[
https://issues.apache.org/jira/browse/ARTEMIS-5509?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Mohanavalli A updated ARTEMIS-5509:
-----------------------------------
Description:
SSL Exception not logged by broker with OPENSSL Provider
When running the artemis broker with JDK SSL Provider in acceptor, when a
client connects to the broker without any certificate, the broker logs the
exception as `AMQ222208: SSL handshake failed for client from /x.x.x.x:63060:
javax.net.ssl.SSLHandshakeException: Empty client certificate chain.`
Whereas if the artemis broker is configured with OPENSSL Provider in the
acceptor, there is no log at the broker (though the client connection fails
with a bad_certificate exception).
On running the broker with java SSL debug enabled, below are the logs for JDK
and OPENSSL. In both cases there is a javax.net.ssl.SSLHandshakeException
thrown during the SSL authentication. In case of JDK, a WARN level log is
logged after the exception is thrown, but in case of OPENSSL it is not logged
at WARN or ERROR level by the broker.
JDK
----------
javax.net.ssl|DEBUG|74|Thread-1 (activemq-netty-threads)|2025-05-29
09:19:40.243 CEST|ServerHelloDone.java:97|Produced ServerHelloDone handshake
message (
<empty>
)
javax.net.ssl|DEBUG|74|Thread-1 (activemq-netty-threads)|2025-05-29
09:19:40.245 CEST|CertificateMessage.java:372|Consuming client Certificate
handshake message (
"Certificates": <empty list>
)
javax.net.ssl|ERROR|74|Thread-1 (activemq-netty-threads)|2025-05-29
09:19:40.245 CEST|TransportContext.java:358|Fatal (BAD_CERTIFICATE): Empty
client certificate chain (
"throwable" :
{ javax.net.ssl.SSLHandshakeException: Empty client certificate chain
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131) at
java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117) at
java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:353)
at
java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:309)
at
java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:300)
at
java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.onCertificate(CertificateMessage.java:390)
at
java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.consume(CertificateMessage.java:375)
at
java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:392) at
java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:443)
at
java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:1076)
at
java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:1063)
at java.base/java.security.AccessController.doPrivileged(Native Method)
at
java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask.run(SSLEngineImpl.java:1010)
at
io.netty.handler.ssl.SslHandler.runDelegatedTasks(SslHandler.java:1649)
at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1495) at
io.netty.handler.ssl.SslHandler.decodeJdkCompatible(SslHandler.java:1336)
at io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1385) at
io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:530)
at
io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:469)
at
io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:290)
at
io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:444)
at
io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420)
at
io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:412)
at
io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1407)
at
io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:440)
at
io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420)
at
io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:918)
at
io.netty.channel.epoll.AbstractEpollStreamChannel$EpollStreamUnsafe.epollInReady(AbstractEpollStreamChannel.java:799)
at
io.netty.channel.epoll.EpollEventLoop.processReady(EpollEventLoop.java:501)
at io.netty.channel.epoll.EpollEventLoop.run(EpollEventLoop.java:399)
at
io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:994)
at
io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74)
at
org.apache.activemq.artemis.utils.ActiveMQThreadFactory$1.run(ActiveMQThreadFactory.java:118)}
)
javax.net.ssl|WARNING|74|Thread-1 (activemq-netty-threads)|2025-05-29
09:19:40.246 CEST|SSLEngineOutputRecord.java:182|outbound has closed, ignore
outbound application data
2025-05-29 09:19:40,246 WARN [org.apache.activemq.artemis.core.server]
AMQ222208: SSL handshake failed for client from /x.x.x.x:63060:
javax.net.ssl.SSLHandshakeException: Empty client certificate chain.
{quote}************************************************************************
OPENSSL
----------
javax.net.ssl|DEBUG|60|qtp984832924-96|2025-05-29 08:45:30.144
CEST|ServerHelloDone.java:97|Produced ServerHelloDone handshake message (
<empty>
)
javax.net.ssl|DEBUG|60|qtp984832924-96|2025-05-29 08:45:30.147
CEST|Alert.java:238|Received alert message (
"Alert":
{ "level" : "fatal", "description": "bad_certificate" }
)
javax.net.ssl|ERROR|60|qtp984832924-96|2025-05-29 08:45:30.148
CEST|TransportContext.java:358|Fatal (BAD_CERTIFICATE): Received fatal alert:
bad_certificate (
"throwable" :
{ javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131)
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:353)
at java.base/sun.security.ssl.Alert$AlertConsumer.consume(Alert.java:293)
at
java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:192)
at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:172)
at java.base/sun.security.ssl.SSLEngineImpl.decode(SSLEngineImpl.java:681)
at
java.base/sun.security.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:636)
at java.base/sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:454)
at java.base/sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:433)
at java.base/javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:637) at
org.eclipse.jetty.io.ssl.SslConnection.unwrap(SslConnection.java:398) at
org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.fill(SslConnection.java:721)
at
org.eclipse.jetty.server.HttpConnection.fillRequestBuffer(HttpConnection.java:375)
at
org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:270)
at
org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:314)
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:100)
at
org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.onFillable(SslConnection.java:558)
at
org.eclipse.jetty.io.ssl.SslConnection.onFillable(SslConnection.java:379)
at org.eclipse.jetty.io.ssl.SslConnection$2.succeeded(SslConnection.java:146)
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:100)
at
org.eclipse.jetty.io.SelectableChannelEndPoint$1.run(SelectableChannelEndPoint.java:53)
at
org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:969)
at
org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.doRunJob(QueuedThreadPool.java:1194)
at
org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1149)
at java.base/java.lang.Thread.run(Thread.java:829)}
{quote}
)
was:
SSL Exception not logged by broker with OPENSSL Provider
When running the artemis broker with JDK SSL Provider in acceptor, when a
client connects to the broker without any certificate, the broker logs the
exception as `AMQ222208: SSL handshake failed for client from /x.x.x.x:63060:
javax.net.ssl.SSLHandshakeException: Empty client certificate chain.`
Whereas if the artemis broker is configured with OPENSSL Provider in the
acceptor, there is no log at the broker (though the client connection fails
with a bad_certificate exception).
On running the broker with java SSL debug enabled, below are the logs for JDK
and OPENSSL. In both cases there is a javax.net.ssl.SSLHandshakeException
thrown during the SSL authentication. In case of JDK, a WARN level log is
logged after the exception is thrown, but in case of OPENSSL it is not logged
at WARN or ERROR level by the broker.
JDK
----------
javax.net.ssl|DEBUG|74|Thread-1 (activemq-netty-threads)|2025-05-29
09:19:40.243 CEST|ServerHelloDone.java:97|Produced ServerHelloDone handshake
message (
<empty>
)
javax.net.ssl|DEBUG|74|Thread-1 (activemq-netty-threads)|2025-05-29
09:19:40.245 CEST|CertificateMessage.java:372|Consuming client Certificate
handshake message (
"Certificates": <empty list>
)
javax.net.ssl|ERROR|74|Thread-1 (activemq-netty-threads)|2025-05-29
09:19:40.245 CEST|TransportContext.java:358|Fatal (BAD_CERTIFICATE): Empty
client certificate chain (
"throwable" : {
javax.net.ssl.SSLHandshakeException: Empty client certificate chain
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131)
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117)
at
java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:353)
at
java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:309)
at
java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:300)
at
java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.onCertificate(CertificateMessage.java:390)
at
java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.consume(CertificateMessage.java:375)
at java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:392)
at
java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:443)
at
java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:1076)
at
java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:1063)
at java.base/java.security.AccessController.doPrivileged(Native Method)
at
java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask.run(SSLEngineImpl.java:1010)
at io.netty.handler.ssl.SslHandler.runDelegatedTasks(SslHandler.java:1649)
at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1495)
at
io.netty.handler.ssl.SslHandler.decodeJdkCompatible(SslHandler.java:1336)
at io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1385)
at
io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:530)
at
io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:469)
at
io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:290)
at
io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:444)
at
io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420)
at
io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:412)
at
io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1407)
at
io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:440)
at
io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420)
at
io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:918)
at
io.netty.channel.epoll.AbstractEpollStreamChannel$EpollStreamUnsafe.epollInReady(AbstractEpollStreamChannel.java:799)
at
io.netty.channel.epoll.EpollEventLoop.processReady(EpollEventLoop.java:501)
at io.netty.channel.epoll.EpollEventLoop.run(EpollEventLoop.java:399)
at
io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:994)
at
io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74)
at
org.apache.activemq.artemis.utils.ActiveMQThreadFactory$1.run(ActiveMQThreadFactory.java:118)}
)
javax.net.ssl|WARNING|74|Thread-1 (activemq-netty-threads)|2025-05-29
09:19:40.246 CEST|SSLEngineOutputRecord.java:182|outbound has closed, ignore
outbound application data
2025-05-29 09:19:40,246 WARN [org.apache.activemq.artemis.core.server]
AMQ222208: SSL handshake failed for client from /x.x.x.x:63060:
javax.net.ssl.SSLHandshakeException: Empty client certificate chain.
************************************************************************
OPENSSL
----------
javax.net.ssl|DEBUG|60|qtp984832924-96|2025-05-29 08:45:30.144
CEST|ServerHelloDone.java:97|Produced ServerHelloDone handshake message (
<empty>
)
javax.net.ssl|DEBUG|60|qtp984832924-96|2025-05-29 08:45:30.147
CEST|Alert.java:238|Received alert message (
"Alert": {
"level" : "fatal",
"description": "bad_certificate"
}
)
javax.net.ssl|ERROR|60|qtp984832924-96|2025-05-29 08:45:30.148
CEST|TransportContext.java:358|Fatal (BAD_CERTIFICATE): Received fatal alert:
bad_certificate (
"throwable" : {
javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131)
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117)
at
java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:353)
at java.base/sun.security.ssl.Alert$AlertConsumer.consume(Alert.java:293)
at
java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:192)
at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:172)
at java.base/sun.security.ssl.SSLEngineImpl.decode(SSLEngineImpl.java:681)
at
java.base/sun.security.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:636)
at java.base/sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:454)
at java.base/sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:433)
at java.base/javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:637)
at org.eclipse.jetty.io.ssl.SslConnection.unwrap(SslConnection.java:398)
at
org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.fill(SslConnection.java:721)
at
org.eclipse.jetty.server.HttpConnection.fillRequestBuffer(HttpConnection.java:375)
at
org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:270)
at
org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:314)
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:100)
at
org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.onFillable(SslConnection.java:558)
at
org.eclipse.jetty.io.ssl.SslConnection.onFillable(SslConnection.java:379)
at
org.eclipse.jetty.io.ssl.SslConnection$2.succeeded(SslConnection.java:146)
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:100)
at
org.eclipse.jetty.io.SelectableChannelEndPoint$1.run(SelectableChannelEndPoint.java:53)
at
org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:969)
at
org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.doRunJob(QueuedThreadPool.java:1194)
at
org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1149)
at java.base/java.lang.Thread.run(Thread.java:829)}
)
> SSL Exception not logged by broker in WARN/ERROR level with OPENSSL Provider
> ----------------------------------------------------------------------------
>
> Key: ARTEMIS-5509
> URL: https://issues.apache.org/jira/browse/ARTEMIS-5509
> Project: ActiveMQ Artemis
> Issue Type: Bug
> Components: Broker
> Affects Versions: 2.37.0
> Reporter: Mohanavalli A
> Priority: Major
>
> SSL Exception not logged by broker with OPENSSL Provider
> When running the artemis broker with JDK SSL Provider in acceptor, when a
> client connects to the broker without any certificate, the broker logs the
> exception as `AMQ222208: SSL handshake failed for client from
> /x.x.x.x:63060: javax.net.ssl.SSLHandshakeException: Empty client certificate
> chain.`
> Whereas if the artemis broker is configured with OPENSSL Provider in the
> acceptor, there is no log at the broker (though the client connection fails
> with a bad_certificate exception).
> On running the broker with java SSL debug enabled, below are the logs for JDK
> and OPENSSL. In both cases there is a javax.net.ssl.SSLHandshakeException
> thrown during the SSL authentication. In case of JDK, a WARN level log is
> logged after the exception is thrown, but in case of OPENSSL it is not
> logged at WARN or ERROR level by the broker.
>
> JDK
> ----------
> javax.net.ssl|DEBUG|74|Thread-1 (activemq-netty-threads)|2025-05-29
> 09:19:40.243 CEST|ServerHelloDone.java:97|Produced ServerHelloDone handshake
> message (
> <empty>
> )
> javax.net.ssl|DEBUG|74|Thread-1 (activemq-netty-threads)|2025-05-29
> 09:19:40.245 CEST|CertificateMessage.java:372|Consuming client Certificate
> handshake message (
> "Certificates": <empty list>
> )
> javax.net.ssl|ERROR|74|Thread-1 (activemq-netty-threads)|2025-05-29
> 09:19:40.245 CEST|TransportContext.java:358|Fatal (BAD_CERTIFICATE): Empty
> client certificate chain (
> "throwable" :
> { javax.net.ssl.SSLHandshakeException: Empty client certificate chain
> at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131)
> at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117)
> at
> java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:353)
> at
> java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:309)
> at
> java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:300)
> at
> java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.onCertificate(CertificateMessage.java:390)
> at
> java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.consume(CertificateMessage.java:375)
> at
> java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:392)
> at
> java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:443)
> at
> java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:1076)
> at
> java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:1063)
> at java.base/java.security.AccessController.doPrivileged(Native
> Method) at
> java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask.run(SSLEngineImpl.java:1010)
> at
> io.netty.handler.ssl.SslHandler.runDelegatedTasks(SslHandler.java:1649)
> at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1495) at
> io.netty.handler.ssl.SslHandler.decodeJdkCompatible(SslHandler.java:1336)
> at io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1385) at
> io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:530)
> at
> io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:469)
> at
> io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:290)
> at
> io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:444)
> at
> io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420)
> at
> io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:412)
> at
> io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1407)
> at
> io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:440)
> at
> io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420)
> at
> io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:918)
> at
> io.netty.channel.epoll.AbstractEpollStreamChannel$EpollStreamUnsafe.epollInReady(AbstractEpollStreamChannel.java:799)
> at
> io.netty.channel.epoll.EpollEventLoop.processReady(EpollEventLoop.java:501)
> at io.netty.channel.epoll.EpollEventLoop.run(EpollEventLoop.java:399)
> at
> io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:994)
> at
> io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74)
> at
> org.apache.activemq.artemis.utils.ActiveMQThreadFactory$1.run(ActiveMQThreadFactory.java:118)}
> )
> javax.net.ssl|WARNING|74|Thread-1 (activemq-netty-threads)|2025-05-29
> 09:19:40.246 CEST|SSLEngineOutputRecord.java:182|outbound has closed, ignore
> outbound application data
> 2025-05-29 09:19:40,246 WARN [org.apache.activemq.artemis.core.server]
> AMQ222208: SSL handshake failed for client from /x.x.x.x:63060:
> javax.net.ssl.SSLHandshakeException: Empty client certificate chain.
> {quote}************************************************************************
> OPENSSL
> ----------
> javax.net.ssl|DEBUG|60|qtp984832924-96|2025-05-29 08:45:30.144
> CEST|ServerHelloDone.java:97|Produced ServerHelloDone handshake message (
> <empty>
> )
> javax.net.ssl|DEBUG|60|qtp984832924-96|2025-05-29 08:45:30.147
> CEST|Alert.java:238|Received alert message (
> "Alert":
> { "level" : "fatal", "description": "bad_certificate" }
> )
> javax.net.ssl|ERROR|60|qtp984832924-96|2025-05-29 08:45:30.148
> CEST|TransportContext.java:358|Fatal (BAD_CERTIFICATE): Received fatal alert:
> bad_certificate (
> "throwable" :
> { javax.net.ssl.SSLHandshakeException: Received fatal alert:
> bad_certificate at
> java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131) at
> java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117) at
> java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:353)
> at
> java.base/sun.security.ssl.Alert$AlertConsumer.consume(Alert.java:293)
> at
> java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:192)
> at
> java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:172)
> at java.base/sun.security.ssl.SSLEngineImpl.decode(SSLEngineImpl.java:681)
> at
> java.base/sun.security.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:636)
> at
> java.base/sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:454)
> at java.base/sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:433)
> at java.base/javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:637) at
> org.eclipse.jetty.io.ssl.SslConnection.unwrap(SslConnection.java:398)
> at
> org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.fill(SslConnection.java:721)
> at
> org.eclipse.jetty.server.HttpConnection.fillRequestBuffer(HttpConnection.java:375)
> at
> org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:270)
> at
> org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:314)
> at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:100)
> at
> org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.onFillable(SslConnection.java:558)
> at
> org.eclipse.jetty.io.ssl.SslConnection.onFillable(SslConnection.java:379)
> at
> org.eclipse.jetty.io.ssl.SslConnection$2.succeeded(SslConnection.java:146)
> at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:100)
> at
> org.eclipse.jetty.io.SelectableChannelEndPoint$1.run(SelectableChannelEndPoint.java:53)
> at
> org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:969)
> at
> org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.doRunJob(QueuedThreadPool.java:1194)
> at
> org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1149)
> at java.base/java.lang.Thread.run(Thread.java:829)}
> {quote}
> )
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
For further information, visit: https://activemq.apache.org/contact
