Joe, Have you seen https://issues.apache.org/jira/browse/NIFI-3230? You might try the latest code on the master branch to see if it fixes your problem. The JIRA ticket also offers a workaround by using a failover URI.
-- Mike On Wed, Jan 11, 2017 at 8:20 PM, Joe Gresock <[email protected]> wrote: > Hi folks, > > I'm using PutJMS to try to send messages to an ActiveMQ broker over SSL. I > verified that the trust store referenced in my ssl-context controller > service does indeed contain the issuer DN of the broker's certificate, but > I get the error "PKIX path building failed: > sun.security.provider.certpath.SunCertPathBuilderException: unable to find > valid certification path to requested target". > > On a whim, I tried adding the truststore location and password to > bootstrap.conf: > java.arg.17=-Djavax.net.ssl.trustStore=... > java.arg.18=-Djavax.net.ssl.trustStorePassword=... > > And this time the SSL connection actually worked. Therefore, it looks like > somehow the ActiveMQ connection factory is not accepting my trust store > information from my controller service. Has anyone else observed this > behavior? > > -- > I know what it is to be in need, and I know what it is to have plenty. I > have learned the secret of being content in any and every situation, > whether well fed or hungry, whether living in plenty or in want. I can do > all this through him who gives me strength. *-Philippians 4:12-13* >
