🎄 Happy Holidays! 🥳
Most of Solace is closed December 24–January 1 so our employees can spend time with their families. We will re-open Thursday, January 2, 2024. Please expect slower response times during this period and open a support ticket for anything needing immediate assistance.
Happy Holidays!
Please note: most of Solace is closed December 25–January 2, and will re-open Tuesday, January 3, 2023.
Do you have any guide to setup solace/solace-pubsub-standard over SSL?
I am looking for a guide to setup the docker container solace/solace-pubsub-standard
with SSL and/or test-containers
The guide
focuses on the non-authenticated versionI tried generating a self-signed certificate and adding it to /usr/sw/jail/certs
but I have been unable to connect using SSL. After ClientHello all I see is "Error communicating with the router" and I am guessing it means that I am just misconfiguring it.
This is the full code of what I tried so far:
var container = new SolaceContainer(ImageNames.SOLACE_IMAGE) .withTopic(SOLACE_TEST_CONTAINER_TOPIC_NAME, Service.SMF_SSL) .withVpn(SOLACE_CONTAINER_VPN) .withClientCert( // Solace Expects the certificates to be in PEM format. See https://docs.solace.com/Security/Managing-Server-Certs.htm MountableFile.forHostPath(TEST_KEY_STORE.privateKeypath()), MountableFile.forHostPath(TEST_KEY_STORE.signedPemCertificate()) );
Error
javax.naming.NamingException: JNDI lookup failed - (Client name: GVM63V6Y0W/7432/887b8dc0d3233a520001/fQYf-7WNft ) - Error communicating with the router. [Root exception is com.solacesystems.jcsmp.JCSMPTransportException: (Client name: GVM63V6Y0W/7432/887b8dc0d3233a520001/fQYf-7WNft ) - Error communicating with the router.] at com.solacesystems.jndi.SolJNDIInitialContextFactory$SolJNDIInitialContextImpl.makeNamingException(SolJNDIInitialContextFactory.java:116) at com.solacesystems.jndi.SolJNDIInitialContextFactory$SolJNDIInitialContextImpl.lookup(SolJNDIInitialContextFactory.java:248) at java.naming/javax.naming.InitialContext.lookup(InitialContext.java:409) at java.naming/javax.naming.InitialContext.lookup(InitialContext.java:409) at com.axp.c360.core.access.impl.solace.SolaceQueueProducer.<init>(SolaceQueueProducer.java:48) at com.axp.c360.core.access.impl.solace.QueueMessageFactory.buildProducer(QueueMessageFactory.java:167) at com.axp.c360.core.access.impl.solace.QueueMessageFactory.getSolaceProducer(QueueMessageFactory.java:162) at com.axp.c360.core.access.impl.solace.SolaceQueueConsumerTest.testConsumer(SolaceQueueConsumerTest.java:14) at java.base/java.lang.reflect.Method.invoke(Method.java:569) at java.base/java.util.ArrayList.forEach(ArrayList.java:1511) at java.base/java.util.ArrayList.forEach(ArrayList.java:1511) Caused by: com.solacesystems.jcsmp.JCSMPTransportException: (Client name: GVM63V6Y0W/7432/887b8dc0d3233a520001/fQYf-7WNft ) - Error communicating with the router. at com.solacesystems.jcsmp.protocol.impl.TcpChannel.sendLoginRequestWaitForLoginResponse(TcpChannel.java:254) at com.solacesystems.jcsmp.protocol.impl.ChannelOpStrategyClient.performOpen(ChannelOpStrategyClient.java:98) at com.solacesystems.jcsmp.protocol.impl.TcpClientChannel.performOpenSingle(TcpClientChannel.java:397) at com.solacesystems.jcsmp.protocol.impl.TcpClientChannel.access$1000(TcpClientChannel.java:132) at com.solacesystems.jcsmp.protocol.impl.TcpClientChannel$ClientChannelConnect.call(TcpClientChannel.java:2672) at com.solacesystems.jcsmp.protocol.impl.TcpClientChannel.open(TcpClientChannel.java:376) at com.solacesystems.jcsmp.impl.JCSMPBasicSession.sniffRouter(JCSMPBasicSession.java:442) at com.solacesystems.jcsmp.impl.JCSMPBasicSession.executeJndiQuery(JCSMPBasicSession.java:1104) at com.solacesystems.jndi.SolJNDIInitialContextFactory$SolJNDIInitialContextImpl.lookup(SolJNDIInitialContextFactory.java:213) ... 9 more Caused by: java.nio.channels.ClosedChannelException at io.netty.handler.ssl.SslHandler.channelInactive(SslHandler.java:1154) at io.netty.channel.AbstractChannelHandlerContext.invokeChannelInactive(AbstractChannelHandlerContext.java:303) at io.netty.channel.AbstractChannelHandlerContext.invokeChannelInactive(AbstractChannelHandlerContext.java:281) at io.netty.channel.AbstractChannelHandlerContext.fireChannelInactive(AbstractChannelHandlerContext.java:274) at io.netty.channel.DefaultChannelPipeline$HeadContext.channelInactive(DefaultChannelPipeline.java:1402) at io.netty.channel.AbstractChannelHandlerContext.invokeChannelInactive(AbstractChannelHandlerContext.java:301) at io.netty.channel.AbstractChannelHandlerContext.invokeChannelInactive(AbstractChannelHandlerContext.java:281) at io.netty.channel.DefaultChannelPipeline.fireChannelInactive(DefaultChannelPipeline.java:900) at io.netty.channel.AbstractChannel$AbstractUnsafe$7.run(AbstractChannel.java:811) at io.netty.util.concurrent.AbstractEventExecutor.runTask(AbstractEventExecutor.java:173) at io.netty.util.concurrent.AbstractEventExecutor.safeExecute(AbstractEventExecutor.java:166) at io.netty.util.concurrent.SingleThreadEventExecutor.runAllTasks(SingleThreadEventExecutor.java:469) at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:566) at io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:994) at io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74) at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30) at java.base/java.lang.Thread.run(Thread.java:840) Suppressed: io.netty.handler.ssl.StacklessSSLHandshakeException: Connection closed while SSL/TLS handshake was in progress at io.netty.handler.ssl.SslHandler.channelInactive(Unknown Source)
Answers
-
Did you use the Solace CLI to add the certificate? This link gives details on how to copy the certificate in, then use the CLI to configure the broker: Managing Certificates.
0