search

vdesabou / kafka-docker-playground

🐳✨ Fully automated Apache Kafka® and Confluent Docker based examples // 👷‍♂️ Easily build examples or reproduction models
https://kafka-docker-playground.io
MIT License
652 stars 207 forks source link

IBM MQ mTLS tests are broken #1373

Closed vdesabou closed 3 years ago

vdesabou commented 3 years ago

discovered that if mq.ssl.cipher.suite is not set, TLS settings are not used...

vdesabou commented 3 years ago 
[2021-09-20 09:20:48,851] ERROR [ibm-mq-source-mtls|task-0] WorkerSourceTask{id=ibm-mq-source-mtls-0} Task threw an uncaught and unrecoverable exception. Task is being killed and will not recover until manually restarted (org.apache.kafka.connect.runtime.WorkerTask:184)
org.apache.kafka.connect.errors.ConnectException: Failed on attempt 1 of 2147483647 to Connecting with connection 1: Failed to start new JMS session connection 1: JMSWMQ0018: Failed to connect to queue manager 'QM1' with connection mode 'Client' and host name 'ibmmq(1414)'.
        at io.confluent.connect.utils.retry.RetryPolicy.callWith(RetryPolicy.java:423)
        at io.confluent.connect.utils.retry.RetryPolicy.call(RetryPolicy.java:337)
        at io.confluent.connect.jms.core.source.MessageProcessor.startConnectionWithRetries(MessageProcessor.java:273)
        at io.confluent.connect.jms.core.source.MessageProcessor.poll(MessageProcessor.java:242)
        at io.confluent.connect.jms.core.source.BaseJmsAsyncSourceTask.poll(BaseJmsAsyncSourceTask.java:149)
        at org.apache.kafka.connect.runtime.WorkerSourceTask.poll(WorkerSourceTask.java:268)
        at org.apache.kafka.connect.runtime.WorkerSourceTask.execute(WorkerSourceTask.java:241)
        at org.apache.kafka.connect.runtime.WorkerTask.doRun(WorkerTask.java:182)
        at org.apache.kafka.connect.runtime.WorkerTask.run(WorkerTask.java:231)
        at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515)
        at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
        at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
        at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
        at java.base/java.lang.Thread.run(Thread.java:829)
Caused by: org.apache.kafka.connect.errors.ConnectException: Failed to start new JMS session connection 1: JMSWMQ0018: Failed to connect to queue manager 'QM1' with connection mode 'Client' and host name 'ibmmq(1414)'.
        at io.confluent.connect.jms.core.source.JmsConnection.start(JmsConnection.java:179)
        at io.confluent.connect.jms.core.source.MessageProcessor.tryStartConnection(MessageProcessor.java:297)
        at io.confluent.connect.jms.core.source.MessageProcessor.lambda$startConnectionWithRetries$1(MessageProcessor.java:278)
        at io.confluent.connect.utils.retry.RetryPolicy.lambda$call$1(RetryPolicy.java:337)
        at io.confluent.connect.utils.retry.RetryPolicy.callWith(RetryPolicy.java:417)
        ... 13 more
Caused by: com.ibm.msg.client.jms.DetailedJMSException: JMSWMQ0018: Failed to connect to queue manager 'QM1' with connection mode 'Client' and host name 'ibmmq(1414)'.
Check the queue manager is started and if running in client mode, check there is a listener running. Please see the linked exception for more information.
        at com.ibm.msg.client.wmq.common.internal.Reason.reasonToException(Reason.java:595)
        at com.ibm.msg.client.wmq.common.internal.Reason.createException(Reason.java:215)
        at com.ibm.msg.client.wmq.internal.WMQConnection.<init>(WMQConnection.java:423)
        at com.ibm.msg.client.wmq.factories.WMQConnectionFactory.createV7ProviderConnection(WMQConnectionFactory.java:8469)
        at com.ibm.msg.client.wmq.factories.WMQConnectionFactory.createProviderConnection(WMQConnectionFactory.java:7809)
        at com.ibm.msg.client.jms.admin.JmsConnectionFactoryImpl._createConnection(JmsConnectionFactoryImpl.java:299)
        at com.ibm.msg.client.jms.admin.JmsConnectionFactoryImpl.createConnection(JmsConnectionFactoryImpl.java:236)
        at com.ibm.mq.jms.MQConnectionFactory.createCommonConnection(MQConnectionFactory.java:6016)
        at com.ibm.mq.jms.MQConnectionFactory.createConnection(MQConnectionFactory.java:6041)
        at io.confluent.connect.jms.core.source.JmsConnection.start(JmsConnection.java:133)
        ... 17 more
Caused by: com.ibm.mq.MQException: JMSCMQ0001: IBM MQ call failed with compcode '2' ('MQCC_FAILED') reason '2397' ('MQRC_JSSE_ERROR').
        at com.ibm.msg.client.wmq.common.internal.Reason.createException(Reason.java:203)
        ... 25 more
Caused by: com.ibm.mq.jmqi.JmqiException: CC=2;RC=2397;AMQ9204: Connection to host 'ibmmq(1414)' rejected. [1=com.ibm.mq.jmqi.JmqiException[CC=2;RC=2397;AMQ9771: SSL handshake failed. [1=javax.net.ssl.SSLHandshakeException[Remote host terminated the handshake],3=ibmmq/172.22.0.2:1414 (ibmmq),4=SSLSocket.startHandshake,5=default]],3=ibmmq(1414),5=RemoteTCPConnection.protocolConnect]
        at com.ibm.mq.jmqi.remote.api.RemoteFAP.jmqiConnect(RemoteFAP.java:2275)
        at com.ibm.mq.jmqi.remote.api.RemoteFAP.jmqiConnect(RemoteFAP.java:1280)
        at com.ibm.mq.ese.jmqi.InterceptedJmqiImpl.jmqiConnect(InterceptedJmqiImpl.java:377)
        at com.ibm.mq.ese.jmqi.ESEJMQI.jmqiConnect(ESEJMQI.java:562)
        at com.ibm.msg.client.wmq.internal.WMQConnection.<init>(WMQConnection.java:356)
        ... 24 more
Caused by: com.ibm.mq.jmqi.JmqiException: CC=2;RC=2397;AMQ9771: SSL handshake failed. [1=javax.net.ssl.SSLHandshakeException[Remote host terminated the handshake],3=ibmmq/172.22.0.2:1414 (ibmmq),4=SSLSocket.startHandshake,5=default]
        at com.ibm.mq.jmqi.remote.impl.RemoteTCPConnection.protocolConnect(RemoteTCPConnection.java:1328)
        at com.ibm.mq.jmqi.remote.impl.RemoteConnection.connect(RemoteConnection.java:1012)
        at com.ibm.mq.jmqi.remote.impl.RemoteConnectionSpecification.getSessionFromNewConnection(RemoteConnectionSpecification.java:409)
        at com.ibm.mq.jmqi.remote.impl.RemoteConnectionSpecification.getSession(RemoteConnectionSpecification.java:305)
        at com.ibm.mq.jmqi.remote.impl.RemoteConnectionPool.getSession(RemoteConnectionPool.java:155)
        at com.ibm.mq.jmqi.remote.api.RemoteFAP.jmqiConnect(RemoteFAP.java:1716)
        ... 28 more
Caused by: javax.net.ssl.SSLHandshakeException: Remote host terminated the handshake
        at java.base/sun.security.ssl.SSLSocketImpl.handleEOF(SSLSocketImpl.java:1616)
        at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1434)
        at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1336)
        at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:450)
        at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:421)
        at com.ibm.mq.jmqi.remote.impl.RemoteTCPConnection$6.run(RemoteTCPConnection.java:1296)
        at com.ibm.mq.jmqi.remote.impl.RemoteTCPConnection$6.run(RemoteTCPConnection.java:1288)
        at java.base/java.security.AccessController.doPrivileged(Native Method)
        at com.ibm.mq.jmqi.remote.impl.RemoteTCPConnection.protocolConnect(RemoteTCPConnection.java:1288)
        ... 33 more
Caused by: java.io.EOFException: SSL peer shut down incorrectly
        at java.base/sun.security.ssl.SSLSocketInputRecord.read(SSLSocketInputRecord.java:483)
        at java.base/sun.security.ssl.SSLSocketInputRecord.readHeader(SSLSocketInputRecord.java:472)
        at java.base/sun.security.ssl.SSLSocketInputRecord.decode(SSLSocketInputRecord.java:160)
        at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:111)
        at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1426)
        ... 40 more
vdesabou commented 3 years ago

This should be better now