[jira] [Work logged] (ARTEMIS-4744) AMQP broker connections don't fully support multi host URIs
[ https://issues.apache.org/jira/browse/ARTEMIS-4744?focusedWorklogId=916476&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-916476 ] ASF GitHub Bot logged work on ARTEMIS-4744: --- Author: ASF GitHub Bot Created on: 25/Apr/24 17:29 Start Date: 25/Apr/24 17:29 Worklog Time Spent: 10m Work Description: gemmellr merged PR #4906: URL: https://github.com/apache/activemq-artemis/pull/4906 Issue Time Tracking --- Worklog Id: (was: 916476) Time Spent: 1h 20m (was: 1h 10m) > AMQP broker connections don't fully support multi host URIs > --- > > Key: ARTEMIS-4744 > URL: https://issues.apache.org/jira/browse/ARTEMIS-4744 > Project: ActiveMQ Artemis > Issue Type: Bug > Components: AMQP >Affects Versions: 2.33.0 >Reporter: Timothy A. Bish >Assignee: Timothy A. Bish >Priority: Major > Fix For: 2.34.0 > > Time Spent: 1h 20m > Remaining Estimate: 0h > > When configuring a multi host connection URI for an AMQP broker connection > the connection will utilize some but not all of the configuration. The > broker will attempt connection to each host and port part specific on the URI > but does not apply configuration specific to a given host. This can lead to > failure on connect due to using the TLS configuration from the first host > when attempting to connect to the following N hosts. Users need to be able > to configure TLS specific options per host as values such as host > verification, SNI and trust stores can vary amongst hosts. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Work logged] (ARTEMIS-4744) AMQP broker connections don't fully support multi host URIs
[
https://issues.apache.org/jira/browse/ARTEMIS-4744?focusedWorklogId=916473&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-916473
]
ASF GitHub Bot logged work on ARTEMIS-4744:
---
Author: ASF GitHub Bot
Created on: 25/Apr/24 17:25
Start Date: 25/Apr/24 17:25
Worklog Time Spent: 10m
Work Description: gemmellr commented on code in PR #4906:
URL: https://github.com/apache/activemq-artemis/pull/4906#discussion_r1579867663
##
tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/amqp/connect/AMQPConnectSaslTest.java:
##
@@ -214,4 +216,186 @@ private void doConnectWithExternalTestImpl(boolean
requireClientCert) throws Exc
peer.waitForScriptToComplete(5, TimeUnit.SECONDS);
}
}
+
+ @Test(timeout = 20_000)
+ public void testReconnectConnectsWithVerifyHostOffOnSecondURI() throws
Exception {
+ final String keyStorePath =
this.getClass().getClassLoader().getResource(UNKNOWN_SERVER_KEYSTORE_NAME).getFile();
+
+ ProtonTestServerOptions server1Options = new ProtonTestServerOptions();
+ server1Options.setSecure(true);
+ server1Options.setKeyStoreLocation(keyStorePath);
+ server1Options.setKeyStorePassword(SERVER_KEYSTORE_PASSWORD);
+ server1Options.setVerifyHost(false);
+
+ ProtonTestServerOptions server2Options = new ProtonTestServerOptions();
+ server2Options.setSecure(true);
+ server2Options.setKeyStoreLocation(keyStorePath);
+ server2Options.setKeyStorePassword(SERVER_KEYSTORE_PASSWORD);
+ server2Options.setVerifyHost(false);
+
+ try (ProtonTestServer firstPeer = new ProtonTestServer(server1Options);
+ ProtonTestServer secondPeer = new ProtonTestServer(server2Options))
{
+
+ firstPeer.expectConnectionToDrop();
+ firstPeer.start();
+
+ secondPeer.expectSASLHeader().respondWithSASLHeader();
+ secondPeer.remoteSaslMechanisms().withMechanisms(EXTERNAL,
PLAIN).queue();
+
secondPeer.expectSaslInit().withMechanism(PLAIN).withInitialResponse(secondPeer.saslPlainInitialResponse(USER,
PASSWD));
+ secondPeer.remoteSaslOutcome().withCode(SaslCode.OK).queue();
+ secondPeer.expectAMQPHeader().respondWithAMQPHeader();
+ secondPeer.expectOpen().respond();
+ secondPeer.expectBegin().respond();
+ secondPeer.start();
+
+ final URI firstPeerURI = firstPeer.getServerURI();
+ logger.debug("Connect test started, first peer listening on: {}",
firstPeerURI);
+
+ final URI secondPeerURI = secondPeer.getServerURI();
+ logger.debug("Connect test started, second peer listening on: {}",
secondPeerURI);
+
+ // First connection fails because we use a server certificate with
whose common name
+ // doesn't match the host, second connection should work as we
disable host verification
+ String amqpServerConnectionURI =
+"(tcp://localhost:" + firstPeerURI.getPort() + "?verifyHost=true" +
+",tcp://localhost:" + secondPeerURI.getPort() +
"?verifyHost=false)" +
+ "?sslEnabled=true;trustStorePath=" + SERVER_TRUSTSTORE_NAME +
+ ";trustStorePassword=" + SERVER_TRUSTSTORE_PASSWORD;
Review Comment:
I have been fine with updating the docs to match the previous tests. Just
seemed rather off for the 2 to dramatically differ is all :)
Issue Time Tracking
---
Worklog Id: (was: 916473)
Time Spent: 1h 10m (was: 1h)
> AMQP broker connections don't fully support multi host URIs
> ---
>
> Key: ARTEMIS-4744
> URL: https://issues.apache.org/jira/browse/ARTEMIS-4744
> Project: ActiveMQ Artemis
> Issue Type: Bug
> Components: AMQP
>Affects Versions: 2.33.0
>Reporter: Timothy A. Bish
>Assignee: Timothy A. Bish
>Priority: Major
> Fix For: 2.34.0
>
> Time Spent: 1h 10m
> Remaining Estimate: 0h
>
> When configuring a multi host connection URI for an AMQP broker connection
> the connection will utilize some but not all of the configuration. The
> broker will attempt connection to each host and port part specific on the URI
> but does not apply configuration specific to a given host. This can lead to
> failure on connect due to using the TLS configuration from the first host
> when attempting to connect to the following N hosts. Users need to be able
> to configure TLS specific options per host as values such as host
> verification, SNI and trust stores can vary amongst hosts.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Work logged] (ARTEMIS-4744) AMQP broker connections don't fully support multi host URIs
[
https://issues.apache.org/jira/browse/ARTEMIS-4744?focusedWorklogId=916456&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-916456
]
ASF GitHub Bot logged work on ARTEMIS-4744:
---
Author: ASF GitHub Bot
Created on: 25/Apr/24 17:02
Start Date: 25/Apr/24 17:02
Worklog Time Spent: 10m
Work Description: tabish121 commented on code in PR #4906:
URL: https://github.com/apache/activemq-artemis/pull/4906#discussion_r1579840786
##
tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/amqp/connect/AMQPConnectSaslTest.java:
##
@@ -214,4 +216,186 @@ private void doConnectWithExternalTestImpl(boolean
requireClientCert) throws Exc
peer.waitForScriptToComplete(5, TimeUnit.SECONDS);
}
}
+
+ @Test(timeout = 20_000)
+ public void testReconnectConnectsWithVerifyHostOffOnSecondURI() throws
Exception {
+ final String keyStorePath =
this.getClass().getClassLoader().getResource(UNKNOWN_SERVER_KEYSTORE_NAME).getFile();
+
+ ProtonTestServerOptions server1Options = new ProtonTestServerOptions();
+ server1Options.setSecure(true);
+ server1Options.setKeyStoreLocation(keyStorePath);
+ server1Options.setKeyStorePassword(SERVER_KEYSTORE_PASSWORD);
+ server1Options.setVerifyHost(false);
+
+ ProtonTestServerOptions server2Options = new ProtonTestServerOptions();
+ server2Options.setSecure(true);
+ server2Options.setKeyStoreLocation(keyStorePath);
+ server2Options.setKeyStorePassword(SERVER_KEYSTORE_PASSWORD);
+ server2Options.setVerifyHost(false);
+
+ try (ProtonTestServer firstPeer = new ProtonTestServer(server1Options);
+ ProtonTestServer secondPeer = new ProtonTestServer(server2Options))
{
+
+ firstPeer.expectConnectionToDrop();
+ firstPeer.start();
+
+ secondPeer.expectSASLHeader().respondWithSASLHeader();
+ secondPeer.remoteSaslMechanisms().withMechanisms(EXTERNAL,
PLAIN).queue();
+
secondPeer.expectSaslInit().withMechanism(PLAIN).withInitialResponse(secondPeer.saslPlainInitialResponse(USER,
PASSWD));
+ secondPeer.remoteSaslOutcome().withCode(SaslCode.OK).queue();
+ secondPeer.expectAMQPHeader().respondWithAMQPHeader();
+ secondPeer.expectOpen().respond();
+ secondPeer.expectBegin().respond();
+ secondPeer.start();
+
+ final URI firstPeerURI = firstPeer.getServerURI();
+ logger.debug("Connect test started, first peer listening on: {}",
firstPeerURI);
+
+ final URI secondPeerURI = secondPeer.getServerURI();
+ logger.debug("Connect test started, second peer listening on: {}",
secondPeerURI);
+
+ // First connection fails because we use a server certificate with
whose common name
+ // doesn't match the host, second connection should work as we
disable host verification
+ String amqpServerConnectionURI =
+"(tcp://localhost:" + firstPeerURI.getPort() + "?verifyHost=true" +
+",tcp://localhost:" + secondPeerURI.getPort() +
"?verifyHost=false)" +
+ "?sslEnabled=true;trustStorePath=" + SERVER_TRUSTSTORE_NAME +
+ ";trustStorePassword=" + SERVER_TRUSTSTORE_PASSWORD;
Review Comment:
I think I have figured out the fragment style URI it wants and have updated
the tests so it should match the broker connection documentation (although that
is the least obvious format).
Issue Time Tracking
---
Worklog Id: (was: 916456)
Time Spent: 1h (was: 50m)
> AMQP broker connections don't fully support multi host URIs
> ---
>
> Key: ARTEMIS-4744
> URL: https://issues.apache.org/jira/browse/ARTEMIS-4744
> Project: ActiveMQ Artemis
> Issue Type: Bug
> Components: AMQP
>Affects Versions: 2.33.0
>Reporter: Timothy A. Bish
>Assignee: Timothy A. Bish
>Priority: Major
> Fix For: 2.34.0
>
> Time Spent: 1h
> Remaining Estimate: 0h
>
> When configuring a multi host connection URI for an AMQP broker connection
> the connection will utilize some but not all of the configuration. The
> broker will attempt connection to each host and port part specific on the URI
> but does not apply configuration specific to a given host. This can lead to
> failure on connect due to using the TLS configuration from the first host
> when attempting to connect to the following N hosts. Users need to be able
> to configure TLS specific options per host as values such as host
> verification, SNI and trust stores can vary amongst hosts.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Work logged] (ARTEMIS-4744) AMQP broker connections don't fully support multi host URIs
[
https://issues.apache.org/jira/browse/ARTEMIS-4744?focusedWorklogId=916440&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-916440
]
ASF GitHub Bot logged work on ARTEMIS-4744:
---
Author: ASF GitHub Bot
Created on: 25/Apr/24 16:19
Start Date: 25/Apr/24 16:19
Worklog Time Spent: 10m
Work Description: tabish121 commented on code in PR #4906:
URL: https://github.com/apache/activemq-artemis/pull/4906#discussion_r1579781176
##
tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/amqp/connect/AMQPConnectSaslTest.java:
##
@@ -214,4 +216,186 @@ private void doConnectWithExternalTestImpl(boolean
requireClientCert) throws Exc
peer.waitForScriptToComplete(5, TimeUnit.SECONDS);
}
}
+
+ @Test(timeout = 20_000)
+ public void testReconnectConnectsWithVerifyHostOffOnSecondURI() throws
Exception {
+ final String keyStorePath =
this.getClass().getClassLoader().getResource(UNKNOWN_SERVER_KEYSTORE_NAME).getFile();
+
+ ProtonTestServerOptions server1Options = new ProtonTestServerOptions();
+ server1Options.setSecure(true);
+ server1Options.setKeyStoreLocation(keyStorePath);
+ server1Options.setKeyStorePassword(SERVER_KEYSTORE_PASSWORD);
+ server1Options.setVerifyHost(false);
+
+ ProtonTestServerOptions server2Options = new ProtonTestServerOptions();
+ server2Options.setSecure(true);
+ server2Options.setKeyStoreLocation(keyStorePath);
+ server2Options.setKeyStorePassword(SERVER_KEYSTORE_PASSWORD);
+ server2Options.setVerifyHost(false);
+
+ try (ProtonTestServer firstPeer = new ProtonTestServer(server1Options);
+ ProtonTestServer secondPeer = new ProtonTestServer(server2Options))
{
+
+ firstPeer.expectConnectionToDrop();
+ firstPeer.start();
+
+ secondPeer.expectSASLHeader().respondWithSASLHeader();
+ secondPeer.remoteSaslMechanisms().withMechanisms(EXTERNAL,
PLAIN).queue();
+
secondPeer.expectSaslInit().withMechanism(PLAIN).withInitialResponse(secondPeer.saslPlainInitialResponse(USER,
PASSWD));
+ secondPeer.remoteSaslOutcome().withCode(SaslCode.OK).queue();
+ secondPeer.expectAMQPHeader().respondWithAMQPHeader();
+ secondPeer.expectOpen().respond();
+ secondPeer.expectBegin().respond();
+ secondPeer.start();
+
+ final URI firstPeerURI = firstPeer.getServerURI();
+ logger.debug("Connect test started, first peer listening on: {}",
firstPeerURI);
+
+ final URI secondPeerURI = secondPeer.getServerURI();
+ logger.debug("Connect test started, second peer listening on: {}",
secondPeerURI);
+
+ // First connection fails because we use a server certificate with
whose common name
+ // doesn't match the host, second connection should work as we
disable host verification
+ String amqpServerConnectionURI =
+"(tcp://localhost:" + firstPeerURI.getPort() + "?verifyHost=true" +
+",tcp://localhost:" + secondPeerURI.getPort() +
"?verifyHost=false)" +
+ "?sslEnabled=true;trustStorePath=" + SERVER_TRUSTSTORE_NAME +
+ ";trustStorePassword=" + SERVER_TRUSTSTORE_PASSWORD;
Review Comment:
I cannot make it work using a '#' and I've based what I've used on other
code I cam across elsewhere. If someone that can understand how the parser is
supposed to work wants to document it further that'd be great but I am not that
person.
Issue Time Tracking
---
Worklog Id: (was: 916440)
Time Spent: 50m (was: 40m)
> AMQP broker connections don't fully support multi host URIs
> ---
>
> Key: ARTEMIS-4744
> URL: https://issues.apache.org/jira/browse/ARTEMIS-4744
> Project: ActiveMQ Artemis
> Issue Type: Bug
> Components: AMQP
>Affects Versions: 2.33.0
>Reporter: Timothy A. Bish
>Assignee: Timothy A. Bish
>Priority: Major
> Fix For: 2.34.0
>
> Time Spent: 50m
> Remaining Estimate: 0h
>
> When configuring a multi host connection URI for an AMQP broker connection
> the connection will utilize some but not all of the configuration. The
> broker will attempt connection to each host and port part specific on the URI
> but does not apply configuration specific to a given host. This can lead to
> failure on connect due to using the TLS configuration from the first host
> when attempting to connect to the following N hosts. Users need to be able
> to configure TLS specific options per host as values such as host
> verification, SNI and trust stores can vary amongst hosts.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Work logged] (ARTEMIS-4744) AMQP broker connections don't fully support multi host URIs
[
https://issues.apache.org/jira/browse/ARTEMIS-4744?focusedWorklogId=916436&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-916436
]
ASF GitHub Bot logged work on ARTEMIS-4744:
---
Author: ASF GitHub Bot
Created on: 25/Apr/24 15:59
Start Date: 25/Apr/24 15:59
Worklog Time Spent: 10m
Work Description: gemmellr commented on code in PR #4906:
URL: https://github.com/apache/activemq-artemis/pull/4906#discussion_r1579751853
##
tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/amqp/connect/AMQPConnectSaslTest.java:
##
@@ -214,4 +216,186 @@ private void doConnectWithExternalTestImpl(boolean
requireClientCert) throws Exc
peer.waitForScriptToComplete(5, TimeUnit.SECONDS);
}
}
+
+ @Test(timeout = 20_000)
+ public void testReconnectConnectsWithVerifyHostOffOnSecondURI() throws
Exception {
+ final String keyStorePath =
this.getClass().getClassLoader().getResource(UNKNOWN_SERVER_KEYSTORE_NAME).getFile();
+
+ ProtonTestServerOptions server1Options = new ProtonTestServerOptions();
+ server1Options.setSecure(true);
+ server1Options.setKeyStoreLocation(keyStorePath);
+ server1Options.setKeyStorePassword(SERVER_KEYSTORE_PASSWORD);
+ server1Options.setVerifyHost(false);
+
+ ProtonTestServerOptions server2Options = new ProtonTestServerOptions();
+ server2Options.setSecure(true);
+ server2Options.setKeyStoreLocation(keyStorePath);
+ server2Options.setKeyStorePassword(SERVER_KEYSTORE_PASSWORD);
+ server2Options.setVerifyHost(false);
+
+ try (ProtonTestServer firstPeer = new ProtonTestServer(server1Options);
+ ProtonTestServer secondPeer = new ProtonTestServer(server2Options))
{
+
+ firstPeer.expectConnectionToDrop();
+ firstPeer.start();
+
+ secondPeer.expectSASLHeader().respondWithSASLHeader();
+ secondPeer.remoteSaslMechanisms().withMechanisms(EXTERNAL,
PLAIN).queue();
+
secondPeer.expectSaslInit().withMechanism(PLAIN).withInitialResponse(secondPeer.saslPlainInitialResponse(USER,
PASSWD));
+ secondPeer.remoteSaslOutcome().withCode(SaslCode.OK).queue();
+ secondPeer.expectAMQPHeader().respondWithAMQPHeader();
+ secondPeer.expectOpen().respond();
+ secondPeer.expectBegin().respond();
+ secondPeer.start();
+
+ final URI firstPeerURI = firstPeer.getServerURI();
+ logger.debug("Connect test started, first peer listening on: {}",
firstPeerURI);
+
+ final URI secondPeerURI = secondPeer.getServerURI();
+ logger.debug("Connect test started, second peer listening on: {}",
secondPeerURI);
+
+ // First connection fails because we use a server certificate with
whose common name
+ // doesn't match the host, second connection should work as we
disable host verification
+ String amqpServerConnectionURI =
+"(tcp://localhost:" + firstPeerURI.getPort() + "?verifyHost=true" +
+",tcp://localhost:" + secondPeerURI.getPort() +
"?verifyHost=false)" +
+ "?sslEnabled=true;trustStorePath=" + SERVER_TRUSTSTORE_NAME +
+ ";trustStorePassword=" + SERVER_TRUSTSTORE_PASSWORD;
+
+ AMQPBrokerConnectConfiguration amqpConnection =
+new AMQPBrokerConnectConfiguration(getTestName(),
amqpServerConnectionURI);
+ amqpConnection.setRetryInterval(100); // Allow reconnects
Review Comment:
Maybe put a limit on attempts, just in case?
##
tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/amqp/connect/AMQPConnectSaslTest.java:
##
@@ -214,4 +216,186 @@ private void doConnectWithExternalTestImpl(boolean
requireClientCert) throws Exc
peer.waitForScriptToComplete(5, TimeUnit.SECONDS);
}
}
+
+ @Test(timeout = 20_000)
+ public void testReconnectConnectsWithVerifyHostOffOnSecondURI() throws
Exception {
+ final String keyStorePath =
this.getClass().getClassLoader().getResource(UNKNOWN_SERVER_KEYSTORE_NAME).getFile();
+
+ ProtonTestServerOptions server1Options = new ProtonTestServerOptions();
+ server1Options.setSecure(true);
+ server1Options.setKeyStoreLocation(keyStorePath);
+ server1Options.setKeyStorePassword(SERVER_KEYSTORE_PASSWORD);
+ server1Options.setVerifyHost(false);
+
+ ProtonTestServerOptions server2Options = new ProtonTestServerOptions();
+ server2Options.setSecure(true);
+ server2Options.setKeyStoreLocation(keyStorePath);
+ server2Options.setKeyStorePassword(SERVER_KEYSTORE_PASSWORD);
+ server2Options.setVerifyHost(false);
+
+ try (ProtonTestServer firstPeer = new ProtonTestServer(server1Options);
+ ProtonTestServer secondPeer = new ProtonTestServer(server2Options))
{
+
+ firstPeer.expectConnectionToDrop();
[jira] [Work logged] (ARTEMIS-4744) AMQP broker connections don't fully support multi host URIs
[ https://issues.apache.org/jira/browse/ARTEMIS-4744?focusedWorklogId=916428&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-916428 ] ASF GitHub Bot logged work on ARTEMIS-4744: --- Author: ASF GitHub Bot Created on: 25/Apr/24 15:33 Start Date: 25/Apr/24 15:33 Worklog Time Spent: 10m Work Description: tabish121 commented on PR #4906: URL: https://github.com/apache/activemq-artemis/pull/4906#issuecomment-2077588560 I've run this through the full test suite a few times. Issue Time Tracking --- Worklog Id: (was: 916428) Time Spent: 0.5h (was: 20m) > AMQP broker connections don't fully support multi host URIs > --- > > Key: ARTEMIS-4744 > URL: https://issues.apache.org/jira/browse/ARTEMIS-4744 > Project: ActiveMQ Artemis > Issue Type: Bug > Components: AMQP >Affects Versions: 2.33.0 >Reporter: Timothy A. Bish >Assignee: Timothy A. Bish >Priority: Major > Fix For: 2.34.0 > > Time Spent: 0.5h > Remaining Estimate: 0h > > When configuring a multi host connection URI for an AMQP broker connection > the connection will utilize some but not all of the configuration. The > broker will attempt connection to each host and port part specific on the URI > but does not apply configuration specific to a given host. This can lead to > failure on connect due to using the TLS configuration from the first host > when attempting to connect to the following N hosts. Users need to be able > to configure TLS specific options per host as values such as host > verification, SNI and trust stores can vary amongst hosts. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Work logged] (ARTEMIS-4744) AMQP broker connections don't fully support multi host URIs
[ https://issues.apache.org/jira/browse/ARTEMIS-4744?focusedWorklogId=916405&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-916405 ] ASF GitHub Bot logged work on ARTEMIS-4744: --- Author: ASF GitHub Bot Created on: 25/Apr/24 14:55 Start Date: 25/Apr/24 14:55 Worklog Time Spent: 10m Work Description: jbertram commented on PR #4906: URL: https://github.com/apache/activemq-artemis/pull/4906#issuecomment-2077451300 Nitpick - there's a typo in the commit message (i.e. "suppoert"). Issue Time Tracking --- Worklog Id: (was: 916405) Time Spent: 20m (was: 10m) > AMQP broker connections don't fully support multi host URIs > --- > > Key: ARTEMIS-4744 > URL: https://issues.apache.org/jira/browse/ARTEMIS-4744 > Project: ActiveMQ Artemis > Issue Type: Bug > Components: AMQP >Affects Versions: 2.33.0 >Reporter: Timothy A. Bish >Assignee: Timothy A. Bish >Priority: Major > Fix For: 2.34.0 > > Time Spent: 20m > Remaining Estimate: 0h > > When configuring a multi host connection URI for an AMQP broker connection > the connection will utilize some but not all of the configuration. The > broker will attempt connection to each host and port part specific on the URI > but does not apply configuration specific to a given host. This can lead to > failure on connect due to using the TLS configuration from the first host > when attempting to connect to the following N hosts. Users need to be able > to configure TLS specific options per host as values such as host > verification, SNI and trust stores can vary amongst hosts. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Work logged] (ARTEMIS-4744) AMQP broker connections don't fully support multi host URIs
[ https://issues.apache.org/jira/browse/ARTEMIS-4744?focusedWorklogId=916401&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-916401 ] ASF GitHub Bot logged work on ARTEMIS-4744: --- Author: ASF GitHub Bot Created on: 25/Apr/24 14:45 Start Date: 25/Apr/24 14:45 Worklog Time Spent: 10m Work Description: tabish121 opened a new pull request, #4906: URL: https://github.com/apache/activemq-artemis/pull/4906 Create a new NettyConnector for each connection attempt that is configured from distinct broker connection URIs which allows for differing TLS configuration per remote connection configuration. Issue Time Tracking --- Worklog Id: (was: 916401) Remaining Estimate: 0h Time Spent: 10m > AMQP broker connections don't fully support multi host URIs > --- > > Key: ARTEMIS-4744 > URL: https://issues.apache.org/jira/browse/ARTEMIS-4744 > Project: ActiveMQ Artemis > Issue Type: Bug > Components: AMQP >Affects Versions: 2.33.0 >Reporter: Timothy A. Bish >Assignee: Timothy A. Bish >Priority: Major > Fix For: 2.34.0 > > Time Spent: 10m > Remaining Estimate: 0h > > When configuring a multi host connection URI for an AMQP broker connection > the connection will utilize some but not all of the configuration. The > broker will attempt connection to each host and port part specific on the URI > but does not apply configuration specific to a given host. This can lead to > failure on connect due to using the TLS configuration from the first host > when attempting to connect to the following N hosts. Users need to be able > to configure TLS specific options per host as values such as host > verification, SNI and trust stores can vary amongst hosts. -- This message was sent by Atlassian Jira (v8.20.10#820010)
