[jira] [Work logged] (ARTEMIS-4744) AMQP broker connections don't fully support multi host URIs
[ https://issues.apache.org/jira/browse/ARTEMIS-4744?focusedWorklogId=916476&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-916476 ] ASF GitHub Bot logged work on ARTEMIS-4744: --- Author: ASF GitHub Bot Created on: 25/Apr/24 17:29 Start Date: 25/Apr/24 17:29 Worklog Time Spent: 10m Work Description: gemmellr merged PR #4906: URL: https://github.com/apache/activemq-artemis/pull/4906 Issue Time Tracking --- Worklog Id: (was: 916476) Time Spent: 1h 20m (was: 1h 10m) > AMQP broker connections don't fully support multi host URIs > --- > > Key: ARTEMIS-4744 > URL: https://issues.apache.org/jira/browse/ARTEMIS-4744 > Project: ActiveMQ Artemis > Issue Type: Bug > Components: AMQP >Affects Versions: 2.33.0 >Reporter: Timothy A. Bish >Assignee: Timothy A. Bish >Priority: Major > Fix For: 2.34.0 > > Time Spent: 1h 20m > Remaining Estimate: 0h > > When configuring a multi host connection URI for an AMQP broker connection > the connection will utilize some but not all of the configuration. The > broker will attempt connection to each host and port part specific on the URI > but does not apply configuration specific to a given host. This can lead to > failure on connect due to using the TLS configuration from the first host > when attempting to connect to the following N hosts. Users need to be able > to configure TLS specific options per host as values such as host > verification, SNI and trust stores can vary amongst hosts. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Work logged] (ARTEMIS-4744) AMQP broker connections don't fully support multi host URIs
[ https://issues.apache.org/jira/browse/ARTEMIS-4744?focusedWorklogId=916473&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-916473 ] ASF GitHub Bot logged work on ARTEMIS-4744: --- Author: ASF GitHub Bot Created on: 25/Apr/24 17:25 Start Date: 25/Apr/24 17:25 Worklog Time Spent: 10m Work Description: gemmellr commented on code in PR #4906: URL: https://github.com/apache/activemq-artemis/pull/4906#discussion_r1579867663 ## tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/amqp/connect/AMQPConnectSaslTest.java: ## @@ -214,4 +216,186 @@ private void doConnectWithExternalTestImpl(boolean requireClientCert) throws Exc peer.waitForScriptToComplete(5, TimeUnit.SECONDS); } } + + @Test(timeout = 20_000) + public void testReconnectConnectsWithVerifyHostOffOnSecondURI() throws Exception { + final String keyStorePath = this.getClass().getClassLoader().getResource(UNKNOWN_SERVER_KEYSTORE_NAME).getFile(); + + ProtonTestServerOptions server1Options = new ProtonTestServerOptions(); + server1Options.setSecure(true); + server1Options.setKeyStoreLocation(keyStorePath); + server1Options.setKeyStorePassword(SERVER_KEYSTORE_PASSWORD); + server1Options.setVerifyHost(false); + + ProtonTestServerOptions server2Options = new ProtonTestServerOptions(); + server2Options.setSecure(true); + server2Options.setKeyStoreLocation(keyStorePath); + server2Options.setKeyStorePassword(SERVER_KEYSTORE_PASSWORD); + server2Options.setVerifyHost(false); + + try (ProtonTestServer firstPeer = new ProtonTestServer(server1Options); + ProtonTestServer secondPeer = new ProtonTestServer(server2Options)) { + + firstPeer.expectConnectionToDrop(); + firstPeer.start(); + + secondPeer.expectSASLHeader().respondWithSASLHeader(); + secondPeer.remoteSaslMechanisms().withMechanisms(EXTERNAL, PLAIN).queue(); + secondPeer.expectSaslInit().withMechanism(PLAIN).withInitialResponse(secondPeer.saslPlainInitialResponse(USER, PASSWD)); + secondPeer.remoteSaslOutcome().withCode(SaslCode.OK).queue(); + secondPeer.expectAMQPHeader().respondWithAMQPHeader(); + secondPeer.expectOpen().respond(); + secondPeer.expectBegin().respond(); + secondPeer.start(); + + final URI firstPeerURI = firstPeer.getServerURI(); + logger.debug("Connect test started, first peer listening on: {}", firstPeerURI); + + final URI secondPeerURI = secondPeer.getServerURI(); + logger.debug("Connect test started, second peer listening on: {}", secondPeerURI); + + // First connection fails because we use a server certificate with whose common name + // doesn't match the host, second connection should work as we disable host verification + String amqpServerConnectionURI = +"(tcp://localhost:" + firstPeerURI.getPort() + "?verifyHost=true" + +",tcp://localhost:" + secondPeerURI.getPort() + "?verifyHost=false)" + + "?sslEnabled=true;trustStorePath=" + SERVER_TRUSTSTORE_NAME + + ";trustStorePassword=" + SERVER_TRUSTSTORE_PASSWORD; Review Comment: I have been fine with updating the docs to match the previous tests. Just seemed rather off for the 2 to dramatically differ is all :) Issue Time Tracking --- Worklog Id: (was: 916473) Time Spent: 1h 10m (was: 1h) > AMQP broker connections don't fully support multi host URIs > --- > > Key: ARTEMIS-4744 > URL: https://issues.apache.org/jira/browse/ARTEMIS-4744 > Project: ActiveMQ Artemis > Issue Type: Bug > Components: AMQP >Affects Versions: 2.33.0 >Reporter: Timothy A. Bish >Assignee: Timothy A. Bish >Priority: Major > Fix For: 2.34.0 > > Time Spent: 1h 10m > Remaining Estimate: 0h > > When configuring a multi host connection URI for an AMQP broker connection > the connection will utilize some but not all of the configuration. The > broker will attempt connection to each host and port part specific on the URI > but does not apply configuration specific to a given host. This can lead to > failure on connect due to using the TLS configuration from the first host > when attempting to connect to the following N hosts. Users need to be able > to configure TLS specific options per host as values such as host > verification, SNI and trust stores can vary amongst hosts. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Work logged] (ARTEMIS-4744) AMQP broker connections don't fully support multi host URIs
[ https://issues.apache.org/jira/browse/ARTEMIS-4744?focusedWorklogId=916456&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-916456 ] ASF GitHub Bot logged work on ARTEMIS-4744: --- Author: ASF GitHub Bot Created on: 25/Apr/24 17:02 Start Date: 25/Apr/24 17:02 Worklog Time Spent: 10m Work Description: tabish121 commented on code in PR #4906: URL: https://github.com/apache/activemq-artemis/pull/4906#discussion_r1579840786 ## tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/amqp/connect/AMQPConnectSaslTest.java: ## @@ -214,4 +216,186 @@ private void doConnectWithExternalTestImpl(boolean requireClientCert) throws Exc peer.waitForScriptToComplete(5, TimeUnit.SECONDS); } } + + @Test(timeout = 20_000) + public void testReconnectConnectsWithVerifyHostOffOnSecondURI() throws Exception { + final String keyStorePath = this.getClass().getClassLoader().getResource(UNKNOWN_SERVER_KEYSTORE_NAME).getFile(); + + ProtonTestServerOptions server1Options = new ProtonTestServerOptions(); + server1Options.setSecure(true); + server1Options.setKeyStoreLocation(keyStorePath); + server1Options.setKeyStorePassword(SERVER_KEYSTORE_PASSWORD); + server1Options.setVerifyHost(false); + + ProtonTestServerOptions server2Options = new ProtonTestServerOptions(); + server2Options.setSecure(true); + server2Options.setKeyStoreLocation(keyStorePath); + server2Options.setKeyStorePassword(SERVER_KEYSTORE_PASSWORD); + server2Options.setVerifyHost(false); + + try (ProtonTestServer firstPeer = new ProtonTestServer(server1Options); + ProtonTestServer secondPeer = new ProtonTestServer(server2Options)) { + + firstPeer.expectConnectionToDrop(); + firstPeer.start(); + + secondPeer.expectSASLHeader().respondWithSASLHeader(); + secondPeer.remoteSaslMechanisms().withMechanisms(EXTERNAL, PLAIN).queue(); + secondPeer.expectSaslInit().withMechanism(PLAIN).withInitialResponse(secondPeer.saslPlainInitialResponse(USER, PASSWD)); + secondPeer.remoteSaslOutcome().withCode(SaslCode.OK).queue(); + secondPeer.expectAMQPHeader().respondWithAMQPHeader(); + secondPeer.expectOpen().respond(); + secondPeer.expectBegin().respond(); + secondPeer.start(); + + final URI firstPeerURI = firstPeer.getServerURI(); + logger.debug("Connect test started, first peer listening on: {}", firstPeerURI); + + final URI secondPeerURI = secondPeer.getServerURI(); + logger.debug("Connect test started, second peer listening on: {}", secondPeerURI); + + // First connection fails because we use a server certificate with whose common name + // doesn't match the host, second connection should work as we disable host verification + String amqpServerConnectionURI = +"(tcp://localhost:" + firstPeerURI.getPort() + "?verifyHost=true" + +",tcp://localhost:" + secondPeerURI.getPort() + "?verifyHost=false)" + + "?sslEnabled=true;trustStorePath=" + SERVER_TRUSTSTORE_NAME + + ";trustStorePassword=" + SERVER_TRUSTSTORE_PASSWORD; Review Comment: I think I have figured out the fragment style URI it wants and have updated the tests so it should match the broker connection documentation (although that is the least obvious format). Issue Time Tracking --- Worklog Id: (was: 916456) Time Spent: 1h (was: 50m) > AMQP broker connections don't fully support multi host URIs > --- > > Key: ARTEMIS-4744 > URL: https://issues.apache.org/jira/browse/ARTEMIS-4744 > Project: ActiveMQ Artemis > Issue Type: Bug > Components: AMQP >Affects Versions: 2.33.0 >Reporter: Timothy A. Bish >Assignee: Timothy A. Bish >Priority: Major > Fix For: 2.34.0 > > Time Spent: 1h > Remaining Estimate: 0h > > When configuring a multi host connection URI for an AMQP broker connection > the connection will utilize some but not all of the configuration. The > broker will attempt connection to each host and port part specific on the URI > but does not apply configuration specific to a given host. This can lead to > failure on connect due to using the TLS configuration from the first host > when attempting to connect to the following N hosts. Users need to be able > to configure TLS specific options per host as values such as host > verification, SNI and trust stores can vary amongst hosts. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Work logged] (ARTEMIS-4744) AMQP broker connections don't fully support multi host URIs
[ https://issues.apache.org/jira/browse/ARTEMIS-4744?focusedWorklogId=916440&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-916440 ] ASF GitHub Bot logged work on ARTEMIS-4744: --- Author: ASF GitHub Bot Created on: 25/Apr/24 16:19 Start Date: 25/Apr/24 16:19 Worklog Time Spent: 10m Work Description: tabish121 commented on code in PR #4906: URL: https://github.com/apache/activemq-artemis/pull/4906#discussion_r1579781176 ## tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/amqp/connect/AMQPConnectSaslTest.java: ## @@ -214,4 +216,186 @@ private void doConnectWithExternalTestImpl(boolean requireClientCert) throws Exc peer.waitForScriptToComplete(5, TimeUnit.SECONDS); } } + + @Test(timeout = 20_000) + public void testReconnectConnectsWithVerifyHostOffOnSecondURI() throws Exception { + final String keyStorePath = this.getClass().getClassLoader().getResource(UNKNOWN_SERVER_KEYSTORE_NAME).getFile(); + + ProtonTestServerOptions server1Options = new ProtonTestServerOptions(); + server1Options.setSecure(true); + server1Options.setKeyStoreLocation(keyStorePath); + server1Options.setKeyStorePassword(SERVER_KEYSTORE_PASSWORD); + server1Options.setVerifyHost(false); + + ProtonTestServerOptions server2Options = new ProtonTestServerOptions(); + server2Options.setSecure(true); + server2Options.setKeyStoreLocation(keyStorePath); + server2Options.setKeyStorePassword(SERVER_KEYSTORE_PASSWORD); + server2Options.setVerifyHost(false); + + try (ProtonTestServer firstPeer = new ProtonTestServer(server1Options); + ProtonTestServer secondPeer = new ProtonTestServer(server2Options)) { + + firstPeer.expectConnectionToDrop(); + firstPeer.start(); + + secondPeer.expectSASLHeader().respondWithSASLHeader(); + secondPeer.remoteSaslMechanisms().withMechanisms(EXTERNAL, PLAIN).queue(); + secondPeer.expectSaslInit().withMechanism(PLAIN).withInitialResponse(secondPeer.saslPlainInitialResponse(USER, PASSWD)); + secondPeer.remoteSaslOutcome().withCode(SaslCode.OK).queue(); + secondPeer.expectAMQPHeader().respondWithAMQPHeader(); + secondPeer.expectOpen().respond(); + secondPeer.expectBegin().respond(); + secondPeer.start(); + + final URI firstPeerURI = firstPeer.getServerURI(); + logger.debug("Connect test started, first peer listening on: {}", firstPeerURI); + + final URI secondPeerURI = secondPeer.getServerURI(); + logger.debug("Connect test started, second peer listening on: {}", secondPeerURI); + + // First connection fails because we use a server certificate with whose common name + // doesn't match the host, second connection should work as we disable host verification + String amqpServerConnectionURI = +"(tcp://localhost:" + firstPeerURI.getPort() + "?verifyHost=true" + +",tcp://localhost:" + secondPeerURI.getPort() + "?verifyHost=false)" + + "?sslEnabled=true;trustStorePath=" + SERVER_TRUSTSTORE_NAME + + ";trustStorePassword=" + SERVER_TRUSTSTORE_PASSWORD; Review Comment: I cannot make it work using a '#' and I've based what I've used on other code I cam across elsewhere. If someone that can understand how the parser is supposed to work wants to document it further that'd be great but I am not that person. Issue Time Tracking --- Worklog Id: (was: 916440) Time Spent: 50m (was: 40m) > AMQP broker connections don't fully support multi host URIs > --- > > Key: ARTEMIS-4744 > URL: https://issues.apache.org/jira/browse/ARTEMIS-4744 > Project: ActiveMQ Artemis > Issue Type: Bug > Components: AMQP >Affects Versions: 2.33.0 >Reporter: Timothy A. Bish >Assignee: Timothy A. Bish >Priority: Major > Fix For: 2.34.0 > > Time Spent: 50m > Remaining Estimate: 0h > > When configuring a multi host connection URI for an AMQP broker connection > the connection will utilize some but not all of the configuration. The > broker will attempt connection to each host and port part specific on the URI > but does not apply configuration specific to a given host. This can lead to > failure on connect due to using the TLS configuration from the first host > when attempting to connect to the following N hosts. Users need to be able > to configure TLS specific options per host as values such as host > verification, SNI and trust stores can vary amongst hosts. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Work logged] (ARTEMIS-4744) AMQP broker connections don't fully support multi host URIs
[ https://issues.apache.org/jira/browse/ARTEMIS-4744?focusedWorklogId=916436&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-916436 ] ASF GitHub Bot logged work on ARTEMIS-4744: --- Author: ASF GitHub Bot Created on: 25/Apr/24 15:59 Start Date: 25/Apr/24 15:59 Worklog Time Spent: 10m Work Description: gemmellr commented on code in PR #4906: URL: https://github.com/apache/activemq-artemis/pull/4906#discussion_r1579751853 ## tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/amqp/connect/AMQPConnectSaslTest.java: ## @@ -214,4 +216,186 @@ private void doConnectWithExternalTestImpl(boolean requireClientCert) throws Exc peer.waitForScriptToComplete(5, TimeUnit.SECONDS); } } + + @Test(timeout = 20_000) + public void testReconnectConnectsWithVerifyHostOffOnSecondURI() throws Exception { + final String keyStorePath = this.getClass().getClassLoader().getResource(UNKNOWN_SERVER_KEYSTORE_NAME).getFile(); + + ProtonTestServerOptions server1Options = new ProtonTestServerOptions(); + server1Options.setSecure(true); + server1Options.setKeyStoreLocation(keyStorePath); + server1Options.setKeyStorePassword(SERVER_KEYSTORE_PASSWORD); + server1Options.setVerifyHost(false); + + ProtonTestServerOptions server2Options = new ProtonTestServerOptions(); + server2Options.setSecure(true); + server2Options.setKeyStoreLocation(keyStorePath); + server2Options.setKeyStorePassword(SERVER_KEYSTORE_PASSWORD); + server2Options.setVerifyHost(false); + + try (ProtonTestServer firstPeer = new ProtonTestServer(server1Options); + ProtonTestServer secondPeer = new ProtonTestServer(server2Options)) { + + firstPeer.expectConnectionToDrop(); + firstPeer.start(); + + secondPeer.expectSASLHeader().respondWithSASLHeader(); + secondPeer.remoteSaslMechanisms().withMechanisms(EXTERNAL, PLAIN).queue(); + secondPeer.expectSaslInit().withMechanism(PLAIN).withInitialResponse(secondPeer.saslPlainInitialResponse(USER, PASSWD)); + secondPeer.remoteSaslOutcome().withCode(SaslCode.OK).queue(); + secondPeer.expectAMQPHeader().respondWithAMQPHeader(); + secondPeer.expectOpen().respond(); + secondPeer.expectBegin().respond(); + secondPeer.start(); + + final URI firstPeerURI = firstPeer.getServerURI(); + logger.debug("Connect test started, first peer listening on: {}", firstPeerURI); + + final URI secondPeerURI = secondPeer.getServerURI(); + logger.debug("Connect test started, second peer listening on: {}", secondPeerURI); + + // First connection fails because we use a server certificate with whose common name + // doesn't match the host, second connection should work as we disable host verification + String amqpServerConnectionURI = +"(tcp://localhost:" + firstPeerURI.getPort() + "?verifyHost=true" + +",tcp://localhost:" + secondPeerURI.getPort() + "?verifyHost=false)" + + "?sslEnabled=true;trustStorePath=" + SERVER_TRUSTSTORE_NAME + + ";trustStorePassword=" + SERVER_TRUSTSTORE_PASSWORD; + + AMQPBrokerConnectConfiguration amqpConnection = +new AMQPBrokerConnectConfiguration(getTestName(), amqpServerConnectionURI); + amqpConnection.setRetryInterval(100); // Allow reconnects Review Comment: Maybe put a limit on attempts, just in case? ## tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/amqp/connect/AMQPConnectSaslTest.java: ## @@ -214,4 +216,186 @@ private void doConnectWithExternalTestImpl(boolean requireClientCert) throws Exc peer.waitForScriptToComplete(5, TimeUnit.SECONDS); } } + + @Test(timeout = 20_000) + public void testReconnectConnectsWithVerifyHostOffOnSecondURI() throws Exception { + final String keyStorePath = this.getClass().getClassLoader().getResource(UNKNOWN_SERVER_KEYSTORE_NAME).getFile(); + + ProtonTestServerOptions server1Options = new ProtonTestServerOptions(); + server1Options.setSecure(true); + server1Options.setKeyStoreLocation(keyStorePath); + server1Options.setKeyStorePassword(SERVER_KEYSTORE_PASSWORD); + server1Options.setVerifyHost(false); + + ProtonTestServerOptions server2Options = new ProtonTestServerOptions(); + server2Options.setSecure(true); + server2Options.setKeyStoreLocation(keyStorePath); + server2Options.setKeyStorePassword(SERVER_KEYSTORE_PASSWORD); + server2Options.setVerifyHost(false); + + try (ProtonTestServer firstPeer = new ProtonTestServer(server1Options); + ProtonTestServer secondPeer = new ProtonTestServer(server2Options)) { + + firstPeer.expectConnectionToDrop();
[jira] [Work logged] (ARTEMIS-4744) AMQP broker connections don't fully support multi host URIs
[ https://issues.apache.org/jira/browse/ARTEMIS-4744?focusedWorklogId=916428&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-916428 ] ASF GitHub Bot logged work on ARTEMIS-4744: --- Author: ASF GitHub Bot Created on: 25/Apr/24 15:33 Start Date: 25/Apr/24 15:33 Worklog Time Spent: 10m Work Description: tabish121 commented on PR #4906: URL: https://github.com/apache/activemq-artemis/pull/4906#issuecomment-2077588560 I've run this through the full test suite a few times. Issue Time Tracking --- Worklog Id: (was: 916428) Time Spent: 0.5h (was: 20m) > AMQP broker connections don't fully support multi host URIs > --- > > Key: ARTEMIS-4744 > URL: https://issues.apache.org/jira/browse/ARTEMIS-4744 > Project: ActiveMQ Artemis > Issue Type: Bug > Components: AMQP >Affects Versions: 2.33.0 >Reporter: Timothy A. Bish >Assignee: Timothy A. Bish >Priority: Major > Fix For: 2.34.0 > > Time Spent: 0.5h > Remaining Estimate: 0h > > When configuring a multi host connection URI for an AMQP broker connection > the connection will utilize some but not all of the configuration. The > broker will attempt connection to each host and port part specific on the URI > but does not apply configuration specific to a given host. This can lead to > failure on connect due to using the TLS configuration from the first host > when attempting to connect to the following N hosts. Users need to be able > to configure TLS specific options per host as values such as host > verification, SNI and trust stores can vary amongst hosts. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Work logged] (ARTEMIS-4744) AMQP broker connections don't fully support multi host URIs
[ https://issues.apache.org/jira/browse/ARTEMIS-4744?focusedWorklogId=916405&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-916405 ] ASF GitHub Bot logged work on ARTEMIS-4744: --- Author: ASF GitHub Bot Created on: 25/Apr/24 14:55 Start Date: 25/Apr/24 14:55 Worklog Time Spent: 10m Work Description: jbertram commented on PR #4906: URL: https://github.com/apache/activemq-artemis/pull/4906#issuecomment-2077451300 Nitpick - there's a typo in the commit message (i.e. "suppoert"). Issue Time Tracking --- Worklog Id: (was: 916405) Time Spent: 20m (was: 10m) > AMQP broker connections don't fully support multi host URIs > --- > > Key: ARTEMIS-4744 > URL: https://issues.apache.org/jira/browse/ARTEMIS-4744 > Project: ActiveMQ Artemis > Issue Type: Bug > Components: AMQP >Affects Versions: 2.33.0 >Reporter: Timothy A. Bish >Assignee: Timothy A. Bish >Priority: Major > Fix For: 2.34.0 > > Time Spent: 20m > Remaining Estimate: 0h > > When configuring a multi host connection URI for an AMQP broker connection > the connection will utilize some but not all of the configuration. The > broker will attempt connection to each host and port part specific on the URI > but does not apply configuration specific to a given host. This can lead to > failure on connect due to using the TLS configuration from the first host > when attempting to connect to the following N hosts. Users need to be able > to configure TLS specific options per host as values such as host > verification, SNI and trust stores can vary amongst hosts. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Work logged] (ARTEMIS-4744) AMQP broker connections don't fully support multi host URIs
[ https://issues.apache.org/jira/browse/ARTEMIS-4744?focusedWorklogId=916401&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-916401 ] ASF GitHub Bot logged work on ARTEMIS-4744: --- Author: ASF GitHub Bot Created on: 25/Apr/24 14:45 Start Date: 25/Apr/24 14:45 Worklog Time Spent: 10m Work Description: tabish121 opened a new pull request, #4906: URL: https://github.com/apache/activemq-artemis/pull/4906 Create a new NettyConnector for each connection attempt that is configured from distinct broker connection URIs which allows for differing TLS configuration per remote connection configuration. Issue Time Tracking --- Worklog Id: (was: 916401) Remaining Estimate: 0h Time Spent: 10m > AMQP broker connections don't fully support multi host URIs > --- > > Key: ARTEMIS-4744 > URL: https://issues.apache.org/jira/browse/ARTEMIS-4744 > Project: ActiveMQ Artemis > Issue Type: Bug > Components: AMQP >Affects Versions: 2.33.0 >Reporter: Timothy A. Bish >Assignee: Timothy A. Bish >Priority: Major > Fix For: 2.34.0 > > Time Spent: 10m > Remaining Estimate: 0h > > When configuring a multi host connection URI for an AMQP broker connection > the connection will utilize some but not all of the configuration. The > broker will attempt connection to each host and port part specific on the URI > but does not apply configuration specific to a given host. This can lead to > failure on connect due to using the TLS configuration from the first host > when attempting to connect to the following N hosts. Users need to be able > to configure TLS specific options per host as values such as host > verification, SNI and trust stores can vary amongst hosts. -- This message was sent by Atlassian Jira (v8.20.10#820010)