Table of Contents
This section guides through the process of configuring of Broker AMQP and non-AMQP ports.
The Broker Ports can be configured using the HTTP management interfaces.
The following Port managing operations are available from the Web Management Console:
A new Port can be created by clicking "Add Port" button on the Broker tab.
An existing Port details are displayed on the Port tab after clicking on Port name in the Broker object tree or after clicking on a Port row in the Ports grid on the Broker tab.
An existing Port can be edited by clicking on "Edit" button on the Port tab.
An existing Port can be deleted by clicking on "Delete Port" button on Broker tab or "Delete" button on the Port tab.
Three different types of ports can be created:
AMQP ports accepting connections for supported AMQP protocols.
HTTP ports accepting connections for HTTP and HTTPS (by selecting the SSL transport) and used by web management plugin.
JMX related ports supporting RMI and JMX_RMI protocols and used by JMX management plugin.
It is possible to create any number of HTTP and AMQP (supporting any mixture of AMQP versions) ports, however only two JMX-related ports can recommended to configure on the Broker: one with the RMI protocol for the RMI Registry to advertise the JMX Connector Server and another with the JMX_RMI protocol for the JMX Connector Server itself.
A configured Authentication Provider must be selected on ports using the AMQP, HTTP and JMX_RMI protocols.
SSL can be enabled forPorts with protocols that support it by selecting the 'SSL' transport, at which point a configured KeyStore must also be selected for the Port.
Client Certificate Authentication can be configured for AMQP ports. This requires selecting one or more configured TrustStores on the Port and setting the needClientAuthentication and wantClientAuthentication attributes as desired. They allow control of whether the client must present an SSL certificate, allowing for three possible states: required (needClientAuth = true), requested (wantClientAuth = true), or none desired (both false, the default). If both elements are set to true, needClientAuth takes precedence. When using Client Certificate Authentication it may be desirable to use the External Authentication Provider.