and one by the embedded ActiveMQ broker. The reason for this is to make it easy to check whether the client can connect to the broker using a TCP connection, without SSL. I would not expect there being a need for two URL properties in a regular application. The default is for the client to use the SSL protocol.

Read Properties Configuration

Since I want to be able to inject values from the property file above into my test class, as we will shortly see, I need some Spring configuration:

Note that the method annotated with the @Bean annotation is static. The reason for this is to avoid the risk for lifecycle conflicts, as described in the @Bean annotation JavaDoc, under the Bootstrapping section.

JMS Configuration

The following class contains the JMS related Spring beans as well as the bean that starts the embedded ActiveMQ instance for the test.package se.ivankrizsan.configuration;

Note that the clientJMSConnectionFactory method creates different types of ActiveMQ connection factory depending on whether the client broker URL starts with “ssl” or not. For SSL communication, a keystore and truststore is configured on the connection factory. The JmsTemplate used by the client to send and receive messages does not require any special configuration to use SSL or TCP apart from the ActiveMQ connection factory – everything is encapsulated in the connection factory.
In addition, note how property values from the properties-file are injected using the @Value annotation.

Test Class

With the dependencies and all the configuration in place, we are now ready to implement the test. The test attempts to send a message to a queue on the broker and later receive the same message from the same queue.

I would not print log in regular tests, but since this is an educational example there is some logging in this test class. The Spring JmsTemplate is used to send and receive a message.

Log4J Configuration File

For completeness, I will list the Log4J configuration file here.

Running the Example

If we now run the test, output similar to the following should be output to the console:

The test should pass and we can see from the log that a JMS message was sent and a JMS message was received, as expected.

If we now modify the property CLIENT_JMS_BROKER_URL in the properties file to use plain TCP, like this:

Then we re-run the test, which should now fail:

Thus we have created an embedded ActiveMQ broker which only accepts connections over SSL.

Happy coding!

One thought on “Embedded ActiveMQ with SSL

Leave a Reply

Your email address will not be published. Required fields are marked *