Atomikos Forum

AtomikosConnectionFactoryBean fails to connect to SSL

<bean id="mappings"
        class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
        <property name="properties">
            <value>
                jms.url.secure=ssl://localhost:61617
                jms.url.nonsecure=nio://localhost:61616
                jms.username=admin
                jms.password=admin
                jms.keyStorePassword=123456
                jms.trustStorePassword=123456
                jms.queue.request=queue.request
                jms.queue.response=queue.response
                test_messages.num=3
            </value>
        </property>
        <property name="systemPropertiesModeName" value="SYSTEM_PROPERTIES_MODE_OVERRIDE" />
    </bean>

    <amq:broker id="broker" brokerName="broker" useJmx="true"
        persistent="false" useShutdownHook="false">

        <amq:plugins>
            <amq:simpleAuthenticationPlugin>
                <amq:users>
                    <amq:authenticationUser username="${jms.username}"
                        password="${jms.password}" groups="admins,publishers,consumers" />
                </amq:users>
            </amq:simpleAuthenticationPlugin>
        </amq:plugins>

        <amq:managementContext>
            <amq:managementContext createConnector="true" />
        </amq:managementContext>

        <amq:sslContext>
            <amq:sslContext keyStore="${activemq.conf}/broker.ks"
                keyStorePassword="${jms.keyStorePassword}" trustStore="${activemq.conf}/broker.ks"
                trustStorePassword="${jms.trustStorePassword}" />
        </amq:sslContext>

        <!--amq:networkConnectors> <amq:networkConnector uri="multicast://default"
            /> </amq:networkConnectors -->

        <amq:transportConnectors>
            <amq:transportConnector
                uri="${jms.url.secure}?needClientAuth=true&amp;trace=true" discoveryUri="multicast://default"></amq:transportConnector>
            <amq:transportConnector uri="${jms.url.nonsecure}?trace=true"
                discoveryUri="multicast://default"></amq:transportConnector>
        </amq:transportConnectors>
    </amq:broker>

    <bean id="jmsXaFactory" class="org.apache.activemq.ActiveMQXAConnectionFactory">
        <property name="brokerURL" value="${jms.url.secure}?jms.watchTopicAdvisories=false" />
        <property name="userName" value="${jms.username}" />
        <property name="password" value="${jms.password}" />
    </bean>

    <bean id="atomikosConnectionFactory" class="com.atomikos.jms.AtomikosConnectionFactoryBean"
        init-method="init">
        <property name="uniqueResourceName" value="XAactiveMQ" />
        <property name="xaConnectionFactory" ref="jmsXaFactory" />
        <property name="minPoolSize" value="10" />
        <property name="maxPoolSize" value="40" />
        <property name="maxIdleTime" value="120" />
    </bean>
AndriyKalashnykov Send private email
Monday, September 09, 2013
 
 
Error message:

WARN  [vmp-mq-test] [ActiveMQ Transport: ssl:///127.0.0.1:51778] [org.apache.activemq.broker.TransportConnection.Transport] - Transport Connection to: tcp://127.0.0.1:51778 failed: javax.net.ssl.SSLException: Connection has been shutdown: javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown

ERROR [vmp-mq-test] [ActiveMQ BrokerService[broker] Task-1] [org.apache.activemq.broker.TransportConnector] - Could not accept connection from tcp://127.0.0.1:51778: javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown

DEBUG [vmp-mq-test] [main] [com.atomikos.datasource.pool.ConnectionPool] - atomikos connection pool 'XAactiveMQ': could not establish initial connection

com.atomikos.datasource.pool.CreateConnectionException: error creating JMS connection
        at com.atomikos.jms.AtomikosJmsXAConnectionFactory.createPooledConnection(AtomikosJmsXAConnectionFactory.java:61) ~[transactions-jms-3.9.0.M1.jar:na]


Caused by: javax.jms.JMSException: Could not connect to broker URL: ssl://localhost:61617. Reason: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
AndriyKalashnykov Send private email
Monday, September 09, 2013
 
 
What makes you think this is an Atomikos issue? It looks like your SSL is using client authentication and the server does not find the certificate for the client.

You could try to disable client authentication...

HTH
Guy Pardon Send private email
Saturday, September 21, 2013
 
 

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics