ssl - 通过 SSL ActiveMQ 连接 2 个代理

问题描述

我正在尝试创建一个由 2 个本地代理组成的 ActiveMQ 网络。我已经完成了如下配置。我对此很陌生，不确定我错过了什么。我向两个经纪人提供了相同的 ks 和 ts。

    <networkConnectors>
              <networkConnector name="LinktoInstance1"
                                uri="static:(ssl://localhost:61616)"
                                duplex="false"
                                networkTTL="2"
                                dynamicOnly="true"/>
    </networkConnectors>

     <transportConnectors>
                <transportConnector name="ssl" uri="ssl://0.0.0.0:61617?trace=true&amp;needClientAuth=true"/>
     </transportConnectors>

    <sslContext>
             <sslContext keyStore="file:${activemq.home}/SSL/broker.ks" keyStorePassword="##" trustStore="file:${activemq.home}/SSL/broker.ts" trustStorePassword="##"/>
     </sslContext>

启动时，我在两个经纪人上都收到以下错误。

 WARN | Could not start network bridge between: vm://instance1 and: ssl://localhost:61617 due to: Connection refused: connect
 INFO | Network Connector DiscoveryNetworkConnector:LinktoInstance2:BrokerService[instance1] started
 INFO | Apache ActiveMQ 5.16.2 (instance1, ID:XXXXX-8986975-0:1) started
 INFO | For help or more information please see: http://activemq.apache.org
 INFO | Establishing network connection from vm://instance1 to ssl://localhost:61617
 INFO | Connector vm://instance1 started
 INFO | Error with pending remote brokerInfo on: ssl://localhost/127.0.0.1:61617 (Connection has been shutdown: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: signature check failed)
 INFO | instance1 Shutting down LinktoInstance2
 WARN | Could not accept connection from tcp://127.0.0.1:60937: Received fatal alert: certificate_unknown (Received fatal alert: certificate_unknown)
 INFO | instance1 bridge to Unknown stopped
 INFO | Error with pending local brokerInfo on: vm://instance1#2 (peer (vm://instance1#3) stopped.)

标签： sslactivemqbroker