openssl ca activemq

openssl genrsa -out ca.key 2048 

openssl req -x509 -new -nodes -key ca.key -subj "/CN=ca.anyec.cn/OU=ca.anyec.cn/O=anyec.cn/ST=HuBei/L=WuHan/C=CN" -days 36500 -out ca.cert

openssl pkcs12 -export -clcerts -name ca -inkey ca.key -in ca.cer -out ca.p12

 

==============ca======

keytool -importkeystore -srckeystore ca.p12 -destkeystore ca.jks -srcstoretype pkcs12

keytool -importkeystore -srckeystore ca.jks -destkeystore ca.jks -deststoretype pkcs12

 

 

==========cloud =========

openssl genrsa -out cloud.key 2048 

openssl req -new -key cloud.key -out cloud.csr -config cloud.conf -subj "/C=CN/ST=HuBei/L=WuHan/O=anyec.cn/OU=cloud.anyec.cn/CN=cloud.anyec.cn"

 

::openssl x509 -req -in cloud.csr -CA ca.cert -CAkey ca.key -CAcreateserial -out cloud.cert -days 3650 -extensions v3_req

 

openssl ca -in cloud.csr -out cloud.cer  -days 3650 -config openssl.cnf

 

 

openssl x509 -in cloud.cer -inform der -out cloud.cer.pem

openssl pkcs12 -export -clcerts -name cloud -inkey cloud.key -in cloud.cer -out cloud.p12

 

::keytool -delete -alias cloud -keystore cloud.p12 -storetype PKCS12 -storepass ''

::keytool -import -alias cloud -file cloud.cert -keystore cloud.p12 -storetype PKCS12 -storepass ''

 

::keytool -import -noprompt -file cloud.cert  -keystore cloud.jks -storepass 123456

::openssl pkcs12 -export -clcerts -name cloud -inkey cloud.key -in cloud.cer -out cloud.jks

 

keytool -importkeystore  -srckeystore cloud.p12 -destkeystore cloud.jks -destalias cloud 

 

 

========mqtt client==========

 

openssl genrsa -out mqtt.key 2048 

openssl req -new -key mqtt.key -out mqtt.csr -config mqtt.conf -subj "/C=CN/ST=HuBei/L=WuHan/O=anyec.cn/OU=mqtt.anyec.cn/CN=mqtt.anyec.cn"

 

::openssl x509 -req -in mqtt.csr -CA ca.cert -CAkey ca.key -CAcreateserial -out mqtt.cert -days 3650 -extensions v3_req

 

openssl ca -in mqtt.csr -out mqtt.cer  -days 3650 -config openssl.cnf

 

 

openssl x509 -in mqtt.cer -inform der -out mqtt.cer.pem

openssl pkcs12 -export -clcerts -name mqtt -inkey mqtt.key -in mqtt.cer -out mqtt.p12

 

 

keytool -importkeystore  -srckeystore mqtt.p12 -destkeystore mqtt.jks -destalias mqtt 

 

keytool  -importcert -trustcacerts   -alias ca -file ca.cer -keystore truststore2.ts

keytool  -importcert -trustcacerts   -alias cloud -file cloud.cer -keystore truststore2.ts

keytool  -importcert -trustcacerts   -alias mqtt -file mqtt.cer -keystore truststore2.ts

==========activemq mqtt========

<sslContext>

<sslContext keyStore="file:${activemq.base}/conf/cert/cloud.jks"

keyStorePassword="123456"

trustStore="file:${activemq.base}/conf/cert/truststore.ts"

trustStorePassword="123456"

/>

 

<transportConnector name="mqtt+ssl" uri="mqtt+ssl://0.0.0.0:1883?maximumConnections=30000&amp;wireFormat.maxFrameSize=204857600"/>