I have a problem connecting with connecting to a Rabbit queue...Unfortunately this is a very old project and it has to be run on Java 1.6.
this is my class:
import com.rabbitmq.client.Channel;import com.rabbitmq.client.Connection;import com.rabbitmq.client.ConnectionFactory;import com.rabbitmq.client.QueueingConsumer;import org.apache.log4j.Logger;import org.bouncycastle.jce.provider.BouncyCastleProvider;import org.bouncycastle.jsse.provider.BouncyCastleJsseProvider;import javax.net.ssl.KeyManagerFactory;import javax.net.ssl.SSLContext;import javax.net.ssl.TrustManagerFactory;import java.io.FileInputStream;import java.io.IOException;import java.security.KeyStore;import java.security.SecureRandom;import java.security.Security;import java.util.concurrent.ExecutorService;import java.util.concurrent.Executors;public class RabbitMqListenerTest { private static Logger log = Logger.getLogger(RabbitMqListenerTest.class);; private final Consumer<String> consumer; private final RabbitMqConnectionConfig rabbitMqConnectionConfig; static { Security.addProvider(new BouncyCastleProvider()); Security.addProvider(new BouncyCastleJsseProvider()); } public RabbitMqListenerTest(Consumer<String> consumer, RabbitMqConnectionConfig rabbitMqConnectionConfig) { this.consumer = consumer; this.rabbitMqConnectionConfig = rabbitMqConnectionConfig; } public void startConnection() throws IOException, InterruptedException { ExecutorService executor = Executors.newSingleThreadExecutor(); executor.execute(new Runnable() { public void run() { connect(); } }); executor.shutdown(); } private void connect() { ConnectionFactory factory = new ConnectionFactory(); factory.setHost(rabbitMqConnectionConfig.getHost()); factory.setPort(rabbitMqConnectionConfig.getPort()); factory.setUsername(rabbitMqConnectionConfig.getUsername()); factory.setPassword(rabbitMqConnectionConfig.getPassword()); factory.setVirtualHost(rabbitMqConnectionConfig.getVirtualHost()); if (rabbitMqConnectionConfig.getSslCertPath() != null) { try { configureSSLSocketFactory(rabbitMqConnectionConfig.getSslCertPath(), factory); } catch (Exception e) { throw new RuntimeException(e); } } String queueName = rabbitMqConnectionConfig.getQueueName(); log.info("Starting connection attempt to queue:" + queueName); Connection connection; QueueingConsumer consumer = null; try { log.info("Setting connection..."); connection = factory.newConnection(); Channel channel; channel = connection.createChannel(); channel.queueDeclare(queueName, true, false, false, null); consumer = new QueueingConsumer(channel); channel.basicConsume(queueName, true, consumer); } catch (Exception e) { log.error("Error when connecting to queue: " + queueName); e.printStackTrace(); return; } while (true) { try { QueueingConsumer.Delivery delivery = consumer.nextDelivery(); String message = new String(delivery.getBody(), "UTF-8"); this.consumer.accept(message); } catch (Exception e) { log.error("Error when consuming a message from " + queueName); } } } private void configureSSLSocketFactory(String keystorePath, ConnectionFactory factory) throws Exception { KeyStore keyStore = KeyStore.getInstance("JKS"); FileInputStream keystoreFile = new FileInputStream(keystorePath); keyStore.load(keystoreFile, rabbitMqConnectionConfig.getKeystorePassword().toCharArray()); KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); keyManagerFactory.init(keyStore, rabbitMqConnectionConfig.getKeystorePassword().toCharArray()); TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("PKIX", "BCJSSE"); trustManagerFactory.init(keyStore); SSLContext sslContext = SSLContext.getInstance("TLS", "BCJSSE"); sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), new SecureRandom()); factory.useSslProtocol(sslContext); }}I have stucked.I receive an error:
15:08:27,683 ERROR [STDERR]org.bouncycastle.tls.TlsFatalAlertReceived: insufficient_security(71)15:30:21,555 ERROR [STDERR] atorg.bouncycastle.tls.TlsProtocol.handleAlertMessage(Unknown Source)15:30:21,555 ERROR [STDERR] atorg.bouncycastle.tls.TlsProtocol.processAlertQueue(Unknown Source)15:30:21,555 ERROR [STDERR] atorg.bouncycastle.tls.TlsProtocol.processRecord(Unknown Source)15:30:21,556 ERROR [STDERR] atorg.bouncycastle.tls.RecordStream.readRecord(Unknown Source)15:30:21,556 ERROR [STDERR] atorg.bouncycastle.tls.TlsProtocol.safeReadRecord(Unknown Source)15:30:21,556 ERROR [STDERR] atorg.bouncycastle.tls.TlsProtocol.blockForHandshake(Unknown Source)15:30:21,557 ERROR [STDERR] atorg.bouncycastle.tls.TlsClientProtocol.connect(Unknown Source)15:30:21,557 ERROR [STDERR] atorg.bouncycastle.jsse.provider.ProvSSLSocketDirect.startHandshake(UnknownSource) 15:30:21,557 ERROR [STDERR] atorg.bouncycastle.jsse.provider.ProvSSLSocketDirect.handshakeIfNecessary(UnknownSource) 15:30:21,558 ERROR [STDERR] atorg.bouncycastle.jsse.provider.ProvSSLSocketDirect$AppDataOutput.write(UnknownSource) 15:30:21,558 ERROR [STDERR] atjava.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)15:30:21,558 ERROR [STDERR] atjava.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)15:30:21,559 ERROR [STDERR] atjava.io.DataOutputStream.flush(DataOutputStream.java:106) 15:30:21,559ERROR [STDERR] atcom.rabbitmq.client.impl.SocketFrameHandler.sendHeader(SocketFrameHandler.java:121)15:30:21,559 ERROR [STDERR] atcom.rabbitmq.client.impl.SocketFrameHandler.sendHeader(SocketFrameHandler.java:126)15:30:21,559 ERROR [STDERR] atcom.rabbitmq.client.impl.AMQConnection.start(AMQConnection.java:293)15:30:21,560 ERROR [STDERR] atcom.rabbitmq.client.ConnectionFactory.newConnection(ConnectionFactory.java:516)15:30:21,560 ERROR [STDERR] atcom.rabbitmq.client.ConnectionFactory.newConnection(ConnectionFactory.java:533)15:30:21,560 ERROR [STDERR] atpl.sygnity.rabbit.utils.RabbitMqListener.connect(RabbitMqListener.java:72)15:30:21,560 ERROR [STDERR] atpl.sygnity.rabbit.utils.RabbitMqListener.access$000(RabbitMqListener.java:22)15:30:21,561 ERROR [STDERR] atpl.sygnity.rabbit.utils.RabbitMqListener$1.run(RabbitMqListener.java:43)15:30:21,561 ERROR [STDERR] atjava.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:895)15:30:21,561 ERROR [STDERR] atjava.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:918)15:30:21,562 ERROR [STDERR] atjava.lang.Thread.run(Thread.java:662)
I use BouncyCastle:
<dependency><groupId>org.bouncycastle</groupId><artifactId>bcprov-jdk15on</artifactId><version>1.68</version></dependency><dependency><groupId>org.bouncycastle</groupId><artifactId>bcpkix-jdk15on</artifactId><version>1.68</version></dependency>Do I miss something?keyStore looks ok:Its type is jks
mykey, 2025-04-01, trustedCertEntry,(SHA1): 25:C6:61:E6:6A:02:39:91:4F:29:11:2A:5E:F9:7B:A6:F8:71:24:A4
when I go to mq rabbit, and print status,Interface: 0.0.0.0, port: 5671, protocol: amqp/ssl, purpose: AMQP 0-9-1 and AMQP 1.0 over TLS
when I inspect rabbit with openssl s_client -connect :
I receive:
Can't use SSL_get_servernamedepth=0 C = AU, ST = ASP, L = VIT, O = Comp, OU = DCL, CN = localhost, emailAddress = maili@comp.comverify error:num=18:self signed certificateverify return:1...6/HQmL3DK7Rwp0mhkTmv44zm3akVYYnNpvwVU7OLHw7svyeVgDAG51WXdM3a/6a7eRclcQaixi6oXfHDcejTmvTNulYzddj/8m8hjgKPinz/rMskihy1zOU=-----END CERTIFICATE-----subject=C = AU, ST = ASP, L = VIT, O = Comp, OU = DCL, CN = localhost, emailAddress = maili@comp.com
issuer=C = C = AU, ST = ASP, L = VIT, O = Comp, OU = DCL, CN = localhost, emailAddress = maili@comp.com
No client certificate CA names sentPeer signing digest: SHA256Peer signature type: RSA-PSSServer Temp Key: X25519, 253 bits
SSL handshake has read 1557 bytes and written 373 bytesVerification error: self signed certificate
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384Server public key is 2048 bitSecure Renegotiation IS NOT supportedCompression: NONEExpansion: NONENo ALPN negotiatedEarly data was not sentVerify return code: 18 (self signed certificate)
closed
Is it a problem with certificate? Or the Java6 in the application? maybe both?I would appreciate if someone could help.
PS. Upgrading java is not an option.