After enforcing strict transport security in a server, it is also forcing https into port 8161 for activemq which of course makes it fail.
I followed this instructions to enable https on activemq console on port 8162 and it works:
http://activemq.apache.org/web-console.html
However this also fails because hsts enforces that the certificate be valid, meaning the same as the website and not a snakeoil certificate
How can I use the same form of configuration that I use for apache or postfix when configuring ssl? I have three files:
SSLCertificateFile file.crt
SSLCertificateKeyFile file.key
SSLCertificateChainFile bundle.crt
And I want to make activemq use those three files. I been looking around online keystore and a bunch of other things but they all take me in circles telling me how to generate keys, however I don't want to generate keys or certificates but use what I already have.
You will need to create a keystore from the files you have.
Combine the cert and private key into a .p12 file:
Convert the .p12 to a keystore:
Add the chain to the keystore:
You will be prompted to create passwords for the keystore. The password will also be needed in your ActiveMQ config referencing the keystore file.