从jboss AS 7升级为wildfly 10后,我们在远程客户端的连接中遇到了问题,后者是JMS生产者。
jms over ssl:客户端启动starttls,但通道不支持SSL
服务器配置并不是要使用SSL,也不是客户端,但是客户端正在尝试保护频道,尽管我们不需要它,也没有更改以前工作的客户端配置。<<<<<<<<<<
客户端上下文属性:
java.naming.security.principal=pubclient
java.naming.security.credentials=xxxxxxxx
java.naming.provider.url=remote://server:4447
java.naming.factory.initial=org.jboss.naming.remote.client.InitialContextFactory
java.naming.factory.url.pkgs=org.jboss.ejb.client.naming
j2ee.clientName=pubadmin
jboss.naming.client.ejb.context=true
java.naming.security.principal=pubclient
服务器配置:
<subsystem xmlns="urn:jboss:domain:ejb3:4.0">
...
<remote connector-ref="http-remoting-connector" thread-pool-name="default"/>
...
<subsystem xmlns="urn:jboss:domain:remoting:3.0">
<endpoint auth-realm="ApplicationRealm"/>
<connector name="remoting-connector" socket-binding="remoting" security-realm="ApplicationRealm"/>
<http-connector name="http-remoting-connector" connector-ref="default" security-realm="ApplicationRealm"/>
</subsystem>
...
<socket-binding-group name="standard-sockets" default-interface="public" port-offset="${jboss.socket.binding.port-offset:0}">
...
<socket-binding name="remoting" port="4447"/>
堆栈跟踪:
javax.naming.CommunicationException: Failed to connect to any server. Servers tried: [remote://vspidid2:4447 (java.io.IOException: Client starting STARTTLS but channel doesn't support SSL)]
at org.jboss.naming.remote.client.HaRemoteNamingStore.failOverSequence(HaRemoteNamingStore.java:244) ~[jboss-remote-naming-2.0.4.Final.jar:2.0.4.Final]
at org.jboss.naming.remote.client.HaRemoteNamingStore.namingStore(HaRemoteNamingStore.java:149) ~[jboss-remote-naming-2.0.4.Final.jar:2.0.4.Final]
at org.jboss.naming.remote.client.HaRemoteNamingStore.namingOperation(HaRemoteNamingStore.java:130) ~[jboss-remote-naming-2.0.4.Final.jar:2.0.4.Final]
at org.jboss.naming.remote.client.HaRemoteNamingStore.lookup(HaRemoteNamingStore.java:272) ~[jboss-remote-naming-2.0.4.Final.jar:2.0.4.Final]
at org.jboss.naming.remote.client.RemoteContext.lookupInternal(RemoteContext.java:104) ~[jboss-remote-naming-2.0.4.Final.jar:2.0.4.Final]
at org.jboss.naming.remote.client.RemoteContext.lookup(RemoteContext.java:93) ~[jboss-remote-naming-2.0.4.Final.jar:2.0.4.Final]
at org.jboss.naming.remote.client.RemoteContext.lookup(RemoteContext.java:146) ~[jboss-remote-naming-2.0.4.Final.jar:2.0.4.Final]
at javax.naming.InitialContext.lookup(InitialContext.java:417) ~[na:1.8.0_111]
at org.wipo.pct.pubadmin.core.oo.OoFactory4POJO.getConnectionFactory(OoFactory4POJO.java:135) ~[classes/:na]
at org.wipo.pct.pubadmin.core.oo.OoFactory4POJO.createFormatter(OoFactory4POJO.java:68) ~[classes/:na]
at org.wipo.pct.pubadmin.core.oo.OoFactory4POJO.createFormatter(OoFactory4POJO.java:1) ~[classes/:na]
at org.wipo.pct.pubadmin.gui.TaskFrame$CreateResources.call(TaskFrame.java:160) ~[classes/:na]
at org.wipo.pct.pubadmin.gui.TaskFrame$CreateResources.call(TaskFrame.java:1) ~[classes/:na]
at org.wipo.pct.swing.FailsafeActionListener$1.doInBackground(FailsafeActionListener.java:52) ~[classes/:na]
at javax.swing.SwingWorker$1.call(SwingWorker.java:295) ~[na:1.8.0_111]
at java.util.concurrent.FutureTask.run(FutureTask.java:266) ~[na:1.8.0_111]
at javax.swing.SwingWorker.run(SwingWorker.java:334) ~[na:1.8.0_111]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) ~[na:1.8.0_111]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) ~[na:1.8.0_111]
at java.lang.Thread.run(Thread.java:745) ~[na:1.8.0_111]
我们通过将属性jboss.naming.client.connect.options.org.xnio.Options.SSL_STARTTLS设置为 false。
jboss.naming.client.connect.options.org.xnio.Options.SSL_STARTTLS=false
# jboss.naming.client.remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED=false