Problem

A system is being upgraded with ActiveMQ external secure connections but there is a problem deploying the new fed config on the 7.7 system during the "sysupgrade apply" stage. The error exception :-

ERROR 19/Oct/2020:08:59:17.129 [10e3:000000000000000000000000] Error executing reconnect to JMS Service Back:
javax.jms.JMSException: Could not connect to broker URL: ssl://api-back-11:61616. Reason: javax.net.ssl.SSLHandshakeException: No subject alternative DNS name matching api-back-11 found.
at org.apache.activemq.util.JMSExceptionSupport.create(JMSExceptionSupport.java:36)
at com.vordel.dwe.jms.JMSService.connect(JMSService.java:541)
at com.vordel.dwe.jms.JMSService.access$900(JMSService.java:73)
at com.vordel.dwe.jms.JMSService$1.call(JMSService.java:500)
at com.vordel.dwe.jms.JMSService$1.call(JMSService.java:496)

Resolution

A solution would be to make sure the DNS name is matched in the certificate and the JMS connection URL.

If it doesn't match then a workaround would be to prevent that handshake check with a modified JMS connection URL adding the extra parameter below

ssl://api-back-11:61616?verifyHostName=false