错误 Spring 模块：cvc-complex-type.2.4.c：匹配的通配符很严格，但找不到元素'rabbit:connection-factory'的声明

我们的系统有一个模块，它使用带有Spring-rabbit组件的Spring框架。该模块于周六晚上(2019年1月19日)开始出现故障。在日志中，弹出以下错误：

[2019-01-19 17:50:07.458] INFO   com.mcm.spring.SpringMain                         ============ SPRING START ============ 
[2019-01-19 17:50:07.708] INFO   com.mcm.spring.MongoApplicationContext            Requested resource: META-INF/spring/application-context.xml 
[2019-01-19 17:50:07.926] INFO   com.mcm.spring.MongoApplicationContext            Requested resource: classpath:/META-INF/spring/amqp.xml 
[2019-01-19 17:50:08.846] ERROR  com.mcm.spring.SpringMain                         Failed to initialize Spring context from location: META-INF/spring/application-context.xml org.springframework.beans.factory.parsing.BeanDefinitionParsingException: Configuration problem: Failed to import bean definitions from URL location [classpath:/META-INF/spring/amqp.xml]
Offending resource: class path resource [META-INF/spring/application-context.xml]; nested exception is org.springframework.beans.factory.xml.XmlBeanDefinitionStoreException: Line 10 in XML document from class path resource [META-INF/spring/amqp.xml] is invalid; nested exception is org.xml.sax.SAXParseException; lineNumber: 10; columnNumber: 91; cvc-complex-type.2.4.c: The matching wildcard is strict, but no declaration can be found for element 'rabbit:connection-factory'.

起初，我认为spring框架可能已经更新，所以我检查了模块的.xml定义文件中引用的URL，这里提供了该文件的标题：

<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:rabbit="http://www.springframework.org/schema/rabbit"
xsi:schemaLocation="
http://www.springframework.org/schema/beans   http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/rabbit  https://www.springframework.org/schema/rabbit/spring-rabbit-1.0.xsd"
>
<rabbit:connection-factory id="connectionFactory" host="${rabbitmqHost}"
username="${rabbitmqUser}" password="${rabbitmqPassword}"/>
...

但是引用的URL似乎没有修改。最终解决问题的是更改引用的spring-rabbit-1.0.xsd，因此我们将其从更改为

https://www.springframework.org/schema/rabbit/spring-rabbit-1.0.xsd

至

http://www.springframework.org/schema/rabbit/spring-rabbit-1.0.xsd

这个问题令人不安的地方是，它似乎只影响我们系统中的一些主机，而不会影响其他主机。尽管我已经解决了根本问题，但我想了解问题的根本原因是什么

编辑：

如果我使用-Djavax.net.debug＝SSL运行程序，我会发现它在处理与springframework.org网站相关的证书时失败。

trigger seeding of SecureRandom
done seeding SecureRandom
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
main, setSoTimeout(0) called
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 for TLSv1.1
%% No cached client session
*** ClientHello, TLSv1.2
RandomCookie:  GMT: 1548179066 bytes = { 222, 245, 173, 48, 133, 200, 171, 99, 126, 94, 203, 91, 117, 191, 77, 23, 240, 62, 47, 106, 76, 44, 254, 213, 202, 252, 233, 120 }
Session ID:  {}
Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_SHA, TLS_ECDH_ECDSA_WITH_RC4_128_SHA, TLS_ECDH_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_MD5, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
Compression Methods:  { 0 }
Extension elliptic_curves, curve names: {secp256r1, sect163k1, sect163r2, secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1, secp384r1, sect409k1, sect409r1, secp521r1, sect571k1, sect571r1, secp160k1, secp160r1, secp160r2, sect163r1, secp192k1, sect193r1, sect193r2, secp224k1, sect239k1, secp256k1}
Extension ec_point_formats, formats: [uncompressed]
Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA224withECDSA, SHA224withRSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA, MD5withRSA
Extension server_name, server_name: [type=host_name (0), value=www.springframework.org]
***
main, WRITE: TLSv1.2 Handshake, length = 239
main, READ: TLSv1.2 Handshake, length = 87
*** ServerHello, TLSv1.2
RandomCookie:  GMT: 1548179066 bytes = { 15, 226, 52, 211, 193, 89, 176, 195, 88, 215, 84, 65, 175, 26, 247, 122, 240, 146, 131, 10, 113, 181, 82, 4, 58, 133, 166, 64 }
Session ID:  {234, 226, 58, 64, 56, 115, 122, 212, 167, 56, 115, 117, 62, 243, 183, 68, 35, 203, 216, 169, 109, 121, 123, 165, 61, 176, 173, 151, 66, 226, 234, 185}
Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
Compression Method: 0
Extension renegotiation_info, renegotiated_connection: <empty>
Extension ec_point_formats, formats: [uncompressed]
***
%% Initialized:  [Session-1, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256]
** TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
main, READ: TLSv1.2 Handshake, length = 2244
*** Certificate chain
chain [0] = [
[
Version: V3
Subject: CN=ssl385749.cloudflaressl.com, OU=PositiveSSL Multi-Domain, OU=Domain Control Validated
Signature Algorithm: SHA256withECDSA, OID = 1.2.840.10045.4.3.2
Key:  Sun EC public key, 256 bits
public x coord: 66837509185678763302911536120437768078260771437122799932673434543093661334104
public y coord: 99553009056106338955190616002251795226782944025455477626102184647747111863758
parameters: secp256r1 [NIST P-256, X9.62 prime256v1] (1.2.840.10045.3.1.7)
Validity: [From: Fri Jan 18 19:00:00 EST 2019,
To: Sun Jul 28 19:59:59 EDT 2019]
Issuer: CN=COMODO ECC Domain Validation Secure Server CA 2, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB
SerialNumber: [    c63a11c6 0ff58b5a b3b40da5 48daf711]
Certificate Extensions: 10
[1]: ObjectId: 1.3.6.1.4.1.11129.2.4.2 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 81 F5 04 81 F2 00 F0   00 76 00 BB D9 DF BC 1F  .........v......
0010: 8A 71 B5 93 94 23 97 AA   92 7B 47 38 57 95 0A AB  .q...#....G8W...
0020: 52 E8 1A 90 96 64 36 8E   1E D1 85 00 00 01 68 65  R....d6.......he
0030: B7 E2 E3 00 00 04 03 00   47 30 45 02 20 0C F3 98  ........G0E. ...
0040: A7 86 90 18 E7 C7 4D 58   06 0E 9C 08 5E 58 85 FD  ......MX....^X..
0050: 1C BF 0C 74 25 6F 1C 7A   D2 5B 3B F4 6A 02 21 00  ...t%o.z.[;.j.!.
0060: F0 DD 45 D0 F3 58 67 34   C7 58 45 2D 77 5F 48 69  ..E..Xg4.XE-w_Hi
0070: 45 46 72 53 E6 B0 B6 9C   64 A6 BE 69 C1 87 AA F6  EFrS....d..i....
0080: 00 76 00 74 7E DA 83 31   AD 33 10 91 21 9C CE 25  .v.t...1.3..!..%
0090: 4F 42 70 C2 BF FD 5E 42   20 08 C6 37 35 79 E6 10  OBp...^B ..75y..
00A0: 7B CC 56 00 00 01 68 65   B7 E3 3C 00 00 04 03 00  ..V...he..<.....
00B0: 47 30 45 02 20 5F 56 94   7E E7 60 93 CF 4A 46 DF  G0E. _V...`..JF.
00C0: F7 FE 6D E4 28 88 CA 35   59 45 33 EC 99 38 D7 71  ..m.(..5YE3..8.q
00D0: BC 3F 54 0B DB 02 21 00   8A 12 AD AA CC 83 8F 46  .?T...!........F
00E0: B4 4C 3A 7F BD 85 05 E6   92 FE 4F F5 AC 5B AA 80  .L:.......O..[..
00F0: BE E9 FE D5 D7 B0 DB A1                            ........

[2]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
AuthorityInfoAccess [
[
accessMethod: caIssuers
accessLocation: URIName: http://crt.comodoca4.com/COMODOECCDomainValidationSecureServerCA2.crt
, 
accessMethod: ocsp
accessLocation: URIName: http://ocsp.comodoca4.com
]
]
[3]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 40 09 61 67 F0 BC 83 71   4F DE 12 08 2C 6F D4 D4  @.ag...qO...,o..
0010: 2B 76 3D 96                                        +v=.
]
]
[4]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:false
PathLen: undefined
]
[5]: ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
[URIName: http://crl.comodoca4.com/COMODOECCDomainValidationSecureServerCA2.crl]
]]
[6]: ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [1.3.6.1.4.1.6449.1.2.2.7]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 1D 68 74 74 70 73 3A   2F 2F 73 65 63 75 72 65  ..https://secure
0010: 2E 63 6F 6D 6F 64 6F 2E   63 6F 6D 2F 43 50 53     .comodo.com/CPS
]]  ]
[CertificatePolicyId: [2.23.140.1.2.1]
[]  ]
]
[7]: ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
serverAuth
clientAuth
]
[8]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
]
[9]: ObjectId: 2.5.29.17 Criticality=false
SubjectAlternativeName [
DNSName: ssl385749.cloudflaressl.com
DNSName: *.springframework.org
DNSName: springframework.org
]
[10]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 62 C4 60 99 6C BD 49 62   A0 23 61 F1 FF 8E 3D 19  b.`.l.Ib.#a...=.
0010: 68 DB 1D 1C                                        h...
]
]
]
Algorithm: [SHA256withECDSA]
Signature:
0000: 30 44 02 20 20 B3 4F C7   83 7F BA 2D F5 C1 C6 09  0D.  .O....-....
0010: A2 2A 32 C0 CF 3D B1 F8   9D FF 32 A5 A0 35 B8 FF  .*2..=....2..5..
0020: 0B D9 5D B9 02 20 28 52   41 C1 80 02 7F 4B 43 24  ..].. (RA....KC$
0030: 45 21 35 FD BE D9 8C 13   73 AF 98 0E DC 67 C4 5E  E!5.....s....g.^
0040: B7 D3 3A BE E7 E6                                  ..:...
]
chain [1] = [
[
Version: V3
Subject: CN=COMODO ECC Domain Validation Secure Server CA 2, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB
Signature Algorithm: SHA384withECDSA, OID = 1.2.840.10045.4.3.3
Key:  Sun EC public key, 256 bits
public x coord: 1003745160476881206339073530943807232389873597117160669404019647835895530218
public y coord: 112735960696801970978259026239805217413696993678636841464359769702732092974253
parameters: secp256r1 [NIST P-256, X9.62 prime256v1] (1.2.840.10045.3.1.7)
Validity: [From: Wed Sep 24 20:00:00 EDT 2014,
To: Mon Sep 24 19:59:59 EDT 2029]
Issuer: CN=COMODO ECC Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB
SerialNumber: [    5b25ce69 07c42655 66d3390c 99a954ad]
Certificate Extensions: 8
[1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
AuthorityInfoAccess [
[
accessMethod: caIssuers
accessLocation: URIName: http://crt.comodoca.com/COMODOECCAddTrustCA.crt
, 
accessMethod: ocsp
accessLocation: URIName: http://ocsp.comodoca4.com
]
]
[2]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 75 71 A7 19 48 19 BC 9D   9D EA 41 47 DF 94 C4 48  uq..H.....AG...H
0010: 77 99 D3 79                                        w..y
]
]
[3]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:0
]
[4]: ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
[URIName: http://crl.comodoca.com/COMODOECCCertificationAuthority.crl]
]]
[5]: ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [2.5.29.32.0]
[]  ]
[CertificatePolicyId: [2.23.140.1.2.1]
[]  ]
]
[6]: ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
serverAuth
clientAuth
]
[7]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]
[8]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 40 09 61 67 F0 BC 83 71   4F DE 12 08 2C 6F D4 D4  @.ag...qO...,o..
0010: 2B 76 3D 96                                        +v=.
]
]
]
Algorithm: [SHA384withECDSA]
Signature:
0000: 30 65 02 31 00 AC 68 47   25 80 13 4F 13 56 C0 A2  0e.1..hG%..O.V..
0010: 37 09 97 5A 50 C4 E7 ED   B4 61 CB 28 8A 0A 11 32  7..ZP....a.(...2
0020: A6 E2 71 DF 11 01 89 6F   07 7A 20 66 6B 18 D0 B9  ..q....o.z fk...
0030: 2E 43 F7 52 6F 02 30 12   85 7C 8E 13 66 92 04 BA  .C.Ro.0.....f...
0040: 9A 45 09 94 4A 30 61 D1   49 DC 6F EB E7 2D C9 89  .E..J0a.I.o..-..
0050: CF 1E 6A 7C EC 85 CE 30   25 59 BA 81 70 34 B8 34  ..j....0%Y..p4.4
0060: 7F E7 01 D1 E2 CB 52                               ......R
]
***
%% Invalidated:  [Session-1, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256]
main, SEND TLSv1.2 ALERT:  fatal, description = certificate_unknown
main, WRITE: TLSv1.2 Alert, length = 2
main, called closeSocket()
main, handling exception: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target