Hi Justin, We are using certificate based authentication. Below is the details of issue we faced with Artemis 2.27.1. 1. Host A has 10 client applications who use certificate based authentication. Most of them are using OpenWire protocol. Some are AMQP and core based as well. 2. 8 of them are configured correctly to pull correct client certificate and present to broker. These result in successful SSL handshake and connections are made. They are able to consume messages without issue. 3. Many times they disconnect due to time out or broker restart or customer application restart etc. but connect back to broker and message consumption continues without issue. 4. 2 of them have not configured SSL correctly or have wrong/invalid certificate and they try to connect to broker. 5. Broker throws SSL handshake error and rejects connection. As these listener keep running hence keep generating this connection issue. 6. Broker memory consumption increases and it also slows down a bit. 7. When any valid connection times out (from previous 8 good clients), they are now not able to connect back to broker as invalid connection attempts are too much and good clients get SSL handshake error with connection timeout. 8. Now this impacts those 8 good clients which were working fine before 2 bad clients started creating issue. 9. Similar behavior was not seen in Artemis 2.26.0 or Artemis 2.29.0+. Here broker gets a hit due to invalid connection attempts, slow downs a bit but continue to support good connection.
Do you have some suggestion as how to handle such case in certificate based authentication? Also regarding the caching of good and bad connection, where is this setting defined in broker configuration? Thanks Shiv
