Securing Eclipse Amlen JMS client by using Java runtime environment global properties

You can configure secure connections for the Eclipse Amlen JMS client by using Java™ runtime environment (JRE) global properties. This configuration approach affects all outbound connections from the process.

The Eclipse Amlen JMS client uses the standard Java Secure Socket Extension (JSSE) that all supported JREs provide for making Transport Layer Security (TLS) connections. For information about JSSE, see the JSSE documentation. For information about configuring secure connections for Java EE clients that use the Eclipse Amlen resource adapter, see Transport Layer Security for the Eclipse Amlen resource adapter.

For an Eclipse Amlen JMS client connection factory that requires secure connections to Eclipse Amlen, you typically must set the following javax.net.ssl system properties:

-Djavax.net.ssl.keyStore=<keyfile_name>
-Djavax.net.ssl.keyStorePassword=<keyfile_password>
-Djavax.net.ssl.trustStore=<trustfile_name>
-Djavax.net.ssl.trustStorePassword=<trustfile_password>

You must keep in mind that these command line options can be visible to others. For this reason, you might not want to set your password parameters in this way. You can set some or all of these values programmatically by using the following sample code programmatic settings:

System.setProperty("javax.net.ssl.keyStore", "/path/to/keystore");
System.setProperty("javax.net.ssl.keyStorePassword", "keyStorePassword)";
System.setProperty("javax.net.ssl.trustStore", "/path/to/truststore");
System.setProperty("javax.net.ssl.trustStorePassword", "trustStorePassword");

If you set password parameters programmatically, the applications prompt users for passwords so that the passwords do not need to be passed on the command line.

  1. Obtain the necessary key and truststore files.
  2. Set the appropriate javax.net.ssl system properties.