ActiveMQ SSL - Reload truststore with out restart broker

自闭症网瘾萝莉.ら 提交于 2021-01-29 07:29:17

问题


Im using activeMQ as my messages server. In order to keep it secure between the server and the clients (producer/consumer), I added to the activemq.xml a ssl context section that tells the activemq when it starts, with which keystore and truststore file to use. In case the truststore has be updated with a new certifiate, I would like the activemq to reload the truststore without restart the broker itself. Is there any way t do it? I found something similer in the link below but I don't know this is what I need http://activemq.apache.org/runtime-configuration.html


回答1:


There is not a way to update the certificate without dropping all the client connections, which is effectively restarting it anyway.

Using the runtime-configuration wouldn't help with this configuration change in that you'd still have to drop client connections.

Having a failover broker (aka slave broker) or a network-of-brokers would help you in this case. You could upgrade the "other broker", then have clients failover to the updated one, then upgrade the original broker.



来源:https://stackoverflow.com/questions/54671347/activemq-ssl-reload-truststore-with-out-restart-broker

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!