I have a java application 'A' running in an AWS ECS Cluster that connects to a Solace message broker instance running on its own ec2 instance in AWS.
Its been working for the last few months but have noticed today the following exception:
INFO TcpClientChannel:2377 - Connection attempt failed to host 'my-solace-domain-name' ConnectException com.solacesystems.jcsmp.JCSMPTransportException: CertificateException - java.security.cert.CertPathValidatorException: subject/issuer name chaining check failed cause: java.security.cert.CertificateException: java.security.cert.CertPathValidatorException: subject/issuer name chaining check failed ((Client name: 139bcb21421e/1/#000f0001 Local addr: <app A's local address:App A's port> Remote addr: 'my-solace-domain-name':55443) - )
I'm not too experienced with certificate related issues. Any clues as to why this exception would occur all of a sudden? and what possible fixes can be done?
The error means that the client received a server-certificate from the Solace broker but is unable to trust the server-certificate because it cannot create a chain with the trust anchors configured on the client side. Were there any changes to the local client's trust store, or to the server-certificate on the broker side?