Uploaded image for project: 'AMQ Broker'
  1. AMQ Broker
  2. ENTMQBR-8166

Self-signed certificate with UseClientAuth=true prevents communication of Operator with Jolokia

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Critical Critical
    • None
    • AMQ 7.11.1.OPR.1.GA
    • operator

      Setup:
      1. Operator - 7.11.1.CR1
      2. AMQ Broker with following CR:

      apiVersion: broker.amq.io/v1beta1
      kind: ActiveMQArtemis
      metadata:
        name: artemis
      spec:
        acceptors:
          - expose: false
            name: my-amqp
            port: 5672
            protocols: amqp
        console:
          expose: true
          sslEnabled: true
          useClientAuth: true
          sslSecret: artemis-console-secret
        deploymentPlan:
          image: placeholder
          jolokiaAgentEnabled: true
          managementRBACEnabled: true
          size: 1
      
      

      3. Valid secret `artemis-console-secret`

      4. Address (default example from repository)

      Result in log:

      ERROR    controller.activemqartemisaddress    failed to create address 
      resource, request will be requeued    {"reconciler group": "broker.amq.io",
       "reconciler kind": "ActiveMQArtemisAddress", "name": "ex-aaoaddress", 
      "namespace": "broker-ssl", "Request.Namespace": "broker-ssl", 
      "Request.Name": "ex-aaoaddress", "Reconciling": 
      "ActiveMQArtemisAddress", "error": "Post 
      \"https://pybWgmGH:***@10.129.2.209:8161/console/jolokia/exec/org.apache.activemq.artemis:broker=%5C%22amq-broker%5C%22\":
       remote error: tls: bad certificate"
      

              gtully@redhat.com Gary Tully
              mkrutov Mikhail Krutov
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated: