Details
-
Bug
-
Resolution: Done
-
Major
-
JBoss A-MQ 6.0
-
None
-
None
Description
Same set up as ENTMQ-588. This time, try to browse the messages from the command line:| JBossFuse:karaf@root> activemq:browse --amqurl ssl://localhost:61616 imqgw.OUTGOING|
ERROR: java.lang.RuntimeException: Failed to execute browse task. Reason: javax.jms.JMSException: Could not connect to broker URL: ssl://localhost:61616. Reason: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target |
java.lang.RuntimeException: Failed to execute browse task. Reason: javax.jms.JMSException: Could not connect to broker URL: ssl://localhost:61616. Reason: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target |
at org.apache.activemq.console.command.AmqBrowseCommand.runTask(AmqBrowseCommand.java:155) |
at org.apache.activemq.console.command.AbstractCommand.execute(AbstractCommand.java:57) |
at org.apache.activemq.karaf.commands.ActiveMQCommandSupport.doExecute(ActiveMQCommandSupport.java:45) |
at org.apache.karaf.shell.console.OsgiCommandSupport.execute(OsgiCommandSupport.java:38) |
at org.apache.felix.gogo.commands.basic.AbstractCommand.execute(AbstractCommand.java:35) |
at org.apache.felix.gogo.runtime.CommandProxy.execute(CommandProxy.java:78) |
at org.apache.felix.gogo.runtime.Closure.executeCmd(Closure.java:474) |
at org.apache.felix.gogo.runtime.Closure.executeStatement(Closure.java:400) |
at org.apache.felix.gogo.runtime.Pipe.run(Pipe.java:108) |
at org.apache.felix.gogo.runtime.Closure.execute(Closure.java:183) |
at org.apache.felix.gogo.runtime.Closure.execute(Closure.java:120) |
at org.apache.felix.gogo.runtime.CommandSessionImpl.execute(CommandSessionImpl.java:89) |
at org.apache.karaf.shell.console.jline.Console.run(Console.java:176) |
at org.apache.karaf.shell.console.jline.DelayedStarted.run(DelayedStarted.java:61) |
To resolve this issue, I had to pass in the certificates to the JVM, i.e:export SSL_OPTS="-Djavax.net.ssl.trustStore=/Users/sjavurek/Fuse/SRs/UPS/01047714/jboss-a-mq-6.0.0.redhat-024/keystore.jks -Djavax.net.ssl.trustStorePassword=password -Djavax.net.ssl.keyStore=/Users/sjavurek/Fuse/SRs/UPS/01047714/jboss-a-mq-6.0.0.redhat-024/keystore.jks -Djavax.net.ssl.keyStorePassword=password"And provide SSL_OPTS accordingly.Should we have to do this and if so, then we should document it and provide an easy mechanism to add the keys, i.e. SSL_OPTS in the config