AMQ 7 console with HTTPS shows error message "400: Invalid SNI"

Solution Verified - Updated -

Issue

After configuring the AMQ 7 console to accept only HTTPS connections, browsers and other clients can no longer connect to the console. The following message is present in the broker log, and may be seen by the client as well:

org.eclipse.jetty.http.BadMessageException: 400: Invalid SNI
    at org.eclipse.jetty.server.SecureRequestCustomizer.customize(SecureRequestCustomizer.java:266)
    at org.eclipse.jetty.server.SecureRequestCustomizer.customize(SecureRequestCustomizer.java:207)
    at ... org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1149)
    at java.base/java.lang.Thread.run(Thread.java:840)

This problem did not affect AMQ 7.10 and earlier.

Environment

  • Red Hat AMQ
    • 7.11, 7.12

Later versions will likely also be affected.

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content