The Qpid broker can make use of the Sun Java Management Extensions to provide encryption of the JMX connection.
Download and Install
This is possible by adding the jmxremote_optional.jar as provided by Sun. Download
Once this jar has been added to the broker classpath then the configuration option can be enabled.
Configuring
To enabled this security option change the security-enabled value in your broker configuration file.
<management> <security-enabled>true</security-enabled> </management>
Qpid Management console.
To utilise the new secure connection with the Qpid Management console there are two steps:
- Add jmxremote_optional.jar the classpath
- Add -Dsecurity=CRAM-MD5 to the start command in the relevant qpidmc script.
JConsole
NOTE: This has not be validated but technically should work fine.
JConsole can also be configured to talk to the broker. Again by adding the jmxremote_optional jar to the classpath.
jconsole -J-Djava.class.path=JAVA_HOME/lib/jconsole.jar:JAVA_HOME/lib/tools.jar:jmxremote_optional.jar
For further details see Sun's JConsole guide
Then specify your server url address in the jconsole connecting window to use jmxmp:
service:jmx:jmxmp://<server>:<managment port>