[
https://issues.apache.org/jira/browse/ARTEMIS-5509?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Justin Bertram updated ARTEMIS-5509:
------------------------------------
Description:
When running the broker with JDK SSL Provider in acceptor, when a client
connects to the broker without any certificate, the broker logs the exception
as:
{noformat}AMQ222208: SSL handshake failed for client from /x.x.x.x:63060:
javax.net.ssl.SSLHandshakeException: Empty client certificate chain.{noformat}
Whereas if the broker is configured with OPENSSL Provider in the acceptor,
there is no log at the broker (though the client connection fails with a
bad_certificate exception).
On running the broker with java SSL debug enabled, below are the logs for JDK
and OPENSSL. In both cases there is a {{javax.net.ssl.SSLHandshakeException}}
thrown during the SSL authentication. In case of JDK, a WARN level log is
logged after the exception is thrown, but in case of OPENSSL it is not logged
at WARN or ERROR level by the broker.
h3. JDK
{noformat}
javax.net.ssl|DEBUG|74|Thread-1 (activemq-netty-threads)|2025-05-29
09:19:40.243 CEST|ServerHelloDone.java:97|Produced ServerHelloDone handshake
message (
<empty>
)
javax.net.ssl|DEBUG|74|Thread-1 (activemq-netty-threads)|2025-05-29
09:19:40.245 CEST|CertificateMessage.java:372|Consuming client Certificate
handshake message (
"Certificates": <empty list>
)
javax.net.ssl|ERROR|74|Thread-1 (activemq-netty-threads)|2025-05-29
09:19:40.245 CEST|TransportContext.java:358|Fatal (BAD_CERTIFICATE): Empty
client certificate chain (
"throwable" :
{ javax.net.ssl.SSLHandshakeException: Empty client certificate chain
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131)
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117)
at
java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:353)
at
java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:309)
at
java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:300)
at
java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.onCertificate(CertificateMessage.java:390)
at
java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.consume(CertificateMessage.java:375)
at java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:392)
at
java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:443)
at
java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:1076)
at
java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:1063)
at java.base/java.security.AccessController.doPrivileged(Native Method)
at
java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask.run(SSLEngineImpl.java:1010)
at
io.netty.handler.ssl.SslHandler.runDelegatedTasks(SslHandler.java:1649)
at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1495)
at
io.netty.handler.ssl.SslHandler.decodeJdkCompatible(SslHandler.java:1336)
at io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1385)
at
io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:530)
at
io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:469)
at
io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:290)
at
io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:444)
at
io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420)
at
io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:412)
at
io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1407)
at
io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:440)
at
io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420)
at
io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:918)
at
io.netty.channel.epoll.AbstractEpollStreamChannel$EpollStreamUnsafe.epollInReady(AbstractEpollStreamChannel.java:799)
at
io.netty.channel.epoll.EpollEventLoop.processReady(EpollEventLoop.java:501)
at io.netty.channel.epoll.EpollEventLoop.run(EpollEventLoop.java:399)
at
io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:994)
at
io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74)
at
org.apache.activemq.artemis.utils.ActiveMQThreadFactory$1.run(ActiveMQThreadFactory.java:118)}
)
javax.net.ssl|WARNING|74|Thread-1 (activemq-netty-threads)|2025-05-29
09:19:40.246 CEST|SSLEngineOutputRecord.java:182|outbound has closed, ignore
outbound application data
2025-05-29 09:19:40,246 WARN [org.apache.activemq.artemis.core.server]
AMQ222208: SSL handshake failed for client from /x.x.x.x:63060:
javax.net.ssl.SSLHandshakeException: Empty client certificate chain.{noformat}
h3. OPENSSL
{noformat}
javax.net.ssl|DEBUG|60|qtp984832924-96|2025-05-29 08:45:30.144
CEST|ServerHelloDone.java:97|Produced ServerHelloDone handshake message (
<empty>
)
javax.net.ssl|DEBUG|60|qtp984832924-96|2025-05-29 08:45:30.147
CEST|Alert.java:238|Received alert message (
"Alert": {
"level" : "fatal",
"description": "bad_certificate"
}
)
javax.net.ssl|ERROR|60|qtp984832924-96|2025-05-29 08:45:30.148
CEST|TransportContext.java:358|Fatal (BAD_CERTIFICATE): Received fatal alert:
bad_certificate (
"throwable" : {
javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131)
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117)
at
java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:353)
at
java.base/sun.security.ssl.Alert$AlertConsumer.consume(Alert.java:293)
at
java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:192)
at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:172)
at
java.base/sun.security.ssl.SSLEngineImpl.decode(SSLEngineImpl.java:681)
at
java.base/sun.security.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:636)
at
java.base/sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:454)
at
java.base/sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:433)
at java.base/javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:637)
at org.eclipse.jetty.io.ssl.SslConnection.unwrap(SslConnection.java:398)
at
org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.fill(SslConnection.java:721)
at
org.eclipse.jetty.server.HttpConnection.fillRequestBuffer(HttpConnection.java:375)
at
org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:270)
at
org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:314)
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:100)
at
org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.onFillable(SslConnection.java:558)
at
org.eclipse.jetty.io.ssl.SslConnection.onFillable(SslConnection.java:379)
at
org.eclipse.jetty.io.ssl.SslConnection$2.succeeded(SslConnection.java:146)
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:100)
at
org.eclipse.jetty.io.SelectableChannelEndPoint$1.run(SelectableChannelEndPoint.java:53)
at
org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:969)
at
org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.doRunJob(QueuedThreadPool.java:1194)
at
org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1149)
at java.base/java.lang.Thread.run(Thread.java:829)}
){noformat}
was:
When running the broker with JDK SSL Provider in acceptor, when a client
connects to the broker without any certificate, the broker logs the exception
as:
{noformat}AMQ222208: SSL handshake failed for client from /x.x.x.x:63060:
javax.net.ssl.SSLHandshakeException: Empty client certificate chain.{noformat}
Whereas if the broker is configured with OPENSSL Provider in the acceptor,
there is no log at the broker (though the client connection fails with a
bad_certificate exception).
On running the broker with java SSL debug enabled, below are the logs for JDK
and OPENSSL. In both cases there is a {{javax.net.ssl.SSLHandshakeException}}
thrown during the SSL authentication. In case of JDK, a WARN level log is
logged after the exception is thrown, but in case of OPENSSL it is not logged
at WARN or ERROR level by the broker.
h3. JDK
{noformat}
javax.net.ssl|DEBUG|74|Thread-1 (activemq-netty-threads)|2025-05-29
09:19:40.243 CEST|ServerHelloDone.java:97|Produced ServerHelloDone handshake
message (
<empty>
)
javax.net.ssl|DEBUG|74|Thread-1 (activemq-netty-threads)|2025-05-29
09:19:40.245 CEST|CertificateMessage.java:372|Consuming client Certificate
handshake message (
"Certificates": <empty list>
)
javax.net.ssl|ERROR|74|Thread-1 (activemq-netty-threads)|2025-05-29
09:19:40.245 CEST|TransportContext.java:358|Fatal (BAD_CERTIFICATE): Empty
client certificate chain (
"throwable" :
{ javax.net.ssl.SSLHandshakeException: Empty client certificate chain
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131)
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117)
at
java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:353)
at
java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:309)
at
java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:300)
at
java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.onCertificate(CertificateMessage.java:390)
at
java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.consume(CertificateMessage.java:375)
at java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:392)
at
java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:443)
at
java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:1076)
at
java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:1063)
at java.base/java.security.AccessController.doPrivileged(Native Method)
at
java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask.run(SSLEngineImpl.java:1010)
at
io.netty.handler.ssl.SslHandler.runDelegatedTasks(SslHandler.java:1649)
at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1495)
at
io.netty.handler.ssl.SslHandler.decodeJdkCompatible(SslHandler.java:1336)
at io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1385)
at
io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:530)
at
io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:469)
at
io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:290)
at
io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:444)
at
io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420)
at
io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:412)
at
io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1407)
at
io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:440)
at
io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420)
at
io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:918)
at
io.netty.channel.epoll.AbstractEpollStreamChannel$EpollStreamUnsafe.epollInReady(AbstractEpollStreamChannel.java:799)
at
io.netty.channel.epoll.EpollEventLoop.processReady(EpollEventLoop.java:501)
at io.netty.channel.epoll.EpollEventLoop.run(EpollEventLoop.java:399)
at
io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:994)
at
io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74)
at
org.apache.activemq.artemis.utils.ActiveMQThreadFactory$1.run(ActiveMQThreadFactory.java:118)}
)
javax.net.ssl|WARNING|74|Thread-1 (activemq-netty-threads)|2025-05-29
09:19:40.246 CEST|SSLEngineOutputRecord.java:182|outbound has closed, ignore
outbound application data
2025-05-29 09:19:40,246 WARN [org.apache.activemq.artemis.core.server]
AMQ222208: SSL handshake failed for client from /x.x.x.x:63060:
javax.net.ssl.SSLHandshakeException: Empty client certificate chain.{noformat}
h3. OPENSSL
{noformat}
javax.net.ssl|DEBUG|60|qtp984832924-96|2025-05-29 08:45:30.144
CEST|ServerHelloDone.java:97|Produced ServerHelloDone handshake message (
<empty>
)
javax.net.ssl|DEBUG|60|qtp984832924-96|2025-05-29 08:45:30.147
CEST|Alert.java:238|Received alert message (
"Alert": {
"level" : "fatal",
"description": "bad_certificate"
}
)
javax.net.ssl|ERROR|60|qtp984832924-96|2025-05-29 08:45:30.148
CEST|TransportContext.java:358|Fatal (BAD_CERTIFICATE): Received fatal alert:
bad_certificate (
"throwable" : {
javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131)
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117)
at
java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:353)
at
java.base/sun.security.ssl.Alert$AlertConsumer.consume(Alert.java:293)
at
java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:192)
at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:172)
at
java.base/sun.security.ssl.SSLEngineImpl.decode(SSLEngineImpl.java:681)
at
java.base/sun.security.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:636)
at
java.base/sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:454)
at
java.base/sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:433)
at java.base/javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:637)
at org.eclipse.jetty.io.ssl.SslConnection.unwrap(SslConnection.java:398)
at
org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.fill(SslConnection.java:721)
at
org.eclipse.jetty.server.HttpConnection.fillRequestBuffer(HttpConnection.java:375)
at
org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:270)
at
org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:314)
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:100)
at
org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.onFillable(SslConnection.java:558)
at
org.eclipse.jetty.io.ssl.SslConnection.onFillable(SslConnection.java:379)
at
org.eclipse.jetty.io.ssl.SslConnection$2.succeeded(SslConnection.java:146)
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:100)
at
org.eclipse.jetty.io.SelectableChannelEndPoint$1.run(SelectableChannelEndPoint.java:53)
at
org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:969)
at
org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.doRunJob(QueuedThreadPool.java:1194)
at
org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1149)
at java.base/java.lang.Thread.run(Thread.java:829)}
){noformat}
> SSL Exception not logged by broker in WARN/ERROR level with OPENSSL Provider
> ----------------------------------------------------------------------------
>
> Key: ARTEMIS-5509
> URL: https://issues.apache.org/jira/browse/ARTEMIS-5509
> Project: ActiveMQ Artemis
> Issue Type: Bug
> Components: Broker
> Affects Versions: 2.37.0
> Reporter: Mohanavalli A
> Priority: Major
>
> When running the broker with JDK SSL Provider in acceptor, when a client
> connects to the broker without any certificate, the broker logs the exception
> as:
> {noformat}AMQ222208: SSL handshake failed for client from /x.x.x.x:63060:
> javax.net.ssl.SSLHandshakeException: Empty client certificate chain.{noformat}
> Whereas if the broker is configured with OPENSSL Provider in the acceptor,
> there is no log at the broker (though the client connection fails with a
> bad_certificate exception).
> On running the broker with java SSL debug enabled, below are the logs for JDK
> and OPENSSL. In both cases there is a {{javax.net.ssl.SSLHandshakeException}}
> thrown during the SSL authentication. In case of JDK, a WARN level log is
> logged after the exception is thrown, but in case of OPENSSL it is not
> logged at WARN or ERROR level by the broker.
>
> h3. JDK
> {noformat}
> javax.net.ssl|DEBUG|74|Thread-1 (activemq-netty-threads)|2025-05-29
> 09:19:40.243 CEST|ServerHelloDone.java:97|Produced ServerHelloDone handshake
> message (
> <empty>
> )
> javax.net.ssl|DEBUG|74|Thread-1 (activemq-netty-threads)|2025-05-29
> 09:19:40.245 CEST|CertificateMessage.java:372|Consuming client Certificate
> handshake message (
> "Certificates": <empty list>
> )
> javax.net.ssl|ERROR|74|Thread-1 (activemq-netty-threads)|2025-05-29
> 09:19:40.245 CEST|TransportContext.java:358|Fatal (BAD_CERTIFICATE): Empty
> client certificate chain (
> "throwable" :
> { javax.net.ssl.SSLHandshakeException: Empty client certificate chain
> at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131)
> at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117)
> at
> java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:353)
> at
> java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:309)
> at
> java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:300)
> at
> java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.onCertificate(CertificateMessage.java:390)
> at
> java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.consume(CertificateMessage.java:375)
> at
> java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:392)
> at
> java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:443)
> at
> java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:1076)
> at
> java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:1063)
> at java.base/java.security.AccessController.doPrivileged(Native Method)
> at
> java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask.run(SSLEngineImpl.java:1010)
> at
> io.netty.handler.ssl.SslHandler.runDelegatedTasks(SslHandler.java:1649)
> at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1495)
> at
> io.netty.handler.ssl.SslHandler.decodeJdkCompatible(SslHandler.java:1336)
> at io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1385)
> at
> io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:530)
> at
> io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:469)
> at
> io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:290)
> at
> io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:444)
> at
> io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420)
> at
> io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:412)
> at
> io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1407)
> at
> io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:440)
> at
> io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420)
> at
> io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:918)
> at
> io.netty.channel.epoll.AbstractEpollStreamChannel$EpollStreamUnsafe.epollInReady(AbstractEpollStreamChannel.java:799)
> at
> io.netty.channel.epoll.EpollEventLoop.processReady(EpollEventLoop.java:501)
> at io.netty.channel.epoll.EpollEventLoop.run(EpollEventLoop.java:399)
> at
> io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:994)
> at
> io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74)
> at
> org.apache.activemq.artemis.utils.ActiveMQThreadFactory$1.run(ActiveMQThreadFactory.java:118)}
> )
> javax.net.ssl|WARNING|74|Thread-1 (activemq-netty-threads)|2025-05-29
> 09:19:40.246 CEST|SSLEngineOutputRecord.java:182|outbound has closed, ignore
> outbound application data
> 2025-05-29 09:19:40,246 WARN [org.apache.activemq.artemis.core.server]
> AMQ222208: SSL handshake failed for client from /x.x.x.x:63060:
> javax.net.ssl.SSLHandshakeException: Empty client certificate chain.{noformat}
> h3. OPENSSL
> {noformat}
> javax.net.ssl|DEBUG|60|qtp984832924-96|2025-05-29 08:45:30.144
> CEST|ServerHelloDone.java:97|Produced ServerHelloDone handshake message (
> <empty>
> )
> javax.net.ssl|DEBUG|60|qtp984832924-96|2025-05-29 08:45:30.147
> CEST|Alert.java:238|Received alert message (
> "Alert": {
> "level" : "fatal",
> "description": "bad_certificate"
> }
> )
> javax.net.ssl|ERROR|60|qtp984832924-96|2025-05-29 08:45:30.148
> CEST|TransportContext.java:358|Fatal (BAD_CERTIFICATE): Received fatal alert:
> bad_certificate (
> "throwable" : {
> javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate
> at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131)
> at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117)
> at
> java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:353)
> at
> java.base/sun.security.ssl.Alert$AlertConsumer.consume(Alert.java:293)
> at
> java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:192)
> at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:172)
> at
> java.base/sun.security.ssl.SSLEngineImpl.decode(SSLEngineImpl.java:681)
> at
> java.base/sun.security.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:636)
> at
> java.base/sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:454)
> at
> java.base/sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:433)
> at java.base/javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:637)
> at org.eclipse.jetty.io.ssl.SslConnection.unwrap(SslConnection.java:398)
> at
> org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.fill(SslConnection.java:721)
> at
> org.eclipse.jetty.server.HttpConnection.fillRequestBuffer(HttpConnection.java:375)
> at
> org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:270)
> at
> org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:314)
> at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:100)
> at
> org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.onFillable(SslConnection.java:558)
> at
> org.eclipse.jetty.io.ssl.SslConnection.onFillable(SslConnection.java:379)
> at
> org.eclipse.jetty.io.ssl.SslConnection$2.succeeded(SslConnection.java:146)
> at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:100)
> at
> org.eclipse.jetty.io.SelectableChannelEndPoint$1.run(SelectableChannelEndPoint.java:53)
> at
> org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:969)
> at
> org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.doRunJob(QueuedThreadPool.java:1194)
> at
> org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1149)
> at java.base/java.lang.Thread.run(Thread.java:829)}
> ){noformat}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
For further information, visit: https://activemq.apache.org/contact
