You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@activemq.apache.org by "Timothy A. Bish (Jira)" <ji...@apache.org> on 2019/10/25 13:57:00 UTC
[jira] [Closed] (AMQ-7328) ActiveMQ truststore client.ts not
working
[ https://issues.apache.org/jira/browse/AMQ-7328?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Timothy A. Bish closed AMQ-7328.
--------------------------------
Resolution: Invalid
The is a configuration issue and not a bug report, please ask configuration questions on the users mailing list. http://activemq.apache.org/contact/#mailing
> ActiveMQ truststore client.ts not working
> -----------------------------------------
>
> Key: AMQ-7328
> URL: https://issues.apache.org/jira/browse/AMQ-7328
> Project: ActiveMQ
> Issue Type: Bug
> Components: Broker
> Affects Versions: 5.15.1
> Environment: Server - Ubuntu 16.0.4
> Applications: Talend, ActiveMQ 5.15.1, Karaf, CRM tools
> Client - Talend application
> Reporter: Naveen
> Priority: Blocker
>
> We have had our ActiveMQ truststore getting corrupted in our production server last week. So I replaced the truststore.ts file from a backup and imported the app servers .pfx certificates into it.
> Now, customers are unable to establish a connection to ActiveMQ server on 61616, getting SSL errors. I'm noticing below error in ActiveMQ.log file.
> | Reason: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake | org.apache.activemq.broker.TransportConnector | ActiveMQ BrokerService
> So I tried creating a new client.ts file by following below steps from your KB. But the issue persists. If I use the truststore.ts file on the client machine, I'm able to establish the connection successfully. Could you please help resolve this issue asap?
> *Using keytool, create a certificate for the broker:*
> keytool -genkey -alias broker -keyalg RSA -keystore broker.ks
> *Export the broker's certificate so it can be shared with clients:*
> keytool -export -alias broker -keystore broker.ks -file broker_cert
> *Create a certificate/keystore for the client:*
> keytool -genkey -alias client -keyalg RSA -keystore client.ks
> *Create a truststore for the client, and import the broker's certificate. This establishes that the client "trusts" the broker:*
> keytool -import -alias broker -keystore client.ts -file broker_cert
>
> Thanks,
> Naveen
--
This message was sent by Atlassian Jira
(v8.3.4#803005)