nifi-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Michael Moser <moser...@gmail.com>
Subject Re: ActiveMQ trust store issues
Date Wed, 11 Jan 2017 22:19:57 GMT
Joe,

Have you seen https://issues.apache.org/jira/browse/NIFI-3230?  You might
try the latest code on the master branch to see if it fixes your problem.
The JIRA ticket also offers a workaround by using a failover URI.

-- Mike


On Wed, Jan 11, 2017 at 8:20 PM, Joe Gresock <jgresock@gmail.com> wrote:

> Hi folks,
>
> I'm using PutJMS to try to send messages to an ActiveMQ broker over SSL.  I
> verified that the trust store referenced in my ssl-context controller
> service does indeed contain the issuer DN of the broker's certificate, but
> I get the error "PKIX path building failed:
> sun.security.provider.certpath.SunCertPathBuilderException: unable to find
> valid certification path to requested target".
>
> On a whim, I tried adding the truststore location and password to
> bootstrap.conf:
> java.arg.17=-Djavax.net.ssl.trustStore=...
> java.arg.18=-Djavax.net.ssl.trustStorePassword=...
>
> And this time the SSL connection actually worked.  Therefore, it looks like
> somehow the ActiveMQ connection factory is not accepting my trust store
> information from my controller service.  Has anyone else observed this
> behavior?
>
> --
> I know what it is to be in need, and I know what it is to have plenty.  I
> have learned the secret of being content in any and every situation,
> whether well fed or hungry, whether living in plenty or in want.  I can do
> all this through him who gives me strength.    *-Philippians 4:12-13*
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message