java - 使用 java spring-boot 通过 SSL 连接到 RabbitMQ 实例时出错
问题描述
我在将 spring-boog 中的 java 应用程序连接到托管我的 RabbitMQ 的 AWS 中的 UAT 服务器时遇到问题。我前面有一个负载均衡器,然后它将我的请求重定向到其中一个 RMQ 实例。
我使用 SSL 连接到 RabbitMQ 并生成了一个 .p12 (PKCS12) 证书文件。
这是 spring-boot java app 的属性文件:
spring.rabbitmq.host=rmq-lb.uat.mycompany.com
spring.rabbitmq.port=5671
spring.rabbitmq.username=live_prices
spring.rabbitmq.password=aaaa
spring.rabbitmq.virtualHost=my_virtualhost
spring.rabbitmq.ssl.enabled=true
spring.rabbitmq.ssl.algorithm=TLSv1.2
spring.rabbitmq.ssl.key-store=classpath:/rmq_wr.uat.p12
spring.rabbitmq.ssl.key-store-password=bbbb
...
如果我使用 .NET 应用程序,则无需执行任何其他步骤,并且可以使用此单个 .p12 文件连接到 RMQ 实例。此外,如果我尝试通过 docker 容器在本地连接到 RMQ 实例,它也可以正常工作。
下面是我的 Spring 配置类:
@Configuration
public class RabbitMQConfig {
@Value("${mycompany.rabbitmq.queue}")
String queueName;
@Value("${mycompany.rabbitmq.exchange}")
String exchange;
@Value("${mycompany.rabbitmq.routingkey}")
private String routingkey;
@Bean
Queue queue() {
return new Queue(queueName, true);
}
@Bean
TopicExchange exchange() {
return new TopicExchange (exchange);
}
@Bean
Binding binding(Queue queue, TopicExchange exchange) {
return BindingBuilder.bind(queue).to(exchange).with(routingkey);
}
@Bean
public MessageConverter jsonMessageConverter() {
return new Jackson2JsonMessageConverter();
}
public AmqpTemplate rabbitTemplate(ConnectionFactory connectionFactory) {
final RabbitTemplate rabbitTemplate = new RabbitTemplate(connectionFactory);
rabbitTemplate.setMessageConverter(jsonMessageConverter());
return rabbitTemplate;
}
}
这是我在调试应用程序时遇到的错误:
2021-06-10 09:38:19.914 INFO 20056 --- [ restartedMain] o.s.a.r.c.CachingConnectionFactory : Attempting to connect to: [rmq-lb.uat.mycompany.com:5671]
2021-06-10 09:38:20.145 ERROR 20056 --- [ restartedMain] c.r.client.impl.SocketFrameHandler : TLS connection failed: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
2021-06-10 09:38:20.149 INFO 20056 --- [ restartedMain] ConditionEvaluationReportLoggingListener :
Error starting ApplicationContext. To display the conditions report re-run your application with 'debug' enabled.
2021-06-10 09:38:20.176 ERROR 20056 --- [ restartedMain] o.s.boot.SpringApplication : Application run failed
java.lang.IllegalStateException: Failed to execute CommandLineRunner
at org.springframework.boot.SpringApplication.callRunner(SpringApplication.java:822) ~[spring-boot-2.4.5.jar:2.4.5]
at org.springframework.boot.SpringApplication.callRunners(SpringApplication.java:803) ~[spring-boot-2.4.5.jar:2.4.5]
at org.springframework.boot.SpringApplication.run(SpringApplication.java:346) ~[spring-boot-2.4.5.jar:2.4.5]
at org.springframework.boot.SpringApplication.run(SpringApplication.java:1340) ~[spring-boot-2.4.5.jar:2.4.5]
at org.springframework.boot.SpringApplication.run(SpringApplication.java:1329) ~[spring-boot-2.4.5.jar:2.4.5]
at com.mycompany.rmqconnector.RMQConnectorApp.main(RMQConnectorApp.java:119) ~[classes/:na]
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:na]
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:na]
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:na]
at java.base/java.lang.reflect.Method.invoke(Method.java:566) ~[na:na]
at org.springframework.boot.devtools.restart.RestartLauncher.run(RestartLauncher.java:49) ~[spring-boot-devtools-2.4.5.jar:2.4.5]
Caused by: org.springframework.amqp.AmqpIOException: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at org.springframework.amqp.rabbit.support.RabbitExceptionTranslator.convertRabbitAccessException(RabbitExceptionTranslator.java:70) ~[spring-rabbit-2.3.6.jar:2.3.6]
at org.springframework.amqp.rabbit.connection.AbstractConnectionFactory.createBareConnection(AbstractConnectionFactory.java:602) ~[spring-rabbit-2.3.6.jar:2.3.6]
at org.springframework.amqp.rabbit.connection.CachingConnectionFactory.createConnection(CachingConnectionFactory.java:724) ~[spring-rabbit-2.3.6.jar:2.3.6]
at org.springframework.amqp.rabbit.connection.ConnectionFactoryUtils.createConnection(ConnectionFactoryUtils.java:216) ~[spring-rabbit-2.3.6.jar:2.3.6]
at org.springframework.amqp.rabbit.core.RabbitTemplate.doExecute(RabbitTemplate.java:2132) ~[spring-rabbit-2.3.6.jar:2.3.6]
at org.springframework.amqp.rabbit.core.RabbitTemplate.execute(RabbitTemplate.java:2105) ~[spring-rabbit-2.3.6.jar:2.3.6]
at org.springframework.amqp.rabbit.core.RabbitTemplate.send(RabbitTemplate.java:1049) ~[spring-rabbit-2.3.6.jar:2.3.6]
at org.springframework.amqp.rabbit.core.RabbitTemplate.convertAndSend(RabbitTemplate.java:1114) ~[spring-rabbit-2.3.6.jar:2.3.6]
at org.springframework.amqp.rabbit.core.RabbitTemplate.convertAndSend(RabbitTemplate.java:1107) ~[spring-rabbit-2.3.6.jar:2.3.6]
at com.mycompany.rmq.RabbitMQSender.send(RabbitMQSender.java:26) ~[classes/:na]
at com.mycompany.rmqconnector.RMQConnectorApp.givenUsingTimer_whenSchedulingTaskOnce_thenCorrect(RMQConnectorApp.java:99) ~[classes/:na]
at com.mycompany.rmqconnector.RMQConnectorApp.lambda$0(RMQConnectorApp.java:60) ~[classes/:na]
at org.springframework.boot.SpringApplication.callRunner(SpringApplication.java:819) ~[spring-boot-2.4.5.jar:2.4.5]
... 10 common frames omitted
Caused by: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131) ~[na:na]
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:326) ~[na:na]
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:269) ~[na:na]
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:264) ~[na:na]
at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.checkServerCerts(CertificateMessage.java:645) ~[na:na]
at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.onCertificate(CertificateMessage.java:464) ~[na:na]
at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.consume(CertificateMessage.java:360) ~[na:na]
at java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:392) ~[na:na]
at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:444) ~[na:na]
at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:422) ~[na:na]
at java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:183) ~[na:na]
at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:171) ~[na:na]
at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1403) ~[na:na]
at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1309) ~[na:na]
at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:440) ~[na:na]
at java.base/sun.security.ssl.SSLSocketImpl.ensureNegotiated(SSLSocketImpl.java:814) ~[na:na]
at java.base/sun.security.ssl.SSLSocketImpl$AppOutputStream.write(SSLSocketImpl.java:1184) ~[na:na]
at java.base/java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:81) ~[na:na]
at java.base/java.io.BufferedOutputStream.flush(BufferedOutputStream.java:142) ~[na:na]
at java.base/java.io.DataOutputStream.flush(DataOutputStream.java:123) ~[na:na]
at com.rabbitmq.client.impl.SocketFrameHandler.sendHeader(SocketFrameHandler.java:160) ~[amqp-client-5.10.0.jar:5.10.0]
at com.rabbitmq.client.impl.SocketFrameHandler.sendHeader(SocketFrameHandler.java:170) ~[amqp-client-5.10.0.jar:5.10.0]
at com.rabbitmq.client.impl.AMQConnection.start(AMQConnection.java:314) ~[amqp-client-5.10.0.jar:5.10.0]
at com.rabbitmq.client.ConnectionFactory.newConnection(ConnectionFactory.java:1139) ~[amqp-client-5.10.0.jar:5.10.0]
at com.rabbitmq.client.ConnectionFactory.newConnection(ConnectionFactory.java:1087) ~[amqp-client-5.10.0.jar:5.10.0]
at org.springframework.amqp.rabbit.connection.AbstractConnectionFactory.connectAddresses(AbstractConnectionFactory.java:638) ~[spring-rabbit-2.3.6.jar:2.3.6]
at org.springframework.amqp.rabbit.connection.AbstractConnectionFactory.connect(AbstractConnectionFactory.java:613) ~[spring-rabbit-2.3.6.jar:2.3.6]
at org.springframework.amqp.rabbit.connection.AbstractConnectionFactory.createBareConnection(AbstractConnectionFactory.java:565) ~[spring-rabbit-2.3.6.jar:2.3.6]
... 21 common frames omitted
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at java.base/sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:439) ~[na:na]
at java.base/sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:306) ~[na:na]
at java.base/sun.security.validator.Validator.validate(Validator.java:264) ~[na:na]
at java.base/sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:313) ~[na:na]
at java.base/sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:222) ~[na:na]
at java.base/sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:129) ~[na:na]
at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.checkServerCerts(CertificateMessage.java:629) ~[na:na]
... 44 common frames omitted
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at java.base/sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141) ~[na:na]
at java.base/sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126) ~[na:na]
at java.base/java.security.cert.CertPathBuilder.build(CertPathBuilder.java:297) ~[na:na]
at java.base/sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:434) ~[na:na]
... 50 common frames omitted
有任何想法吗 ?非常感谢 !
编辑 1
我设法使它在一个简单的 Java 应用程序中使用 Maven 和简单的 RabbitMQ 客户端库。
这是代码:
char[] keyPassphrase = "bbbb".toCharArray();
KeyStore ks = KeyStore.getInstance("PKCS12");
ks.load(this.getClass().getClassLoader().getResourceAsStream("rmq_wr.uat.p12"), keyPassphrase);
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
kmf.init(ks, keyPassphrase);
TrustManager[] trustAllCerts = new TrustManager[]{
new X509ExtendedTrustManager() {
@Override
public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; }
@Override
public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) {}
@Override
public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) {}
@Override
public void checkClientTrusted(java.security.cert.X509Certificate[] xcs, String string, Socket socket) throws CertificateException {}
@Override
public void checkServerTrusted(java.security.cert.X509Certificate[] xcs, String string, Socket socket) throws CertificateException {}
@Override
public void checkClientTrusted(java.security.cert.X509Certificate[] xcs, String string, SSLEngine ssle) throws CertificateException {}
@Override
public void checkServerTrusted(java.security.cert.X509Certificate[] xcs, String string, SSLEngine ssle) throws CertificateException {}
}
};
SSLContext c = SSLContext.getInstance("TLSv1.2");
c.init(kmf.getKeyManagers(), trustAllCerts, null);
ConnectionFactory factory = new ConnectionFactory();
factory.setHost(rmqHost);
factory.setPort(rmqPort);
factory.setUsername(rmqUsername);
factory.setPassword(rmqPassword);
factory.setVirtualHost(vhost);
factory.useSslProtocol(c);
//factory.enableHostnameVerification();
conn = factory.newConnection();
channel = conn.createChannel();
channel.basicPublish("my_exchange", "test", null, "Hello, World".getBytes());
我相信它与 application.properties 中的 TrustStore 选项有关
...
spring.rabbitmq.ssl.trust-store=file:/C:/Users/User/Desktop/rmqconnector/src/main/resources/cacerts
spring.rabbitmq.ssl.trust-store-password=changeit
spring.rabbitmq.ssl.trust-store-type=JKS
...
在我尝试的代码中:
@Bean
public CachingConnectionFactory rabbitConnectionFactory(RabbitProperties config) throws Exception {
ClassPathResource keyStorePath = new ClassPathResource("rmq_wr.uat.p12");
ClassPathResource trustStorePath = new ClassPathResource("rmquat.jks");
RabbitConnectionFactoryBean factory = new RabbitConnectionFactoryBean();
if (config.determineHost() != null) {
factory.setHost(config.determineHost());
}
factory.setPort(config.determinePort());
if (config.determineUsername() != null) {
factory.setUsername(config.determineUsername());
}
if (config.determinePassword() != null) {
factory.setPassword(config.determinePassword());
}
if (config.determineVirtualHost() != null) {
factory.setVirtualHost(config.determineVirtualHost());
}
// read ssl properties from applicaiton.properties
RabbitProperties.Ssl ssl = config.getSsl();
if (ssl.getEnabled()) {
factory.setUseSSL(true);
if (ssl.getAlgorithm() != null) {
factory.setSslAlgorithm(ssl.getAlgorithm());
}
//System.out.println("keystore = " + ssl.getKeyStore());
// factory.set
factory.setKeyStore(keyStorePath.getPath());
factory.setKeyStoreType(ssl.getKeyStoreType());
factory.setKeyStorePassphrase(ssl.getKeyStorePassword());
factory.setTrustStore(ssl.getTrustStore());
//factory.setTrustStore(trustStorePath.getPath());
factory.setTrustStorePassphrase("changeit");
factory.setTrustStoreType("JKS");
//factory.setSkipServerCertificateValidation(true);
}
factory.afterPropertiesSet();
CachingConnectionFactory connectionFactory = new CachingConnectionFactory(factory.getObject());
connectionFactory.setAddresses(config.determineAddresses());
//connectionFactory.setPublisherConfirms(config.isPublisherConfirms());
connectionFactory.setPublisherReturns(config.isPublisherReturns());
if (config.getCache().getChannel().getSize() != null) {
connectionFactory.setChannelCacheSize(config.getCache().getChannel().getSize());
}
if (config.getCache().getConnection().getMode() != null) {
connectionFactory.setCacheMode(config.getCache().getConnection().getMode());
}
if (config.getCache().getConnection().getSize() != null) {
connectionFactory.setConnectionCacheSize(config.getCache().getConnection().getSize());
}
return connectionFactory;
}
但这会导致以下异常:
2021-06-15 20:32:04.345 ERROR 17816 --- [ restartedMain] c.r.client.impl.SocketFrameHandler : TLS connection failed: No trusted certificate found
2021-06-15 20:32:04.355 INFO 17816 --- [ restartedMain] ConditionEvaluationReportLoggingListener :
Error starting ApplicationContext. To display the conditions report re-run your application with 'debug' enabled.
2021-06-15 20:32:04.375 ERROR 17816 --- [ restartedMain] o.s.boot.SpringApplication : Application run failed
java.lang.IllegalStateException: Failed to execute CommandLineRunner
at org.springframework.boot.SpringApplication.callRunner(SpringApplication.java:822) ~[spring-boot-2.4.5.jar:2.4.5]
at org.springframework.boot.SpringApplication.callRunners(SpringApplication.java:803) ~[spring-boot-2.4.5.jar:2.4.5]
at org.springframework.boot.SpringApplication.run(SpringApplication.java:346) ~[spring-boot-2.4.5.jar:2.4.5]
at org.springframework.boot.SpringApplication.run(SpringApplication.java:1340) ~[spring-boot-2.4.5.jar:2.4.5]
at org.springframework.boot.SpringApplication.run(SpringApplication.java:1329) ~[spring-boot-2.4.5.jar:2.4.5]
at eu.enovos.pfm.rmqconnector.RMQConnectorApp.main(RMQConnectorApp.java:125) ~[classes/:na]
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:na]
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:na]
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:na]
at java.base/java.lang.reflect.Method.invoke(Method.java:566) ~[na:na]
at org.springframework.boot.devtools.restart.RestartLauncher.run(RestartLauncher.java:49) ~[spring-boot-devtools-2.4.5.jar:2.4.5]
Caused by: org.springframework.amqp.AmqpIOException: javax.net.ssl.SSLHandshakeException: No trusted certificate found
at org.springframework.amqp.rabbit.support.RabbitExceptionTranslator.convertRabbitAccessException(RabbitExceptionTranslator.java:70) ~[spring-rabbit-2.3.6.jar:2.3.6]
at org.springframework.amqp.rabbit.connection.AbstractConnectionFactory.createBareConnection(AbstractConnectionFactory.java:602) ~[spring-rabbit-2.3.6.jar:2.3.6]
at org.springframework.amqp.rabbit.connection.CachingConnectionFactory.createConnection(CachingConnectionFactory.java:724) ~[spring-rabbit-2.3.6.jar:2.3.6]
at org.springframework.amqp.rabbit.connection.ConnectionFactoryUtils.createConnection(ConnectionFactoryUtils.java:216) ~[spring-rabbit-2.3.6.jar:2.3.6]
at org.springframework.amqp.rabbit.core.RabbitTemplate.doExecute(RabbitTemplate.java:2132) ~[spring-rabbit-2.3.6.jar:2.3.6]
at org.springframework.amqp.rabbit.core.RabbitTemplate.execute(RabbitTemplate.java:2105) ~[spring-rabbit-2.3.6.jar:2.3.6]
at org.springframework.amqp.rabbit.core.RabbitTemplate.send(RabbitTemplate.java:1049) ~[spring-rabbit-2.3.6.jar:2.3.6]
at org.springframework.amqp.rabbit.core.RabbitTemplate.convertAndSend(RabbitTemplate.java:1114) ~[spring-rabbit-2.3.6.jar:2.3.6]
at org.springframework.amqp.rabbit.core.RabbitTemplate.convertAndSend(RabbitTemplate.java:1107) ~[spring-rabbit-2.3.6.jar:2.3.6]
at eu.enovos.pfm.rmq.RabbitMQSender.send(RabbitMQSender.java:26) ~[classes/:na]
at eu.enovos.pfm.rmqconnector.RMQConnectorApp.givenUsingTimer_whenSchedulingTaskOnce_thenCorrect(RMQConnectorApp.java:105) ~[classes/:na]
at eu.enovos.pfm.rmqconnector.RMQConnectorApp.lambda$0(RMQConnectorApp.java:66) ~[classes/:na]
at org.springframework.boot.SpringApplication.callRunner(SpringApplication.java:819) ~[spring-boot-2.4.5.jar:2.4.5]
... 10 common frames omitted
Caused by: javax.net.ssl.SSLHandshakeException: No trusted certificate found
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131) ~[na:na]
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:326) ~[na:na]
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:269) ~[na:na]
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:264) ~[na:na]
at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.checkServerCerts(CertificateMessage.java:645) ~[na:na]
at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.onCertificate(CertificateMessage.java:464) ~[na:na]
at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.consume(CertificateMessage.java:360) ~[na:na]
at java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:392) ~[na:na]
at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:444) ~[na:na]
at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:422) ~[na:na]
at java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:183) ~[na:na]
at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:171) ~[na:na]
at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1403) ~[na:na]
at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1309) ~[na:na]
at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:440) ~[na:na]
at java.base/sun.security.ssl.SSLSocketImpl.ensureNegotiated(SSLSocketImpl.java:814) ~[na:na]
at java.base/sun.security.ssl.SSLSocketImpl$AppOutputStream.write(SSLSocketImpl.java:1184) ~[na:na]
at java.base/java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:81) ~[na:na]
at java.base/java.io.BufferedOutputStream.flush(BufferedOutputStream.java:142) ~[na:na]
at java.base/java.io.DataOutputStream.flush(DataOutputStream.java:123) ~[na:na]
at com.rabbitmq.client.impl.SocketFrameHandler.sendHeader(SocketFrameHandler.java:160) ~[amqp-client-5.10.0.jar:5.10.0]
at com.rabbitmq.client.impl.AMQConnection.start(AMQConnection.java:314) ~[amqp-client-5.10.0.jar:5.10.0]
at com.rabbitmq.client.ConnectionFactory.newConnection(ConnectionFactory.java:1139) ~[amqp-client-5.10.0.jar:5.10.0]
at com.rabbitmq.client.ConnectionFactory.newConnection(ConnectionFactory.java:1087) ~[amqp-client-5.10.0.jar:5.10.0]
at org.springframework.amqp.rabbit.connection.AbstractConnectionFactory.connectAddresses(AbstractConnectionFactory.java:638) ~[spring-rabbit-2.3.6.jar:2.3.6]
at org.springframework.amqp.rabbit.connection.AbstractConnectionFactory.connect(AbstractConnectionFactory.java:613) ~[spring-rabbit-2.3.6.jar:2.3.6]
at org.springframework.amqp.rabbit.connection.AbstractConnectionFactory.createBareConnection(AbstractConnectionFactory.java:565) ~[spring-rabbit-2.3.6.jar:2.3.6]
... 21 common frames omitted
Caused by: sun.security.validator.ValidatorException: No trusted certificate found
at java.base/sun.security.validator.SimpleValidator.buildTrustedChain(SimpleValidator.java:411) ~[na:na]
at java.base/sun.security.validator.SimpleValidator.engineValidate(SimpleValidator.java:135) ~[na:na]
at java.base/sun.security.validator.Validator.validate(Validator.java:264) ~[na:na]
at java.base/sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:313) ~[na:na]
at java.base/sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:222) ~[na:na]
at java.base/sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:129) ~[na:na]
at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.checkServerCerts(CertificateMessage.java:629) ~[na:na]
... 44 common frames omitted
我将密钥库中的条目列出如下:
PS C:\Users\User\Desktop\rmqconnector\src\main\resources> keytool -list -keystore .\rmq_wr.uat.p12 -storepass bbbb -storetype PKCS12
Keystore type: PKCS12
Keystore provider: SUN
Your keystore contains 1 entry
1, Jun 15, 2021, PrivateKeyEntry,
Certificate fingerprint (SHA-256): D0:B5:76:...
我还复制了 cacerts 文件以将其用作 TrustStore,但这也不起作用。
PS C:\Users\User\Desktop\rmqconnector\src\main\resources> keytool -list -keystore .\cacerts -storepass changeit -storetype PKCS12
Keystore type: PKCS12
Keystore provider: SUN
Your keystore contains 93 entries
1, Jun 14, 2021, PrivateKeyEntry,
Certificate fingerprint (SHA-256): D0:B5:76:...
...
.
解决方案
推荐阅读
- .net - [Content_Types].xml 文件夹不同使 System.IO.Packaging.Package 无法读取 Uri 信息
- sql - 插入新数据 BigQuery
- shell - 如何在 shell 脚本中声明数组?
- powershell - 将最近编译的构建存储到指定位置的 MSBuild 标志是什么?
- api - 如何从flutter api中获取数据,参数为主体/原始数据
- reactjs - React Fabric Ui面板无法关闭
- puppeteer - 如何单击按钮 puppeteer?
- flutter - 如何将自定义裁剪比例添加到 image_cropper 库中 - Flutter
- arrays - 更改数组中的最小条目数,以使任意 k 个连续项的总和为偶数
- python - 使用 Python 脚本将 xml 转换为 json 时如何使用 Json 数组