cannot find ip of broker attempting ssl connection with certificate_unknown
dgdavis00 Sep 19, 2010 11:24 AMI am getting a repeating error every few minutes and I cannot find the
ip address of the remote broker attempting to connect to the broker with this error. there is not enough information in the 2 logs to help me. Where else can I look? I will check with my network team to see if they can see what ip's are coming into the port on the server. Any other suggestions?
activemq.log
"Could not accept connection : javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown | org.apache.activemq.broker.TransportConnector | ActiveMQ Task"
AMQ-BRK.EVENT.LOG
ERROR | Could not accept connection : javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown
I am using AMQ version 5.3.1-00-00 on Linux.
Is there a switch I can set to get more detail information. I have set the log4j to DEBUG, but I have nothing in the logs to help with what server is attempting to connect.
I have 33 valid connections on my 61620 SSL enable port, but I cannot figure out what server is attempting connection with the unknown cert.
netstat -an |grep 61620
tcp 0 0 ::ffff:172.20.70.114:61620 :::* LISTEN
tcp 0 0 ::ffff:172.20.70.114:61620 ::ffff:10.4.28.45:59621 ESTABLISHED
tcp 0 0 ::ffff:172.20.70.114:61620 ::ffff:10.2.16.45:45282 ESTABLISHED
tcp 0 0 ::ffff:172.20.70.114:61620 ::ffff:10.1.148.45:58727 ESTABLISHED
tcp 0 0 ::ffff:172.20.70.114:61620 ::ffff:10.3.120.45:60569 ESTABLISHED
tcp 0 0 ::ffff:172.20.70.114:61620 ::ffff:10.4.80.45:60039 ESTABLISHED
tcp 0 0 ::ffff:172.20.70.114:61620 ::ffff:10.3.160.45:49007 ESTABLISHED
tcp 0 0 ::ffff:172.20.70.114:61620 ::ffff:10.3.200.45:37383 ESTABLISHED
tcp 0 0 ::ffff:172.20.70.114:61620 ::ffff:10.1.164.45:48480 ESTABLISHED
tcp 0 0 ::ffff:172.20.70.114:61620 ::ffff:10.1.212.45:39442 ESTABLISHED
tcp 0 0 ::ffff:172.20.70.114:61620 ::ffff:10.3.184.45:41080 ESTABLISHED
tcp 0 0 ::ffff:172.20.70.114:61620 ::ffff:10.4.104.45:34512 ESTABLISHED
tcp 0 0 ::ffff:172.20.70.114:61620 ::ffff:10.1.52.45:42124 ESTABLISHED
tcp 0 0 ::ffff:172.20.70.114:61620 ::ffff:10.4.36.45:53139 ESTABLISHED
tcp 0 0 ::ffff:172.20.70.114:61620 ::ffff:10.4.72.45:55265 ESTABLISHED
tcp 0 0 ::ffff:172.20.70.114:61620 ::ffff:10.1.68.45:57322 ESTABLISHED
tcp 0 0 ::ffff:172.20.70.114:61620 ::ffff:10.1.200.45:37735 ESTABLISHED
tcp 0 0 ::ffff:172.20.70.114:61620 ::ffff:10.4.40.45:52870 ESTABLISHED
tcp 0 0 ::ffff:172.20.70.114:61620 ::ffff:10.2.240.45:37717 ESTABLISHED
tcp 0 0 ::ffff:172.20.70.114:61620 ::ffff:10.1.144.45:54791 ESTABLISHED
tcp 0 0 ::ffff:172.20.70.114:61620 ::ffff:10.2.64.45:53457 ESTABLISHED
tcp 0 0 ::ffff:172.20.70.114:61620 ::ffff:10.4.108.45:38127 ESTABLISHED
tcp 0 0 ::ffff:172.20.70.114:61620 ::ffff:10.2.20.45:35937 ESTABLISHED
tcp 0 0 ::ffff:172.20.70.114:61620 ::ffff:10.2.224.45:56720 ESTABLISHED
tcp 0 0 ::ffff:172.20.70.114:61620 ::ffff:10.1.192.45:52651 ESTABLISHED
tcp 0 0 ::ffff:172.20.70.114:61620 ::ffff:10.3.192.45:59811 ESTABLISHED
tcp 0 0 ::ffff:172.20.70.114:61620 ::ffff:10.3.128.45:35809 ESTABLISHED
tcp 0 0 ::ffff:172.20.70.114:61620 ::ffff:10.4.32.45:53009 ESTABLISHED
tcp 0 0 ::ffff:172.20.70.114:61620 ::ffff:10.1.56.45:54052 ESTABLISHED
tcp 0 0 ::ffff:172.20.70.114:61620 ::ffff:10.2.32.45:47935 ESTABLISHED
tcp 0 0 ::ffff:172.20.70.114:61620 ::ffff:10.4.44.45:46900 ESTABLISHED
tcp 0 0 ::ffff:172.20.70.114:61620 ::ffff:10.2.232.45:45799 ESTABLISHED
tcp 0 0 ::ffff:172.20.70.114:61620 ::ffff:10.4.60.45:47931 ESTABLISHED
tcp 0 0 ::ffff:172.20.70.114:61620 ::ffff:10.1.176.45:56755 ESTABLISHED
$
Please let me know if you need additional detail.
THANKS for you help,
Dorothea