The Embedded ActiveMQ settings enable you to configure settings for the Apache ActiveMQ messaging broker that is embedded in each API Gateway instance. You can also configure multiple embedded ActiveMQ brokers to work together as a network of brokers in a group of API Gateway instances. For more details on Apache ActiveMQ, see http://activemq.apache.org/.
To configure Embedded ActiveMQ settings, select the Server Settings node in the Policy Studio tree, and click Messaging > Embedded ActiveMQ. Alternatively, in the Policy Studio main menu, select Tasks > Manage Gateway Settings > Messaging > Embedded ActiveMQ. To apply updates to these settings, click Apply changes at the bottom right of the screen.
Configure the following ActiveMQ messaging settings:
Enable Embedded ActiveMQ Broker:
Specifies whether to enable starting up the ActiveMQ broker that is embedded in the API Gateway instance. This is not selected by default.
Address:
Specifies the IP address used to open a listening socket for incoming ActiveMQ connections.
Defaults to 0.0.0.0, which specifies that all interface addresses should be used.
Port:
Specifies the TCP port for incoming ActiveMQ connections. Defaults to ${env.BROKER.PORT},
which enables the port number to be environmentalized. This means that the port number is specified
in the envSettings.props file on a per-server basis. For more details, see the
Deployment and Promotion Guide. Alternatively, you can enter the port number
directly in this field (for example, 61616).
Shared Directory:
Specifies the location of the shared directory in your environment that is used by multiple
embedded ActiveMQ brokers. This setting is required, and must be configured for high availability
and failover. Defaults to <install-dir>/messaging-shared.
Configure the following settings to secure the communication between multiple embedded ActiveMQ brokers:
Enable SSL:
Specifies whether to use Secure Sockets Layer (SSL) to secure the communication between ActiveMQ brokers.
Server Cert:
When Enable SSL is set, click to select the server certificate with a private key that is used for SSL communication between ActiveMQ brokers. For details on importing certificates into the certificate store, see Manage certificates and keys.
Require Client Certificates:
When Enable SSL is set, specifies whether to require client certificates for client SSL authentication. For example, for mutual (two-way) SSL communication, you must trust the issuer of the client certificate by importing the client certificate issuer into the certificate store. For details on importing certificates, see Manage certificates and keys.
When Require client certificates is selected, you can then select the root certificate authorities that are trusted for mutual (two-way) SSL communication between ActiveMQ brokers. For details on importing certificates into the API Gateway certificate store, see Manage certificates and keys.
Configure the following to specify authentication settings between multiple embedded ActiveMQ brokers:
Authenticate broker and client connections with the following policy:
When username/password credentials are provided for inter-broker communication, they are delegated to the selected policy for authentication. By default, no policy is selected. To select a policy, click the button on the right, and select a pre-configured policy in the dialog.
Username:
Specifies the username credential when connecting to other ActiveMQ brokers.
Password:
Specifies the password credential when connecting to other ActiveMQ brokers.
Communicate with brokers in the same group:
Every API Gateway instance belongs to a group. This setting specifies whether to communicate only with ActiveMQ brokers in the same API Gateway group. This is the default setting.
Or brokers outside the group registered with the following alias:
Specifies an alias name used to communicate with other ActiveMQ brokers registered with the same alias. This setting enables communication with ActiveMQ brokers that belong to different API Gateway groups.
