For what it's worth, I just tested with 1.4.0 and the result was the same as before (i.e. everything worked).
Justin ----- Original Message ----- From: "Justin Bertram" <jbert...@apache.com> To: users@activemq.apache.org Sent: Tuesday, January 31, 2017 6:47:07 PM Subject: Re: Client Reconnect/failover problem via Core API with HA Configuration when configured with SSL I tried this on master so it would be beyond 1.5.2. That said, not much has changed with the SSL implementation stuff in quite some time so I wouldn't expect that to make a difference. As far as getting things down to the smallest set, I don't see any way around that. Until you can eliminate all non-essential elements you can't really understand the problem. I didn't use 2 different physical machines as the example just runs on a single box. However, 2 different Artemis instances were used and each had their own unique certificate which was, in turn, imported into the client's truststore. Therefore I think it is a valid test of your assumption. Justin ----- Original Message ----- From: "funkyjive" <david.benn...@gmx.com> To: users@activemq.apache.org Sent: Tuesday, January 31, 2017 6:00:22 PM Subject: Re: Client Reconnect/failover problem via Core API with HA Configuration when configured with SSL Did you try this with the latest 1.5.2? Or with 1.4.0? If you "just worked" with 1.5.2, maybe I'll try that first. There is a bit of work to do to extract everything enough to reproduce this and get it down to its smallest set. A couple of important questions: Did you actually use two different machines on the SSL? And was there two different certificates in your trust store? I think this may be an essential feature because if this was done completely on the same machine with the same certificate, just using a different port -- there is every reason to suspect the SSL Context settings would be fine being exactly the same. If you did it on one machine and it worked for the above reason, it would be consistent with my analysis that the ssl settings could be copied and while valid for the initial machine, would be invalid for the second connection. (Where if it was the same machine and same cert, that would simply work). Let me see what it will take to do a simple reproduction. -- View this message in context: http://activemq.2283324.n4.nabble.com/Client-Reconnect-failover-problem-via-Core-API-with-HA-Configuration-when-configured-with-SSL-tp4721435p4721450.html Sent from the ActiveMQ - User mailing list archive at Nabble.com.
