Hi Aaron, Sorry to hear you are having trouble with this. Can you connect to the JMS server using non-Apache NiFi tools, such as OpenSSL s_client? Verifying that the JMS server accepts TLS communications is your first debugging step. Once you have verified that, we can try to isolate the issue in NiFi. My preliminary list of possible issues is:
* NiFi is not pointing at the correct truststore to verify the JMS certificate containing its public key * the certificate is invalid (expired, incorrect hostname, CN/SAN mismatch, EKU, etc.) * the TLS protocol versions are incompatible (no matching cipher suites, etc.) * a bug in NiFi code * a bug in JMS broker code in Spring Framework If possible, please provide an exported template of your flow — sensitive configuration values will be removed on template export — and the complete stacktrace in context (the full app log is very useful if you can sanitize it to your level of comfort). Thanks. Andy LoPresto [email protected] [email protected] PGP Fingerprint: 70EC B3E5 98A6 5A3F D3C4 BACE 3C6E F65B 2F7D EF69 > On Aug 15, 2017, at 12:00 PM, Aaron Reed <[email protected]> wrote: > > Hello NiFi Developers, > > I am currently trying to successfully configure a publishJMS processor > using NiFi version 1.1.2. The error message I am facing is the following: > "org.springframework.jms.JmsSecurityException: Can not initialize SSL > client: no trusted certificates are set; nested exception is > javax.jms.JMSSecurityException: Can not initialize SSL client: no trusted > certificates are set." Then a stack trace including the following appears > in the logs: > > at > org.springframework.jms.support.JmsUtils.convertJmsAccessException(JmsUtils.java:291) > at > org.springframework.jms.support.JmsAccessor.convertJmsAccessException(JmsAccessor.java:169) > at org.springframework.jms.core.JmsTemplate.execute(JmsTemplate.java:497) > at org.springframework.jms.core.JmsTemplate.send(JmsTemplate.java:580) > at > org.springframework.jms.processors.JMSPublisher.publish(JMSPublisher.java:78) > at > org.springframework.jms.processors.PublishJMS.rendezousWithJms(PublishJMS.java:102) > at > org.springframework.jms.AbstractJMSProcessor.onTrigger(AbstractJMSProcessor.java:136) > at org.springframework.jms.PublishJMS.onTrigger(PublishJMS.java:55) > > I have both used an SSL Context Service, specifying a trust store > certificate and password and not provided any SSL Context Service property, > but still receive the same error message. > > Would you be able to provide any possible suggestions and solutions as to > why this SSL JMSSecurityException is occurring? > > Any assistance would be greatly appreciated. > > Sincerely, > > Aaron Reed
signature.asc
Description: Message signed with OpenPGP using GPGMail
