[jira] [Closed] (AMQ-7328) ActiveMQ truststore client.ts not working

Fri, 25 Oct 2019 06:57:14 -0700 


     [ 
https://issues.apache.org/jira/browse/AMQ-7328?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Timothy A. Bish closed AMQ-7328.
--------------------------------
    Resolution: Invalid

The is a configuration issue and not a bug report, please ask configuration 
questions on the users mailing list.  
http://activemq.apache.org/contact/#mailing

> ActiveMQ truststore client.ts not working
> -----------------------------------------
>
>                 Key: AMQ-7328
>                 URL: https://issues.apache.org/jira/browse/AMQ-7328
>             Project: ActiveMQ
>          Issue Type: Bug
>          Components: Broker
>    Affects Versions: 5.15.1
>         Environment: Server - Ubuntu 16.0.4 
> Applications: Talend, ActiveMQ 5.15.1, Karaf, CRM tools
> Client - Talend application
>            Reporter: Naveen
>            Priority: Blocker
>
> We have had our ActiveMQ truststore getting corrupted in our production 
> server last week. So I replaced the truststore.ts file from a backup and 
> imported the app servers .pfx certificates into it. 
> Now, customers are unable to establish a connection to ActiveMQ server on 
> 61616, getting SSL errors. I'm noticing below error in ActiveMQ.log file.
> | Reason: javax.net.ssl.SSLHandshakeException: Remote host closed connection 
> during handshake | org.apache.activemq.broker.TransportConnector | ActiveMQ 
> BrokerService
> So I tried creating a new client.ts file by following below steps from your 
> KB. But the issue persists. If I use the truststore.ts file on the client 
> machine, I'm able to establish the connection successfully. Could you please 
> help resolve this issue asap? 
> *Using keytool, create a certificate for the broker:*
> keytool -genkey -alias broker -keyalg RSA -keystore broker.ks
> *Export the broker's certificate so it can be shared with clients:*
> keytool -export -alias broker -keystore broker.ks -file broker_cert
> *Create a certificate/keystore for the client:*
> keytool -genkey -alias client -keyalg RSA -keystore client.ks
> *Create a truststore for the client, and import the broker's certificate. 
> This establishes that the client "trusts" the broker:*
> keytool -import -alias broker -keystore client.ts -file broker_cert
>  
> Thanks,
> Naveen



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Reply via email to