Reactive messaging AMQP and Service Bus with Open Liberty

Question

Open Liberty comes with the feature mpReactiveMessaging-1.0 which includes a Kafka connector.

I want to integrate with Azure Service Bus and I use the Smallrye AMQP connector (version 1.0.8).

When trying to send to a Service Bus queue using @Outgoing-annotation I get

javax.net.ssl.SSLHandshakeException: Failed to create SSL connection

which I spotted when debugging the Smallrye implementation.

I have looked through the Proton, vert.x and Azure Service Bus AMQP docs, but I cannot find examples or indication of what is wrong with my set of MP config properties for a working AMQP Service Bus connection.

mp.messaging.outgoing.servicebus.address=xxxxxxx 
mp.messaging.outgoing.servicebus.connector=smallrye-amqp
mp.messaging.outgoing.servicebus.host=xxxxx.servicebus.windows.net
mp.messaging.outgoing.servicebus.port=5672
mp.messaging.outgoing.servicebus.username=my_saspolicyname
mp.messaging.outgoing.servicebus.password=the_saskey
mp.messaging.outgoing.servicebus.use-ssl=true
mp.messaging.outgoing.servicebus.hostname-verification-algorithm=''
mp.messaging.outgoing.servicebus.containerId=mycontainer
mp.messaging.outgoing.servicebus.amqp-use-ssl=true

Answer 1

Open Liberty, by default, does not trust the standard list of CA certificates provided by Java. I'm not familiar with Azure Service Bus, but since I can't find anything in the docs about configuring certificates, I'm assuming it uses a certificate signed by a trusted authority.

In this case, you probably need to add this to your server.xml to tell OpenLiberty to trust the CA certs included with Java.

<ssl id="defaultSSLConfig" trustDefaultCerts="true"/>

This option was added in Open Liberty version 19.0.0.12