Issue with creating connection when SSL is enabled
I am using JBoss 7.2 and have enabled SSL on JMS. I am seeing following failure when I try to create JMS connection from remote client:
javax.jms.JMSException: Failed to create session factory at org.hornetq.jms.client.HornetQConnectionFactory.createConnectionInternal(HornetQConnectionFactory.java:587) at org.hornetq.jms.client.HornetQConnectionFactory.createConnection(HornetQConnectionFactory.java:107) at com.brocade.dcm.util.jms.JmsUtil.createConnection(JmsUtil.java:305) at com.brocade.dcm.util.jms.JmsUtil.initialize(JmsUtil.java:117) at com.brocade.dcm.util.jms.JmsUtil.<init>(JmsUtil.java:103) at com.brocade.dcm.util.jms.JmsUtil.getInstance(JmsUtil.java:92) at com.brocade.dcm.as7.test.CommonTopicPublisher.setup(CommonTopicPublisher.java:110) at com.brocade.dcm.as7.test.CommonTopicPublisher.main(CommonTopicPublisher.java:146) Caused by: HornetQException[errorType=NOT_CONNECTED message=HQ119007: Cannot connect to server(s). Tried with all available servers.] at org.hornetq.core.client.impl.ServerLocatorImpl.createSessionFactory(ServerLocatorImpl.java:852) at org.hornetq.jms.client.HornetQConnectionFactory.createConnectionInternal(HornetQConnectionFactory.java:583) ... 7 more
As part of JBoss 7.2.0Final I am using 2.3.0CR1 version of hornetq and 3.6.2 Final version of netty.
I saw following post on JBoss forum regarding SSL issues in netty:
https://community.jboss.org/thread/214134?start=30&tstart=0
As per this post I am using the right versions for both netty and hornetq. Inspite of that I am seeing this issue.
Below given is the hornetq subsytem configuration in JBoss:
<subsystem xmlns="urn:jboss:domain:messaging:1.3">
<hornetq-server>
<persistence-enabled>false</persistence-enabled>
<scheduled-thread-pool-max-size>5</scheduled-thread-pool-max-size>
<thread-pool-max-size>-1</thread-pool-max-size>
<security-enabled>true</security-enabled>
<security-invalidation-interval>10000</security-invalidation-interval>
<wild-card-routing-enabled>true</wild-card-routing-enabled>
<management-address>jms.queue.hornetq.management</management-address>
<management-notification-address>hornetq.notifications</management-notification-address>
<cluster-user>admin</cluster-user>
<cluster-password>passw0rd</cluster-password>
<jmx-management-enabled>true</jmx-management-enabled>
<jmx-domain>org.hornetq</jmx-domain>
<message-counter-enabled>true</message-counter-enabled>
<message-counter-sample-period>60000</message-counter-sample-period>
<message-counter-max-day-history>3</message-counter-max-day-history>
<connection-ttl-override>-1</connection-ttl-override>
<async-connection-execution-enabled>true</async-connection-execution-enabled>
<transaction-timeout>300000</transaction-timeout>
<transaction-timeout-scan-period>1000</transaction-timeout-scan-period>
<message-expiry-scan-period>30000</message-expiry-scan-period>
<message-expiry-thread-priority>3</message-expiry-thread-priority>
<id-cache-size>2000</id-cache-size>
<persist-id-cache>true</persist-id-cache>
<backup>false</backup>
<shared-store>false</shared-store>
<persist-delivery-count-before-delivery>false</persist-delivery-count-before-delivery>
<journal-type>NIO</journal-type>
<journal-buffer-timeout>3333333</journal-buffer-timeout>
<journal-buffer-size>501760</journal-buffer-size>
<journal-sync-transactional>true</journal-sync-transactional>
<journal-sync-non-transactional>true</journal-sync-non-transactional>
<log-journal-write-rate>false</log-journal-write-rate>
<journal-file-size>10485760</journal-file-size>
<journal-min-files>2</journal-min-files>
<journal-compact-percentage>30</journal-compact-percentage>
<journal-compact-min-files>10</journal-compact-min-files>
<journal-max-io>1</journal-max-io>
<perf-blast-pages>-1</perf-blast-pages>
<run-sync-speed-test>false</run-sync-speed-test>
<server-dump-interval>-1</server-dump-interval>
<memory-warning-threshold>25</memory-warning-threshold>
<memory-measure-interval>-1</memory-measure-interval>
<paging-directory path="${jboss.server.data.dir}/hornetq/paging"/>
<bindings-directory path="${jboss.server.data.dir}/hornetq/bindings"/>
<journal-directory path="${jboss.server.data.dir}/hornetq/journal"/>
<large-messages-directory path="${jboss.server.data.dir}/hornetq/largemessages"/>
<connectors>
<netty-connector name="netty" socket-binding="messaging">
<param key="host" value="10.24.49.148"/>
<param key="port" value="${hornetq.remoting.netty.port:5445}"/>
<param key="ssl-enabled" value="true"/>
<param key="key-store-path" value="${javax.net.ssl.keyStore}"/>
<param key="key-store-password" value="${javax.net.ssl.keyStorePassword}"/>
<param key="use-nio" value="true"/>
<param key="tcp-no-delay" value="true"/>
<param key="tcp-send-buffer-size" value="131072"/>
<param key="tcp-receive-buffer-size" value="131072"/>
</netty-connector>
<netty-connector name="netty-throughput" socket-binding="messaging-throughput">
<param key="batch-delay" value="50"/>
</netty-connector>
<in-vm-connector name="in-vm" server-id="0"/>
</connectors>
<acceptors>
<netty-acceptor name="netty" socket-binding="messaging">
<param key="host" value="10.24.49.148"/>
<param key="port" value="${hornetq.remoting.netty.port:5445}"/>
<param key="ssl-enabled" value="true"/>
<param key="key-store-path" value="${javax.net.ssl.keyStore}"/>
<param key="key-store-password" value="${javax.net.ssl.keyStorePassword}"/>
<param key="trust-store-path" value="${javax.net.ssl.trustStore}"/>
<param key="trust-store-password" value="${javax.net.ssl.trustStorePassword}"/>
<param key="use-nio" value="true"/>
<param key="tcp-no-delay" value="true"/>
<param key="tcp-send-buffer-size" value="131072"/>
<param key="tcp-receive-buffer-size" value="131072"/>
</netty-acceptor>
<netty-acceptor name="netty-throughput" socket-binding="messaging-throughput">
<param key="batch-delay" value="50"/>
<param key="direct-deliver" value="false"/>
</netty-acceptor>
<in-vm-acceptor name="in-vm" server-id="0"/>
</acceptors>
<security-settings>
<security-setting match="#">
<permission type="send" roles="guest"/>
<permission type="consume" roles="guest"/>
<permission type="createNonDurableQueue" roles="guest"/>
<permission type="deleteNonDurableQueue" roles="guest"/>
</security-setting>
</security-settings>
<address-settings>
<address-setting match="#">
<dead-letter-address>jms.queue.DLQ</dead-letter-address>
<expiry-address>jms.queue.ExpiryQueue</expiry-address>
<redelivery-delay>0</redelivery-delay>
<max-size-bytes>10485760</max-size-bytes>
<address-full-policy>BLOCK</address-full-policy>
<message-counter-history-day-limit>10</message-counter-history-day-limit>
</address-setting>
</address-settings>
<jms-connection-factories>
<connection-factory name="RemoteConnectionFactory">
<connectors>
<connector-ref connector-name="netty"/>
</connectors>
<entries>
<entry name="RemoteConnectionFactory"/>
<entry name="java:jboss/exported/jms/RemoteConnectionFactory"/>
</entries>
<client-failure-check-period>60000</client-failure-check-period>
<connection-ttl>150000</connection-ttl>
<call-timeout>30000</call-timeout>
<consumer-window-size>1048576</consumer-window-size>
<consumer-max-rate>-1</consumer-max-rate>
<confirmation-window-size>-1</confirmation-window-size>
<producer-window-size>1048576</producer-window-size>
<producer-max-rate>-1</producer-max-rate>
<cache-large-message-client>false</cache-large-message-client>
<min-large-message-size>102400</min-large-message-size>
<dups-ok-batch-size>1048576</dups-ok-batch-size>
<transaction-batch-size>1048576</transaction-batch-size>
<block-on-acknowledge>false</block-on-acknowledge>
<block-on-non-durable-send>false</block-on-non-durable-send>
<block-on-durable-send>true</block-on-durable-send>
<pre-acknowledge>false</pre-acknowledge>
<retry-interval>2000</retry-interval>
<retry-interval-multiplier>1.0</retry-interval-multiplier>
<max-retry-interval>2000</max-retry-interval>
<reconnect-attempts>1</reconnect-attempts>
<connection-load-balancing-policy-class-name>org.hornetq.api.core.client.loadbalance.RoundRobinConnectionLoadBalancingPolicy</connection-load-balancing-policy-class-name>
<use-global-pools>true</use-global-pools>
<scheduled-thread-pool-max-size>5</scheduled-thread-pool-max-size>
<thread-pool-max-size>-1</thread-pool-max-size>
</connection-factory>
<connection-factory name="InVMConnectionFactory">
<connectors>
<connector-ref connector-name="in-vm"/>
</connectors>
<entries>
<entry name="java:/ConnectionFactory"/>
</entries>
<client-failure-check-period>60000</client-failure-check-period>
<connection-ttl>150000</connection-ttl>
<call-timeout>30000</call-timeout>
<consumer-window-size>1048576</consumer-window-size>
<consumer-max-rate>-1</consumer-max-rate>
<confirmation-window-size>-1</confirmation-window-size>
<producer-window-size>1048576</producer-window-size>
<producer-max-rate>-1</producer-max-rate>
<cache-large-message-client>false</cache-large-message-client>
<min-large-message-size>102400</min-large-message-size>
<dups-ok-batch-size>1048576</dups-ok-batch-size>
<transaction-batch-size>1048576</transaction-batch-size>
<block-on-acknowledge>false</block-on-acknowledge>
<block-on-non-durable-send>false</block-on-non-durable-send>
<block-on-durable-send>true</block-on-durable-send>
<pre-acknowledge>false</pre-acknowledge>
<retry-interval>2000</retry-interval>
<retry-interval-multiplier>1.0</retry-interval-multiplier>
<max-retry-interval>2000</max-retry-interval>
<reconnect-attempts>1</reconnect-attempts>
<connection-load-balancing-policy-class-name>org.hornetq.api.core.client.loadbalance.RoundRobinConnectionLoadBalancingPolicy</connection-load-balancing-policy-class-name>
<use-global-pools>true</use-global-pools>
<scheduled-thread-pool-max-size>5</scheduled-thread-pool-max-size>
<thread-pool-max-size>-1</thread-pool-max-size>
</connection-factory>
<pooled-connection-factory name="hornetq-ra">
<transaction mode="xa"/>
<connectors>
<connector-ref connector-name="in-vm"/>
</connectors>
<entries>
<entry name="java:/JmsXA"/>
</entries>
</pooled-connection-factory>
</jms-connection-factories>
<jms-destinations>
<jms-queue name="DLQ">
<entry name="/queue/DLQ"/>
</jms-queue>
<jms-queue name="ExpiryQueue">
<entry name="/queue/ExpiryQueue"/>
</jms-queue>
<jms-topic name="topic.dcfm.common">
<entry name="java:jboss/exported/topic/dcfm/Common"/>
<entry name="/topic/dcfm/Common"/>
</jms-topic>
</jms-destinations>
</hornetq-server>
</subsystem>
Here is the remote client code:
public class CommonTopicPublisher {
private MessageProducer producer;
private Session session;
private Connection connection;
public static final String NAMING_CONTEXT_FACTORY = "org.jboss.naming.remote.client.InitialContextFactory";
public CommonTopicPublisher() {
}
public static Properties getJmsEnvironment() {
Properties environment = new Properties();
// Configure the environment
//environment.setProperty(Context.URL_PKG_PREFIXES, URL_PKG_PREFIXES);
environment.setProperty(Context.PROVIDER_URL, "remote://10.24.49.148:4447");
environment.setProperty(Context.INITIAL_CONTEXT_FACTORY, NAMING_CONTEXT_FACTORY);
//environment.put("jboss.naming.client.ejb.context", true);
environment.put(Context.SECURITY_PRINCIPAL, "testuser");
environment.put(Context.SECURITY_CREDENTIALS, "passw0rd!");
environment.put("jboss.naming.client.remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED","true");
environment.put("jboss.naming.client.connect.options.org.xnio.Options.SSL_STARTTLS","true");
environment.put("jboss.naming.client.connect.options.org.xnio.Options.SSL_PROTOCOL","TLSv1.2");
environment.put("jboss.naming.client.connect.options.org.xnio.Options.SSL_JSSE_TRUST_MANAGER_CLASSES","com.dcm.common.http.ssl.NullX509TrustManager");
//environment.put("remote.connection.default.username", principal);
//environment.put("remote.connection.default.password", credentials);
return environment;
}
public void setup() throws NamingException, JMSException {
InitialContext context = new InitialContext(getJmsEnvironment());
ConnectionFactory connFactory = (ConnectionFactory) context.lookup("jms/RemoteConnectionFactory");
System.out.println("Got connection factory");
connection = connFactory.createConnection("testuser", "passw0rd!");
System.out.println("Created Connection");
session = connection.createSession(false, Session.AUTO_ACKNOWLEDGE);
System.out.println("Created session");
Destination dest = (Destination) context.lookup("topic/dcfm/Common");
System.out.println("Got common destination");
producer = session.createProducer(dest);
System.out.println("Created Producer");
}
public void sendMessage() throws JMSException {
TextMessage msg = session.createTextMessage("Hello There");
producer.send(msg);
System.out.println("Message sent");
}
public void cleanUp() throws JMSException, NamingException {
producer.close();
session.close();
connection.close();
}
public static void main(String[] args) {
CommonTopicPublisher publisher = null;
try {
System.out.println("Setting up common topic listener");
publisher = new CommonTopicPublisher();
publisher.foundationSetup();
System.out.println("Common topic publisher setup");
publisher.sendMessage();
} catch (Exception e) {
e.printStackTrace();
} finally {
if (publisher != null) {
try {
publisher.foundationCleanup();
} catch (JMSException | NamingException e) {
e.printStackTrace();
}
}
}
}
}
Everytime I execute this class I hit the exception as indicated earlier.
Am I doing anything wrong? Or is there still some bug in netty/hornetq?
I have also tried this by upgrading hornetq from 2.3.0 CR1 to 2.3.0Final but I see same exception.
