将 Spring Cloud Services 从 2.4.1 升级到 3.5.5 时,我们发现应用程序无法连接到 Cloud Foundry 中的 Rabbit MQ 服务。它抛出以下异常:-
c.r.client.impl.SocketFrameHandler : TLS connection failed: No subject alternative names matching IP address XXX found使用 2.4.1 版本的 Spring 自动重新配置和 Spring Cloud 连接器能够创建 Rabbit MQ 连接时,这从来都不是问题。您能指导我解决这个问题吗?
VCAP_VARIABLE 示例:
{
"label": "p-rabbitmq",
"provider": null,
"plan": "standard",
"name": "rabbit-service-poc",
"tags": [
"rabbitmq",
"rabbit",
"messaging",
"message-queue",
"amqp",
"mqtt",
"stomp"
],
"instance_guid": "VIRTUALHOST",
"instance_name": "rabbit-service-poc",
"binding_guid": "USERNAME",
"binding_name": null,
"credentials": {
"dashboard_url": "https://pivotal-rabbitmq.mydomain.com",
"hostname": "XX.XXX.XX.XX",
"hostnames": [
"XX.XXX.XX.XX"
],
"http_api_uri": "https://USERNAME:[email protected]/api/",
"http_api_uris": [
"https://USERNAME:[email protected]/api/"
],
"password": "PASSWORD",
"protocols": {
"amqp": {
"host": "XX.XXX.XX.XX",
"hosts": [
"XX.XXX.XX.XX"
],
"password": "PASSWORD",
"port": 5672,
"ssl": false,
"uri": "amqp://USERNAME:[email protected]:5672/VIRTUALHOST",
"uris": [
"amqp://USERNAME:[email protected]:5672/VIRTUALHOST"
],
"username": "USERNAME",
"vhost": "VIRTUALHOST"
},
"amqp+ssl": {
"host": "XX.XXX.XX.XX",
"hosts": [
"XX.XXX.XX.XX"
],
"password": "PASSWORD",
"port": 5671,
"ssl": true,
"uri": "amqps://USERNAME:[email protected]:5671/VIRTUALHOST",
"uris": [
"amqps://USERNAME:[email protected]:5671/VIRTUALHOST"
],
"username": "USERNAME",
"vhost": "VIRTUALHOST"
},
"management": {
"host": "XX.XXX.XX.XX",
"hosts": [
"XX.XXX.XX.XX"
],
"password": "PASSWORD",
"path": "/api/",
"port": 15672,
"ssl": false,
"uri": "http://USERNAME:[email protected]:15672/api/",
"uris": [
"http://USERNAME:[email protected]:15672/api/"
],
"username": "USERNAME"
},
"management+ssl": {
"host": "XX.XXX.XX.XX",
"hosts": [
"XX.XXX.XX.XX"
],
"password": "PASSWORD",
"path": "/api/",
"port": 15672,
"ssl": false,
"uri": "http://USERNAME:[email protected]:15672/api/",
"uris": [
"http://USERNAME:[email protected]:15672/api/"
],
"username": "USERNAME"
}
},
"ssl": true,
"uri": "amqps://USERNAME:[email protected]/VIRTUALHOST",
"uris": [
"amqps://USERNAME:[email protected]/VIRTUALHOST"
],
"username": "USERNAME",
"vhost": "VIRTUALHOST"
},
"syslog_drain_url": null,
"volume_mounts": []
}```
AFAUI,该行为由 AmqpCfEnvProcessor 的 process 方法管理 .
就我而言(使用
cf-env-boot-2.4.3在问题报告修复之前,以下解决方法对我有用:
1. 要跳过行
AmqpCfEnvProcessorport5671credentials.uri2. 这样做也会使
AmqpCfEnvProcessorspring.rabbitmq.ssl.port: <MY_CUSTOM_PORT_FOR_SSL_CONNECTION>
spring.rabbitmq.ssl.enabled: true
3. 这样在启动时我的应用程序尝试连接如下地址并收到异常。
10.X.X.X:MY_CUSTOM_PORT_FOR_SSL_CONNECTION:MY_CUSTOM_PORT_FOR_SSL_CONNECTION
由于生成的地址中有2个端口值,所以我从
credentials.hostnamecredentials.hostname10.X.X.X:MY_CUSTOM_PORT_FOR_SSL_CONNECTION
credentials.hostname10.X.X.X
4. 最后,我的应用程序尝试连接到正确的地址,但抛出了 SunCertPathBuilderException。因此,我在应用程序属性中添加了以下值:
spring.rabbitmq.ssl.validate-server-certificate: false
结果,我的应用程序成功连接到RabbitMQ。
问题中描述的问题可能不需要执行上述某些步骤,例如更改默认端口值,但总的来说,它可能有助于找到解决方法。