[
https://issues.apache.org/jira/browse/ARTEMIS-2794?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Aman Verma updated ARTEMIS-2794:
--------------------------------
Flags: Important
Description:
Hi Team,
I am getting below error while implementing HA over ssl enabled acceptors in
both master and slave.
Error Master:
----------------------------------------------------------------------------------------------
2020-06-07 15:03:33,800 WARN [org.apache.activemq.artemis.core.client]
AMQ212004: Failed to connect to server.
2020-06-07 15:03:39,820 INFO [org.apache.activemq.artemis.core.server]
AMQ221053: Disallowing use of vulnerable protocol 'SSLv2Hello' on acceptor
'artemis'. See
[http://www.oracle.com/technetwork/topics/security/poodlecve-2014-3566-2339408.html]
for more details.
This keep on repeating like anything in logs making CPU and JVM heap to go
high!
{{ERROR [org.apache.activemq.artemis.core.server] AMQ224088: *Timeout (10
seconds) while handshaking with ec2-35-153-67-214.compute-1.amazonaws.com:61616
has occurred.}}
{{}}
{{Master is not able to communicate to slave over ssl causing time out issue
where sslv2 protocol is being shared by slave which is not accepted by master.}}
1.Could you please help on why slave is sending sslv2 protocol if the same has
been deprecated by oracle JVM in JDK 7 onwards and we are using JDK 8 ?
2.When client connects(external) to broker then TLS protocol is provided in
transport settings from their side, then why for internal communication where
master and slave or cluster brokers have to share information SSLV2 is used
(which is again blocked by JVM installed saying unsecure protocol) - This is
strange where internal communication in a product is blocked while external is
working :)
-------------------------------------------------------------------------------
my broker xml' are attached below:
Any help will be much appreciated![^master_broker][^slave_broker]
was:
Hi Team,
I am getting below error while implementing HA over ssl enabled acceptors in
both master and slave.
Error Master:
----------------------------------------------------------------------------------------------
2020-06-07 15:03:33,800 WARN [org.apache.activemq.artemis.core.client]
AMQ212004: Failed to connect to server.
2020-06-07 15:03:39,820 INFO [org.apache.activemq.artemis.core.server]
AMQ221053: Disallowing use of vulnerable protocol 'SSLv2Hello' on acceptor
'artemis'. See
http://www.oracle.com/technetwork/topics/security/poodlecve-2014-3566-2339408.html
for more details.
This keep on repeating like anything in logs making CPU and JVM heap to go
high!
{{ERROR [org.apache.activemq.artemis.core.server] AMQ224088: *Timeout (10
seconds) while handshaking with ec2-35-153-67-214.compute-1.amazonaws.com:61616
has occurred.}}
{{}}
{{Master is not able to communicate to slave over ssl causing time out issue
where sslv2 protocol is being shared by slave which is not accepted by master.}}
1.Could you please help on why slave is sending sslv2 protocol is the same has
been deprecated by oracle JVM in JDK 7 onwards and we are using JDK 8 ?
2.When client connects(external) to broker then TLS protocol is provided in
transport settings from their side, then why for internal communication where
master and slave or cluster brokers have to share information SSLV2 is used
(which is again blocked by JVM installed saying unsecure protocol) - This is
strange where internal communication in a product is blocked while external is
working :)
-------------------------------------------------------------------------------
my broker xml' are attached below:
Any help will be much appreciated![^master_broker][^slave_broker]
Environment: Pre-prod,SIT
> Disallowing use of vulnerable protocol 'SSLv2Hello' on acceptor 'artemis' in
> redhat mq 7.6
> ------------------------------------------------------------------------------------------
>
> Key: ARTEMIS-2794
> URL: https://issues.apache.org/jira/browse/ARTEMIS-2794
> Project: ActiveMQ Artemis
> Issue Type: Bug
> Components: ActiveMQ-Artemis-Native, Broker, JMX, OpenWire
> Affects Versions: 2.11.0
> Environment: Pre-prod,SIT
> Reporter: Aman Verma
> Assignee: Clebert Suconic
> Priority: Blocker
> Fix For: 2.11.0
>
> Attachments: master_broker, slave_broker
>
>
> Hi Team,
> I am getting below error while implementing HA over ssl enabled acceptors in
> both master and slave.
> Error Master:
> ----------------------------------------------------------------------------------------------
> 2020-06-07 15:03:33,800 WARN [org.apache.activemq.artemis.core.client]
> AMQ212004: Failed to connect to server.
> 2020-06-07 15:03:39,820 INFO [org.apache.activemq.artemis.core.server]
> AMQ221053: Disallowing use of vulnerable protocol 'SSLv2Hello' on acceptor
> 'artemis'. See
> [http://www.oracle.com/technetwork/topics/security/poodlecve-2014-3566-2339408.html]
> for more details.
>
> This keep on repeating like anything in logs making CPU and JVM heap to go
> high!
> {{ERROR [org.apache.activemq.artemis.core.server] AMQ224088: *Timeout (10
> seconds) while handshaking with
> ec2-35-153-67-214.compute-1.amazonaws.com:61616 has occurred.}}
> {{}}
> {{Master is not able to communicate to slave over ssl causing time out issue
> where sslv2 protocol is being shared by slave which is not accepted by
> master.}}
>
> 1.Could you please help on why slave is sending sslv2 protocol if the same
> has been deprecated by oracle JVM in JDK 7 onwards and we are using JDK 8 ?
>
> 2.When client connects(external) to broker then TLS protocol is provided in
> transport settings from their side, then why for internal communication where
> master and slave or cluster brokers have to share information SSLV2 is used
> (which is again blocked by JVM installed saying unsecure protocol) - This is
> strange where internal communication in a product is blocked while external
> is working :)
> -------------------------------------------------------------------------------
> my broker xml' are attached below:
>
> Any help will be much appreciated![^master_broker][^slave_broker]
>
>
>
>
>
>
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
