stackoom
  简体   繁体   中英

JMS over SSL: Client starting STARTTLS but channel doesn't support SSL (WildFly 10)

 原文  2016-12-07 13:22:22       ssl/ ejb/ client/ wildfly-10/ activemq-artemis

Question

After upgrading from JBoss AS 7 to WildFLy 10, we experienced problems in the connection from a remote client, which acts as a JMS producer.

JMS over SSL: Client starting STARTTLS but channel doesn't support SSL

The server configuration was not meant to use SSL, and the client neither, but the client is trying to secure the channel, although we don't need it and we didn't change the client configuration that was working before.

Client context properties: 

java.naming.security.principal=pubclient
java.naming.security.credentials=xxxxxxxx
java.naming.provider.url=remote://server:4447
java.naming.factory.initial=org.jboss.naming.remote.client.InitialContextFactory
java.naming.factory.url.pkgs=org.jboss.ejb.client.naming
j2ee.clientName=pubadmin
jboss.naming.client.ejb.context=true
java.naming.security.principal=pubclient

Server config: 

    <subsystem xmlns="urn:jboss:domain:ejb3:4.0">
    ...
        <remote connector-ref="http-remoting-connector" thread-pool-name="default"/>
    ...
    <subsystem xmlns="urn:jboss:domain:remoting:3.0">
        <endpoint auth-realm="ApplicationRealm"/>
        <connector name="remoting-connector" socket-binding="remoting" security-realm="ApplicationRealm"/>
        <http-connector name="http-remoting-connector" connector-ref="default" security-realm="ApplicationRealm"/>
    </subsystem>
    ...

    <socket-binding-group name="standard-sockets" default-interface="public" port-offset="${jboss.socket.binding.port-offset:0}">
    ...
        <socket-binding name="remoting" port="4447"/>

Stack trace: 

javax.naming.CommunicationException: Failed to connect to any server. Servers tried: [remote://vspidid2:4447 (java.io.IOException: Client starting STARTTLS but channel doesn't support SSL)]
    at org.jboss.naming.remote.client.HaRemoteNamingStore.failOverSequence(HaRemoteNamingStore.java:244) ~[jboss-remote-naming-2.0.4.Final.jar:2.0.4.Final]
    at org.jboss.naming.remote.client.HaRemoteNamingStore.namingStore(HaRemoteNamingStore.java:149) ~[jboss-remote-naming-2.0.4.Final.jar:2.0.4.Final]
    at org.jboss.naming.remote.client.HaRemoteNamingStore.namingOperation(HaRemoteNamingStore.java:130) ~[jboss-remote-naming-2.0.4.Final.jar:2.0.4.Final]
    at org.jboss.naming.remote.client.HaRemoteNamingStore.lookup(HaRemoteNamingStore.java:272) ~[jboss-remote-naming-2.0.4.Final.jar:2.0.4.Final]
    at org.jboss.naming.remote.client.RemoteContext.lookupInternal(RemoteContext.java:104) ~[jboss-remote-naming-2.0.4.Final.jar:2.0.4.Final]
    at org.jboss.naming.remote.client.RemoteContext.lookup(RemoteContext.java:93) ~[jboss-remote-naming-2.0.4.Final.jar:2.0.4.Final]
    at org.jboss.naming.remote.client.RemoteContext.lookup(RemoteContext.java:146) ~[jboss-remote-naming-2.0.4.Final.jar:2.0.4.Final]
    at javax.naming.InitialContext.lookup(InitialContext.java:417) ~[na:1.8.0_111]
    at org.wipo.pct.pubadmin.core.oo.OoFactory4POJO.getConnectionFactory(OoFactory4POJO.java:135) ~[classes/:na]
    at org.wipo.pct.pubadmin.core.oo.OoFactory4POJO.createFormatter(OoFactory4POJO.java:68) ~[classes/:na]
    at org.wipo.pct.pubadmin.core.oo.OoFactory4POJO.createFormatter(OoFactory4POJO.java:1) ~[classes/:na]
    at org.wipo.pct.pubadmin.gui.TaskFrame$CreateResources.call(TaskFrame.java:160) ~[classes/:na]
    at org.wipo.pct.pubadmin.gui.TaskFrame$CreateResources.call(TaskFrame.java:1) ~[classes/:na]
    at org.wipo.pct.swing.FailsafeActionListener$1.doInBackground(FailsafeActionListener.java:52) ~[classes/:na]
    at javax.swing.SwingWorker$1.call(SwingWorker.java:295) ~[na:1.8.0_111]
    at java.util.concurrent.FutureTask.run(FutureTask.java:266) ~[na:1.8.0_111]
    at javax.swing.SwingWorker.run(SwingWorker.java:334) ~[na:1.8.0_111]
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) ~[na:1.8.0_111]
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) ~[na:1.8.0_111]
    at java.lang.Thread.run(Thread.java:745) ~[na:1.8.0_111]

1 answers

solution1
 0 ACCPTED  2016-12-07 13:23:19

We have workarounded the issue by disabling SSL on the remote, standalone client, by setting a the property jboss.naming.client.connect.options.org.xnio.Options.SSL_STARTTLS to false . 

jboss.naming.client.connect.options.org.xnio.Options.SSL_STARTTLS=false 
# jboss.naming.client.remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED=false

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question JMS over SSL on jBoss AS 7 Is starttls+smtp the same with SMTP over SSL? Support for LDAP over SSL MySQL - SSL is required but the server doesn't support it Authentication with STARTTLS and SSL/TLS AppCache doesn't work on IE over SSL sendgrid. SMTP-over-SSL, or SMTP+STARTTLS Client identification over SSL Client service doesn't respond to SSL CertificateRequest Disable ssl session resumption on wildfly 10
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM