'ActiveMQ SSL error outbound has closed, ignore outbound alert message: close_notify
Trying to configure ActiveMQ with SSL in AWS. Receiving this error in the logs. What configuration could be wrong? Docker Image: alfresco/alfresco-activemq:5.17.0-jre11-centos7. The connector is changed to nio+ssl from tcp. There is a network load balancer with TLS protocol behind amq container. Any ideas what could be wrong?
WARN | Could not accept connection from tcp://somehost: javax.net.ssl.SSLException: closing inbound before receiving peer's close_notify (closing inbound before receiving peer's close_notify)
javax.net.ssl|DEBUG|FC|ActiveMQ Transport: ssl://somehost|2022-05-23 14:59:57.283 UTC|Alert.java:232|Received alert message (
"Alert": {
"level" : "warning",
"description": "close_notify"
}
)
javax.net.ssl|DEBUG|01 00|ActiveMQ Task-1|2022-05-23 14:59:57.285 UTC|SSLSocketImpl.java:473|duplex close of SSLSocket
javax.net.ssl|WARNING|01 00|ActiveMQ Task-1|2022-05-23 14:59:57.285 UTC|SSLSocketOutputRecord.java:58|outbound has closed, ignore outbound alert message: close_notify
javax.net.ssl|DEBUG|01 00|ActiveMQ Task-1|2022-05-23 14:59:57.285 UTC|SSLSocketImpl.java:1361|close the underlying socket
javax.net.ssl|DEBUG|01 00|ActiveMQ Task-1|2022-05-23 14:59:57.285 UTC|SSLSocketImpl.java:1380|close the SSL connection (passive)
javax.net.ssl|DEBUG|01 00|ActiveMQ Task-1|2022-05-23 14:59:57.285 UTC|SSLSocketImpl.java:636|close inbound of SSLSocket
javax.net.ssl|WARNING|01 00|ActiveMQ Task-1|2022-05-23 14:59:57.285 UTC|SSLSocketImpl.java:494|SSLSocket duplex close failed (
"throwable" : {
java.net.SocketException: Socket is closed
at java.base/java.net.Socket.shutdownInput(Socket.java:1521)
at java.base/sun.security.ssl.BaseSSLSocketImpl.shutdownInput(BaseSSLSocketImpl.java:216)
at java.base/sun.security.ssl.SSLSocketImpl.shutdownInput(SSLSocketImpl.java:651)
at java.base/sun.security.ssl.SSLSocketImpl.bruteForceCloseInput(SSLSocketImpl.java:606)
at java.base/sun.security.ssl.SSLSocketImpl.duplexCloseOutput(SSLSocketImpl.java:566)
at java.base/sun.security.ssl.SSLSocketImpl.close(SSLSocketImpl.java:479)
at org.apache.activemq.transport.tcp.TcpTransport$1.run(TcpTransport.java:567)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
at java.base/java.lang.Thread.run(Thread.java:834)}
javax.net.ssl|DEBUG|FD|DefaultMessageListenerContainer-32|2022-05-23 14:59:52.290 UTC|SSLExtensions.java:148|Ignore unavailable extension: supported_versions
javax.net.ssl|DEBUG|FD|DefaultMessageListenerContainer-32|2022-05-23 14:59:52.290 UTC|ServerHello.java:962|Negotiated protocol version: TLSv1.2
javax.net.ssl|DEBUG|FD|DefaultMessageListenerContainer-32|2022-05-23 14:59:52.290 UTC|SSLExtensions.java:167|Consumed extension: renegotiation_info
javax.net.ssl|DEBUG|FD|DefaultMessageListenerContainer-32|2022-05-23 14:59:52.290 UTC|SSLExtensions.java:167|Consumed extension: server_name
javax.net.ssl|DEBUG|FD|DefaultMessageListenerContainer-32|2022-05-23 14:59:52.290 UTC|SSLExtensions.java:148|Ignore unavailable extension: max_fragment_length
javax.net.ssl|DEBUG|FD|DefaultMessageListenerContainer-32|2022-05-23 14:59:52.290 UTC|SSLExtensions.java:148|Ignore unavailable extension: status_request
javax.net.ssl|DEBUG|FD|DefaultMessageListenerContainer-32|2022-05-23 14:59:52.290 UTC|SSLExtensions.java:167|Consumed extension: ec_point_formats
javax.net.ssl|DEBUG|FD|DefaultMessageListenerContainer-32|2022-05-23 14:59:52.290 UTC|SSLExtensions.java:148|Ignore unavailable extension: status_request_v2
javax.net.ssl|DEBUG|FD|DefaultMessageListenerContainer-32|2022-05-23 14:59:52.290 UTC|SSLExtensions.java:138|Ignore unsupported extension: supported_versions
javax.net.ssl|DEBUG|FD|DefaultMessageListenerContainer-32|2022-05-23 14:59:52.290 UTC|SSLExtensions.java:138|Ignore unsupported extension: key_share
javax.net.ssl|DEBUG|FD|DefaultMessageListenerContainer-32|2022-05-23 14:59:52.290 UTC|SSLExtensions.java:167|Consumed extension: renegotiation_info
javax.net.ssl|DEBUG|FD|DefaultMessageListenerContainer-32|2022-05-23 14:59:52.290 UTC|SSLExtensions.java:138|Ignore unsupported extension: pre_shared_key
javax.net.ssl|WARNING|FD|DefaultMessageListenerContainer-32|2022-05-23 14:59:52.290 UTC|SSLExtensions.java:190|Ignore impact of unsupported extension: server_name
javax.net.ssl|DEBUG|FD|DefaultMessageListenerContainer-32|2022-05-23 14:59:52.290 UTC|SSLExtensions.java:182|Ignore unavailable extension: max_fragment_length
javax.net.ssl|DEBUG|FD|DefaultMessageListenerContainer-32|2022-05-23 14:59:52.290 UTC|SSLExtensions.java:182|Ignore unavailable extension: status_request
javax.net.ssl|WARNING|FD|DefaultMessageListenerContainer-32|2022-05-23 14:59:52.290 UTC|SSLExtensions.java:190|Ignore impact of unsupported extension: ec_point_formats
javax.net.ssl|DEBUG|FD|DefaultMessageListenerContainer-32|2022-05-23 14:59:52.290 UTC|SSLExtensions.java:182|Ignore unavailable extension: application_layer_protocol_negotiation
javax.net.ssl|DEBUG|FD|DefaultMessageListenerContainer-32|2022-05-23 14:59:52.290 UTC|SSLExtensions.java:182|Ignore unavailable extension: status_request_v2
javax.net.ssl|DEBUG|FD|DefaultMessageListenerContainer-32|2022-05-23 14:59:52.290 UTC|SSLExtensions.java:182|Ignore unavailable extension: extended_master_secret
javax.net.ssl|DEBUG|FD|DefaultMessageListenerContainer-32|2022-05-23 14:59:52.290 UTC|SSLExtensions.java:182|Ignore unavailable extension: supported_versions
javax.net.ssl|DEBUG|FD|DefaultMessageListenerContainer-32|2022-05-23 14:59:52.290 UTC|SSLExtensions.java:182|Ignore unavailable extension: key_share
javax.net.ssl|WARNING|FD|DefaultMessageListenerContainer-32|2022-05-23 14:59:52.290 UTC|SSLExtensions.java:190|Ignore impact of unsupported extension: renegotiation_info
javax.net.ssl|DEBUG|FD|DefaultMessageListenerContainer-32|2022-05-23 14:59:52.290 UTC|SSLExtensions.java:182|Ignore unavailable extension: pre_shared_key
javax.net.ssl|DEBUG|FD|DefaultMessageListenerContainer-32|2022-05-23 14:59:52.292 UTC|CertificateMessage.java:358|Consuming server Certificate handshake message (
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|