activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Gerdes, Mike" <Mike.Ger...@airbus.com>
Subject AW: AW: Cannot get SSL working
Date Tue, 20 Jun 2006 08:56:48 GMT

oh about your error, there comes something to my mind, what I had posted some time earlier.
The exception that you describe happened for me also. From what I know is that it is triggered
by connection.close(). You can easily ignore the problem and it should be fixed with the current
snapshot, at least I don't get it anymore. There have been a small waiting time added, that
gives the broker time to close things.
>From your log it is visible that SSL works and messages get send. So nothing to worry
there.

look here http://www.activemq.org/site/connection-configuration-uri.html for more information,
there is a closetimeout option that targets this problem, I think so, but I am not sure.

I hope this helps you. My solution has been just to comment the connection.close() out.

-----Urspr√ľngliche Nachricht-----
Von: bbernard [mailto:bbernardinus@yahoo.com]
Gesendet: Dienstag, 20. Juni 2006 10:43
An: activemq-users@geronimo.apache.org
Betreff: Re: AW: Cannot get SSL working




Hi Mike thanks for your advice, I do appreciate it.

I still get the exception despite following your advice :( though.

My broker seem to be running OK, but when I tried to connect to it by
running the example consumer

        ant consumer

and turned on the debug using : -Djavax.net.debug=ssl , I get the following:

Why am I seeing :

        [java] ActiveMQ Transport: tcp://localhost/127.0.0.1:61616, READ:
TLSv1 Application Data, length = 31

??? even when the log showed:

       [echo] Running consumer against server at $url =
ssl://localhost:61616?trace=false for subject $subject = TEST.FOO
     [java] Connecting to URL: ssl://localhost:61616?trace=false


producer was intentionally not run, since it would produce exception
messages interwoven in the log file, making it difficult to read.

========================================
C:\workexplore\incubator-activemq-4.0\example>ant consumer
Buildfile: build.xml

init:

compile:

consumer:
     [echo] Running consumer against server at $url =
ssl://localhost:61616?trac
e=false for subject $subject = TEST.FOO
     [java] Connecting to URL: ssl://localhost:61616?trace=false
     [java] Consuming queue: TEST.FOO
     [java] Using non-durable subscription
     [java] setting up default SSLSocketFactory
     [java] use default SunJSSE impl class:
com.sun.net.ssl.internal.ssl.SSLSock
etFactoryImpl
     [java] class com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl is
loaded
     [java] keyStore is : client.ks
     [java] keyStore type is : jks
     [java] keyStore provider is :
     [java] init keystore
     [java] init keymanager of type SunX509
     [java] ***
     [java] found key for : client
     [java] chain [0] = [
     [java] [
     [java]   Version: V1
     [java]   Subject: CN=First Client, OU=Client Tester, O=Client Inc,
L=Jakart
a, ST=DKI, C=ID
     [java]   Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4

     [java]   Key:  Sun RSA public key, 1024 bits
     [java]   modulus:
119589301225386807627431402133382383630271858564536137370
00517587477567158215784287561194260461757480695662368476918510674442825231304591
56026187774403862385470654226997308858263004667771629436261767892164848229280226
50466964980145869164251071677228384689987346876919113230453852027544661259358161
212691419233
     [java]   public exponent: 65537
     [java]   Validity: [From: Tue Jun 20 11:02:10 GMT+08:00 2006,
     [java]                To: Mon Sep 18 11:02:10 GMT+08:00 2006]
     [java]   Issuer: CN=First Client, OU=Client Tester, O=Client Inc,
L=Jakarta
, ST=DKI, C=ID
     [java]   SerialNumber: [    44976532]

     [java] ]
     [java]   Algorithm: [MD5withRSA]
     [java]   Signature:
     [java] 0000: 73 7B E7 55 2D 57 F1 D6   E5 7F 52 03 82 A0 9B 6D
s..U-W....R
....m
     [java] 0010: FB 8F FB 94 1F 2D DA 68   99 18 B3 E7 7D BD FE 5D
.....-.h...
....]
     [java] 0020: 6E 1B 1E 8C 4F 3E 12 98   21 B7 B1 B7 2E 27 5F EB
n...O>..!..
..'_.
     [java] 0030: D0 B4 56 1D 36 03 2D 15   A7 B4 84 42 CC D2 6D F9
..V.6.-....
B..m.
     [java] 0040: 60 3D 5E 9F 87 83 28 6C   31 A3 EC A6 DF C3 0D 5F
`=^...(l1..
...._
     [java] 0050: 3A 36 B4 48 E4 86 F7 8D   C4 7F 17 55 D4 83 40 2C
:6.H.......
U..@,
     [java] 0060: 6F A5 CF 84 BD 7F 5E 4F   B2 99 E6 3E 90 11 0D 6A
o.....^O...
>...j
     [java] 0070: 04 AB 74 3B 08 05 12 3F   54 2A 10 40 32 10 1E B6
..t;...?T*.
@2...

     [java] ]
     [java] ***
     [java] trustStore is: client.ts
     [java] trustStore type is : jks
     [java] trustStore provider is :
     [java] init truststore
     [java] adding as trusted cert:
     [java]   Subject: CN=First and Last, OU=First Developer, O=Omega Dev,
L=Jak
arta, ST=DKI, C=ID
     [java]   Issuer:  CN=First and Last, OU=First Developer, O=Omega Dev,
L=Jak
arta, ST=DKI, C=ID
     [java]   Algorithm: RSA; Serial number: 0x44975dc5
     [java]   Valid from Tue Jun 20 10:30:29 GMT+08:00 2006 until Mon Sep 18
10:
30:29 GMT+08:00 2006

     [java] init context
     [java] trigger seeding of SecureRandom
     [java] done seeding SecureRandom
     [java] instantiated an instance of class
com.sun.net.ssl.internal.ssl.SSLSo
cketFactoryImpl
     [java] main, setSoTimeout(0) called
     [java] %% No cached client session
     [java] *** ClientHello, TLSv1
     [java] RandomCookie:  GMT: 1133949055 bytes = { 165, 149, 219, 221,
161, 43
, 98, 66, 41, 97, 22, 191, 181, 163, 200, 117, 11, 250, 187, 168, 115, 160,
75,
241, 186, 169, 102, 65 }
     [java] Session ID:  {}
     [java] Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5,
SSL_RSA_WITH_RC4_128_SHA,
TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA,
TLS_DHE_RSA_WITH_AES
_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
TLS_DHE_DSS_WITH_AES_128_CBC_SHA
, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA,
SSL_DHE_RSA_W
ITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,
SSL_RSA_WITH_DES_CBC_SH
A, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA,
SSL_RSA_EXPORT_WI
TH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA,
SSL_DHE_RSA_EXPORT_WITH_DES40_
CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA]
     [java] Compression Methods:  { 0 }
     [java] ***
     [java] main, WRITE: TLSv1 Handshake, length = 79
     [java] main, WRITE: SSLv2 client hello message, length = 107
     [java] main, READ: TLSv1 Handshake, length = 694
     [java] *** ServerHello, TLSv1
     [java] RandomCookie:  GMT: 1133949055 bytes = { 10, 142, 116, 63, 49,
104,
149, 140, 231, 100, 61, 9, 205, 220, 129, 230, 244, 199, 231, 133, 77, 235,
168,
 190, 26, 201, 6, 2 }
     [java] Session ID:  {68, 151, 176, 127, 196, 93, 175, 115, 54, 125,
252, 48
, 82, 215, 176, 188, 31, 164, 49, 151, 186, 179, 237, 211, 221, 171, 224,
239, 2
44, 255, 192, 232}
     [java] Cipher Suite: SSL_RSA_WITH_RC4_128_MD5
     [java] Compression Method: 0
     [java] ***
     [java] %% Created:  [Session-1, SSL_RSA_WITH_RC4_128_MD5]
     [java] ** SSL_RSA_WITH_RC4_128_MD5
     [java] *** Certificate chain
     [java] chain [0] = [
     [java] [
     [java]   Version: V1
     [java]   Subject: CN=First and Last, OU=First Developer, O=Omega Dev,
L=Jak
arta, ST=DKI, C=ID
     [java]   Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4

     [java]   Key:  Sun RSA public key, 1024 bits
     [java]   modulus:
110917226862599413880639439336556630329964387633740484530
69857743023705648464847751999032236427414109378854791327719794690061829072185523
43971004472027235961673123393600260276279490403385907171310096728591840644766932
62160955095067449495224082644385415358685026699494650521466923564170374011679129
388104837461
     [java]   public exponent: 65537
     [java]   Validity: [From: Tue Jun 20 10:30:29 GMT+08:00 2006,
     [java]                To: Mon Sep 18 10:30:29 GMT+08:00 2006]
     [java]   Issuer: CN=First and Last, OU=First Developer, O=Omega Dev,
L=Jaka
rta, ST=DKI, C=ID
     [java]   SerialNumber: [    44975dc5]

     [java] ]
     [java]   Algorithm: [MD5withRSA]
     [java]   Signature:
     [java] 0000: 9A 66 23 B5 A6 EF 2A 53   D1 E8 5F EA 49 73 99 E6
.f#...*S.._
.Is..
     [java] 0010: 02 8F 0F 02 D4 2D F2 37   4B 2F 47 97 6D 14 8F 41
.....-.7K/G
.m..A
     [java] 0020: A3 1E A9 D6 84 F5 F2 DB   7B E9 D3 17 C8 08 BB 38
...........
....8
     [java] 0030: 05 B3 68 4D CA 6F CD BE   E8 7F E0 C9 ED 2B A5 04
..hM.o.....
..+..
     [java] 0040: D4 8B 6E 21 2D 71 AB E2   FC 71 6D C3 66 4A 11 B1
..n!-q...qm
.fJ..
     [java] 0050: A9 B2 63 B7 45 3C D5 6F   46 FD B4 44 17 00 67 0F
..c.E<.oF..
D..g.
     [java] 0060: 93 AD AC EB E7 1A C3 C9   8D ED 8B 61 1B 1E 44 50
...........
a..DP
     [java] 0070: 31 00 37 9B 4F 21 4B 0D   76 25 E0 D9 70 35 EC 55
1.7.O!K.v%.
.p5.U

     [java] ]
     [java] ***
     [java] Found trusted certificate:
     [java] [
     [java] [
     [java]   Version: V1
     [java]   Subject: CN=First and Last, OU=First Developer, O=Omega Dev,
L=Jak
arta, ST=DKI, C=ID
     [java]   Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4

     [java]   Key:  Sun RSA public key, 1024 bits
     [java]   modulus:
110917226862599413880639439336556630329964387633740484530
69857743023705648464847751999032236427414109378854791327719794690061829072185523
43971004472027235961673123393600260276279490403385907171310096728591840644766932
62160955095067449495224082644385415358685026699494650521466923564170374011679129
388104837461
     [java]   public exponent: 65537
     [java]   Validity: [From: Tue Jun 20 10:30:29 GMT+08:00 2006,
     [java]                To: Mon Sep 18 10:30:29 GMT+08:00 2006]
     [java]   Issuer: CN=First and Last, OU=First Developer, O=Omega Dev,
L=Jaka
rta, ST=DKI, C=ID
     [java]   SerialNumber: [    44975dc5]

     [java] ]
     [java]   Algorithm: [MD5withRSA]
     [java]   Signature:
     [java] 0000: 9A 66 23 B5 A6 EF 2A 53   D1 E8 5F EA 49 73 99 E6
.f#...*S.._
.Is..
     [java] 0010: 02 8F 0F 02 D4 2D F2 37   4B 2F 47 97 6D 14 8F 41
.....-.7K/G
.m..A
     [java] 0020: A3 1E A9 D6 84 F5 F2 DB   7B E9 D3 17 C8 08 BB 38
...........
....8
     [java] 0030: 05 B3 68 4D CA 6F CD BE   E8 7F E0 C9 ED 2B A5 04
..hM.o.....
..+..
     [java] 0040: D4 8B 6E 21 2D 71 AB E2   FC 71 6D C3 66 4A 11 B1
..n!-q...qm
.fJ..
     [java] 0050: A9 B2 63 B7 45 3C D5 6F   46 FD B4 44 17 00 67 0F
..c.E<.oF..
D..g.
     [java] 0060: 93 AD AC EB E7 1A C3 C9   8D ED 8B 61 1B 1E 44 50
...........
a..DP
     [java] 0070: 31 00 37 9B 4F 21 4B 0D   76 25 E0 D9 70 35 EC 55
1.7.O!K.v%.
.p5.U

     [java] ]
     [java] *** ServerHelloDone
     [java] *** ClientKeyExchange, RSA PreMasterSecret, TLSv1
     [java] Random Secret:  { 3, 1, 239, 153, 13, 210, 95, 112, 128, 30,
179, 35
, 235, 83, 14, 106, 149, 203, 141, 52, 94, 217, 135, 28, 173, 154, 141, 217,
164
, 225, 73, 67, 188, 39, 62, 250, 102, 19, 85, 69, 135, 247, 147, 57, 221,
92, 97
, 3 }
     [java] main, WRITE: TLSv1 Handshake, length = 134
     [java] SESSION KEYGEN:
     [java] PreMaster Secret:
     [java] 0000: 03 01 EF 99 0D D2 5F 70   80 1E B3 23 EB 53 0E 6A
......_p...
#.S.j
     [java] 0010: 95 CB 8D 34 5E D9 87 1C   AD 9A 8D D9 A4 E1 49 43
...4^......
...IC
     [java] 0020: BC 27 3E FA 66 13 55 45   87 F7 93 39 DD 5C 61 03
.'>.f.UE...
9.\a.
     [java] CONNECTION KEYGEN:
     [java] Client Nonce:
     [java] 0000: 44 97 B0 7F A5 95 DB DD   A1 2B 62 42 29 61 16 BF
D........+b
B)a..
     [java] 0010: B5 A3 C8 75 0B FA BB A8   73 A0 4B F1 BA A9 66 41
...u....s.K
...fA
     [java] Server Nonce:
     [java] 0000: 44 97 B0 7F 0A 8E 74 3F   31 68 95 8C E7 64 3D 09
D.....t?1h.
..d=.
     [java] 0010: CD DC 81 E6 F4 C7 E7 85   4D EB A8 BE 1A C9 06 02
........M..
.....
     [java] Master Secret:
     [java] 0000: 9F EE DF E0 97 FF 86 F5   1F FE 70 35 B9 46 D7 C8
..........p
5.F..
     [java] 0010: CB EA EB 11 1B 5A D9 49   EF FA 6A E6 DC D8 F9 5F
.....Z.I..j
...._
     [java] 0020: 5E 2D C5 80 30 92 39 EF   69 63 52 54 B1 4F B8 C9
^-..0.9.icR
T.O..
     [java] Client MAC write Secret:
     [java] 0000: 47 44 97 C7 02 7E C8 19   BC DC B1 39 79 47 23 A9
GD.........
9yG#.
     [java] Server MAC write Secret:
     [java] 0000: 39 14 D2 E7 47 B7 28 6A   00 A3 D5 AC 27 F8 FC 34
9...G.(j...
.'..4
     [java] Client write key:
     [java] 0000: 5B 41 AE 33 43 F6 90 C0   A9 74 06 88 17 F6 56 E2
[A.3C....t.
...V.
     [java] Server write key:
     [java] 0000: A6 40 A6 6A 7D 53 25 3E   15 EF 9E E4 91 38 84 7B
.@.j.S%>...
..8..
     [java] ... no IV for cipher
     [java] main, WRITE: TLSv1 Change Cipher Spec, length = 1
     [java] *** Finished
     [java] verify_data:  { 182, 76, 142, 63, 219, 102, 252, 51, 58, 40,
185, 4
}
     [java] ***
     [java] main, WRITE: TLSv1 Handshake, length = 32
     [java] main, READ: TLSv1 Change Cipher Spec, length = 1
     [java] main, READ: TLSv1 Handshake, length = 32
     [java] *** Finished
     [java] verify_data:  { 162, 128, 50, 122, 51, 133, 107, 129, 223, 64,
138,
15 }
     [java] ***
     [java] %% Cached client session: [Session-1, SSL_RSA_WITH_RC4_128_MD5]
     [java] main, WRITE: TLSv1 Application Data, length = 178
     [java] ActiveMQ Transport: tcp://localhost/127.0.0.1:61616, READ: TLSv1
App
lication Data, length = 178
     [java] ActiveMQ Transport: tcp://localhost/127.0.0.1:61616, READ: TLSv1
App
lication Data, length = 114
     [java] main, WRITE: TLSv1 Application Data, length = 103
     [java] ActiveMQ Transport: tcp://localhost/127.0.0.1:61616, READ: TLSv1
App
lication Data, length = 31
     [java] main, WRITE: TLSv1 Application Data, length = 164
     [java] ActiveMQ Transport: tcp://localhost/127.0.0.1:61616, READ: TLSv1
App
lication Data, length = 31
     [java] main, WRITE: TLSv1 Application Data, length = 68
     [java] main, WRITE: TLSv1 Application Data, length = 95
     [java] ActiveMQ Transport: tcp://localhost/127.0.0.1:61616, READ: TLSv1
App
lication Data, length = 31
     [java] We are about to wait until we consume: 10 message(s) then we
will sh
utdown
     [java] ActiveMQ Scheduler, WRITE: TLSv1 Application Data, length = 27
     [java] ActiveMQ Transport: tcp://localhost/127.0.0.1:61616, READ: TLSv1
App
lication Data, length = 27
     [java] ActiveMQ Scheduler, WRITE: TLSv1 Application Data, length = 27
     [java] ActiveMQ Transport: tcp://localhost/127.0.0.1:61616, READ: TLSv1
App
lication Data, length = 27
     [java] ActiveMQ Scheduler, WRITE: TLSv1 Application Data, length = 27
     [java] ActiveMQ Transport: tcp://localhost/127.0.0.1:61616, READ: TLSv1
App
lication Data, length = 27
     [java] ActiveMQ Scheduler, WRITE: TLSv1 Application Data, length = 27
     [java] ActiveMQ Transport: tcp://localhost/127.0.0.1:61616, READ: TLSv1
App
lication Data, length = 27
Terminate batch job (Y/N)? y

C:\workexplore\incubator-activemq-4.0\example>

========================================
--
View this message in context: http://www.nabble.com/Cannot-get-SSL-working-t1689166.html#a4951410
Sent from the ActiveMQ - User forum at Nabble.com.



This mail has originated outside your organization,
either from an external partner or the Global Internet.
Keep this in mind if you answer this message.

This mail has originated outside your organization, either from an external partner or the
Global Internet. Keep this in mind if you answer this message.

Mime
View raw message