Vertx SSL/TLS Handshake failure while connecting solace server - vert.x

I am using vert.x java client for connecting solace server. While using SSL certificates for connectivity, receiving below SSL handshake error.I am using settrustall(true) in my code. Could someone help with cause for the error and resolution.
Below is the error:
SEVERE: Unhandled exception
java.lang.IllegalStateException: Bridge was not successfully started
at io.vertx.amqpbridge.impl.AmqpBridgeImpl.createConsumer(AmqpBridgeImpl.java:174)
at com.gtaa.nch.amqp.MyErrorResponse.lambda$2(MyErrorResponse.java:241)
at io.vertx.amqpbridge.impl.AmqpBridgeImpl.lambda$startImpl$5(AmqpBridgeImpl.java:157)
at io.vertx.proton.impl.ProtonClientImpl$ConnectCompletionHandler.handle(ProtonClientImpl.java:122)
at io.vertx.proton.impl.ProtonClientImpl.lambda$connectNetClient$1(ProtonClientImpl.java:97)
at io.vertx.core.net.impl.NetClientImpl.lambda$connect$2(NetClientImpl.java:113)
at io.vertx.core.net.impl.NetClientImpl.doFailed(NetClientImpl.java:268)
at io.vertx.core.net.impl.NetClientImpl.lambda$failed$12(NetClientImpl.java:264)
at io.vertx.core.impl.ContextImpl.lambda$wrapTask$2(ContextImpl.java:337)
at io.vertx.core.impl.ContextImpl.executeFromIO(ContextImpl.java:195)
at io.vertx.core.net.impl.NetClientImpl.failed(NetClientImpl.java:264)
at io.vertx.core.net.impl.NetClientImpl.lambda$null$4(NetClientImpl.java:208)
at io.netty.util.concurrent.DefaultPromise.notifyListener0(DefaultPromise.java:507)
at io.netty.util.concurrent.DefaultPromise.notifyListeners0(DefaultPromise.java:500)
at io.netty.util.concurrent.DefaultPromise.notifyListenersNow(DefaultPromise.java:479)
at io.netty.util.concurrent.DefaultPromise.notifyListeners(DefaultPromise.java:420)
at io.netty.util.concurrent.DefaultPromise.tryFailure(DefaultPromise.java:122)
at io.netty.handler.ssl.SslHandler.notifyHandshakeFailure(SslHandler.java:1535)
at io.netty.handler.ssl.SslHandler.setHandshakeFailure(SslHandler.java:1521)
at io.netty.handler.ssl.SslHandler.setHandshakeFailure(SslHandler.java:1493)
at io.netty.handler.ssl.SslHandler.handleUnwrapThrowable(SslHandler.java:1186)
at io.netty.handler.ssl.SslHandler.decodeJdkCompatible(SslHandler.java:1165)
at io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1194)
at io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:489)
at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:428)
at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:265)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:362)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:348)
at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:340)
at io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1359)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:362)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:348)
at io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:935)
at io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:141)
at io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:645)
at io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:580)
at io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:497)
at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:459)
at io.netty.util.concurrent.SingleThreadEventExecutor$5.run(SingleThreadEventExecutor.java:886)
at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
at java.lang.Thread.run(Unknown Source)

This is in all likelihood an SSL configuration problem.
Check your bridge configuration targets the AMQP SSL port on the Solace broker, not the plain text port (defaults are 5671 rather than 5672)
Check the broker SSL configuration is valid (is the AMQP SSL service showing Operational UP?
Use sdkperf_jmsamqp to check that your SSL connection, certificates etc are valid.

Related

Milo: Connect to (public) OPC-UA-Server

First of all: I'm a newbie to OPCUA. :)
I'm trying to connect an Milo Client to our Server but don't really understand whats going wrong. The sample Client and Server work fine together, but when I try to connect the client sample with one of the public OPC-UA-Test-Servers I get those exceptions:
15:48:34.729 [ua-netty-event-loop-0] DEBUG
org.eclipse.milo.opcua.stack.client.handlers.UaTcpClientAcknowledgeHandler
- Sent Hello message on channel=[id: 0xc22800c2, L:/10.22.19.217:58947 - R:opcua.demo-this.com/52.233.134.134:51210]. 15:48:34.729 [ua-netty-event-loop-0] WARN io.netty.channel.DefaultChannelPipeline -
An exceptionCaught() event was fired, and it reached at the tail of
the pipeline. It usually means the last handler in the pipeline did
not handle the exception. java.io.IOException: An existing connection
was forcibly closed by the remote host at
sun.nio.ch.SocketDispatcher.read0(Native Method) at
sun.nio.ch.SocketDispatcher.read(SocketDispatcher.java:43) at
sun.nio.ch.IOUtil.readIntoNativeBuffer(IOUtil.java:223) at
sun.nio.ch.IOUtil.read(IOUtil.java:192) at
sun.nio.ch.SocketChannelImpl.read(SocketChannelImpl.java:380) at
io.netty.buffer.PooledUnsafeDirectByteBuf.setBytes(PooledUnsafeDirectByteBuf.java:221)
at
io.netty.buffer.AbstractByteBuf.writeBytes(AbstractByteBuf.java:898)
at
io.netty.channel.socket.nio.NioSocketChannel.doReadBytes(NioSocketChannel.java:242)
at
io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:119)
at
io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:528)
at
io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:485)
at
io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:399)
at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:371) at
io.netty.util.concurrent.SingleThreadEventExecutor$2.run(SingleThreadEventExecutor.java:112)
at java.lang.Thread.run(Thread.java:745) 15:48:39.612
[ForkJoinPool.commonPool-worker-1] DEBUG
org.eclipse.milo.opcua.stack.client.ClientChannelManager - Channel
bootstrap failed: timed out waiting for acknowledge
org.eclipse.milo.opcua.stack.core.UaException: timed out waiting for
acknowledge at
org.eclipse.milo.opcua.stack.client.handlers.UaTcpClientAcknowledgeHandler.lambda$startHelloTimeout$4(UaTcpClientAcknowledgeHandler.java:156)
at
org.eclipse.milo.opcua.stack.client.handlers.UaTcpClientAcknowledgeHandler$$Lambda$27/469017260.run(Unknown
Source) at
io.netty.util.HashedWheelTimer$HashedWheelTimeout.expire(HashedWheelTimer.java:581)
at
io.netty.util.HashedWheelTimer$HashedWheelBucket.expireTimeouts(HashedWheelTimer.java:655)
at
io.netty.util.HashedWheelTimer$Worker.run(HashedWheelTimer.java:367)
at java.lang.Thread.run(Thread.java:745) 15:48:39.613 [main] ERROR
org.eclipse.milo.examples.client.ClientExampleRunner - Error running
example: UaException: status=Bad_Timeout, message=timed out waiting
for acknowledge java.util.concurrent.ExecutionException: UaException:
status=Bad_Timeout, message=timed out waiting for acknowledge at
java.util.concurrent.CompletableFuture.reportGet(CompletableFuture.java:357)
at
java.util.concurrent.CompletableFuture.get(CompletableFuture.java:1887)
at
org.eclipse.milo.examples.client.ClientExampleRunner.createClient(ClientExampleRunner.java:56)
at
org.eclipse.milo.examples.client.ClientExampleRunner.run(ClientExampleRunner.java:103)
at
org.eclipse.milo.examples.client.BrowseExample.main(BrowseExample.java:40)
Caused by: org.eclipse.milo.opcua.stack.core.UaException: timed out
waiting for acknowledge at
org.eclipse.milo.opcua.stack.client.handlers.UaTcpClientAcknowledgeHandler.lambda$startHelloTimeout$4(UaTcpClientAcknowledgeHandler.java:156)
at
org.eclipse.milo.opcua.stack.client.handlers.UaTcpClientAcknowledgeHandler$$Lambda$27/469017260.run(Unknown
Source) at
io.netty.util.HashedWheelTimer$HashedWheelTimeout.expire(HashedWheelTimer.java:581)
at
io.netty.util.HashedWheelTimer$HashedWheelBucket.expireTimeouts(HashedWheelTimer.java:655)
at
io.netty.util.HashedWheelTimer$Worker.run(HashedWheelTimer.java:367)
at java.lang.Thread.run(Thread.java:745) 15:48:42.842
[threadDeathWatcher-2-1] DEBUG io.netty.buffer.PoolThreadCache - Freed
2 thread-local buffer(s) from thread: ua-netty-event-loop-0
I took the sample-Code and removed the Certificate/Keypair and changed the URL to opc.tcp://opcua.demo-this.com:51210/UA/SampleServer since the public server doesn't need authorization:
SecurityPolicy securityPolicy = clientExample.getSecurityPolicy();
EndpointDescription[] endpoints = UaTcpStackClient.getEndpoints("opc.tcp://opcua.demo-this.com:51210/UA/SampleServer").get();
EndpointDescription endpoint = Arrays.stream(endpoints)
.filter(e -> e.getSecurityPolicyUri().equals(securityPolicy.getSecurityPolicyUri()))
.findFirst().orElseThrow(() -> new Exception("no desired endpoints returned"));
logger.info("Using endpoint: {} [{}]", endpoint.getEndpointUrl(), securityPolicy);
loader.load();
OpcUaClientConfig config = OpcUaClientConfig.builder()
.setApplicationName(LocalizedText.english("eclipse milo opc-ua client"))
.setApplicationUri("urn:eclipse:milo:examples:client")
//.setCertificate(loader.getClientCertificate())
//.setKeyPair(loader.getClientKeyPair())
.setEndpoint(endpoint)
.setIdentityProvider(clientExample.getIdentityProvider())
.setRequestTimeout(uint(5000))
.build();
return new OpcUaClient(config);
What am I missing?
Greetings and thanks in advance :)
Buried in that stack trace is the real problem: UaException: timed out waiting for acknowledge.
Maybe your firewall or network setup is blocking it, or maybe the server didn't send it back, but the problem is that the client never received the Acknowledge message in response to its Hello.
FWIW, I can run the ReadExample against that public server with no issue. In ReadExample I overrode getSecurityPolicy() and returned SecurityPolicy.None and in ClientExampleRunner just replaced the endpoint URL.

JNDI port configuration for JBoss eap 6.4

We are migrating an application from JBoss AS 4.2 to JBoss eap 6.4. While deploying the application getting the below exception.
javax.naming.CommunicationException: Could not obtain connection to any of these urls: localhost:10099 and discovery failed with error: javax.naming.CommunicationException: Receive timed out [Root exception is java.net.SocketTimeoutException: Receive timed out] [Root exception is javax.naming.CommunicationException: Failed to connect to server localhost:10099 [Root exception is javax.naming.ServiceUnavailableException: Failed to connect to server localhost:10099 [Root exception is java.net.ConnectException: Connection refused: connect]]]
at org.jnp.interfaces.NamingContext.checkRef(NamingContext.java:1562)
at org.jnp.interfaces.NamingContext.lookup(NamingContext.java:634)
at org.jnp.interfaces.NamingContext.lookup(NamingContext.java:627)
at javax.naming.InitialContext.lookup(InitialContext.java:411)
The connection to localhost:10099 is failed. When I have checked in the jboss-service.xml file of AS 4.2 the configuration for this port is present.
<mbean code="org.jboss.naming.NamingService"
name="jboss:service=Naming"
xmbean-dd="resource:xmdesc/NamingService-xmbean.xml">
<!-- The call by value mode. true if all lookups are unmarshalled using
the caller's TCL, false if in VM lookups return the value by reference.
-->
<attribute name="CallByValue">false</attribute>
<!-- The listening port for the bootstrap JNP service. Set this to -1
to run the NamingService without the JNP invoker listening port.
-->
<attribute name="Port">10099</attribute>
Can anyone please tell me where can we do the similar configuration in EAP 6. Tried adding in socket-binding-group in standalone.xml but did not work.
Check the boot.log to see what the value of jboss.bind.address is.
There should be a line similar to:
DEBUG [ServerInfo] jboss.bind.address: 127.0.0.1
Telnet to the server on the JNDI port to confirm there is a service listening:1.telnet HOSTNAME/IP JNDI_PORT 2. JNDI by default would be on port 1099
Check the firewall rules at the host machine and make sure ports 10099 are opened in order for twiddle to work.

SonarLint Eclipse connecting to SonarQube server gives "No storage for server 'sonar'. Please update."

My company upgraded to SonarQube 5.3. This requires changing from the SonarQube plugin for Eclipse to SonarLint. I regret that upgrade because my project quality profile contains 494 rules and only 12 are from Squid, so we have a massive project to make SonarLint in Eclipse at all useful. But I'm trying to install SonarLint 2.0.2 on my PC anyway. When I try to test the connection to the SQ server I get an error in the SonarLint Console. What's the problem?
No storage for server 'sonar'. Please update.
Fail to request https://sonar.forge.mycompany.com:9000/api/system/status
java.lang.IllegalStateException: Fail to request https://sonar.forge.mycompany.com:9000/api/system/status
at org.sonarqube.ws.client.HttpConnector.doCall(HttpConnector.java:202)
at org.sonarqube.ws.client.HttpConnector.get(HttpConnector.java:144)
at org.sonarqube.ws.client.HttpConnector.call(HttpConnector.java:133)
at org.sonarsource.sonarlint.core.container.connected.SonarLintWsClient.rawGet(SonarLintWsClient.java:98)
at org.sonarsource.sonarlint.core.container.connected.validate.ServerVersionAndStatusChecker.fetchServerInfos(ServerVersionAndStatusChecker.java:97)
at org.sonarsource.sonarlint.core.container.connected.validate.ServerVersionAndStatusChecker.checkVersionAndStatus(ServerVersionAndStatusChecker.java:61)
at org.sonarsource.sonarlint.core.container.connected.validate.ServerVersionAndStatusChecker.checkVersionAndStatus(ServerVersionAndStatusChecker.java:51)
at org.sonarsource.sonarlint.core.WsHelperImpl.validateConnection(WsHelperImpl.java:50)
at org.sonarsource.sonarlint.core.WsHelperImpl.validateConnection(WsHelperImpl.java:45)
at org.sonarlint.eclipse.core.internal.server.Server.testConnection(Server.java:244)
at org.sonarlint.eclipse.ui.internal.server.wizard.ServerConnectionTestJob.run(ServerConnectionTestJob.java:44)
at org.eclipse.jface.operation.ModalContext$ModalContextThread.run(ModalContext.java:122)
Caused by: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
at sun.security.ssl.InputRecord.handleUnknownRecord(Unknown Source)
at sun.security.ssl.InputRecord.read(Unknown Source)
at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at com.squareup.okhttp.internal.io.RealConnection.connectTls(RealConnection.java:192)
at com.squareup.okhttp.internal.io.RealConnection.connectSocket(RealConnection.java:149)
at com.squareup.okhttp.internal.io.RealConnection.connect(RealConnection.java:112)
at com.squareup.okhttp.internal.http.StreamAllocation.findConnection(StreamAllocation.java:184)
at com.squareup.okhttp.internal.http.StreamAllocation.findHealthyConnection(StreamAllocation.java:126)
at com.squareup.okhttp.internal.http.StreamAllocation.newStream(StreamAllocation.java:95)
at com.squareup.okhttp.internal.http.HttpEngine.connect(HttpEngine.java:281)
at com.squareup.okhttp.internal.http.HttpEngine.sendRequest(HttpEngine.java:224)
at com.squareup.okhttp.Call.getResponse(Call.java:286)
at com.squareup.okhttp.Call$ApplicationInterceptorChain.proceed(Call.java:243)
at com.squareup.okhttp.Call.getResponseWithInterceptorChain(Call.java:205)
at com.squareup.okhttp.Call.execute(Call.java:80)
at org.sonarqube.ws.client.HttpConnector.doCall(HttpConnector.java:199)
... 11 more
Port 9000 is the default HTTP-Port for SonarQube. SonarLint proposes https:// when configuring a new server connection.
So, if you just change
https://sonar.forge.mycompany.com:9000
to
http://sonar.forge.mycompany.com:9000
and you probably can connect SonarLint with SonarQube.
You're focused on the wrong thing. The "No Storage..." message won't stop it from working, I get that all the time with the latest sonar/sonar lint.
Have a look at your server configuration. It looks like there's a protocol mismatch...
java.lang.IllegalStateException: Fail to request https://sonar.forge.mycompany.com:9000/api/system/status
.
.
.
Caused by: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?

Error Connecting To Remote Host In Mirth

I need to create a connection between a lab machine and a server.
The lab machine can send HL7 messages for test results.
I decided to use mirthconnect to process the message and so i created a channel.
The channel source connector was configured as a "TCP LISTENER"
The Listener settings use a "specific interface" with ip address of the machine entered.
Response settings are configured to "auto-generate after source transformer"
Transmission mode is "MLLP" using "Server" mode.
Receive timeout is 0 ms, and "keep Connection Open" radio button is checked.
I also specified a port number "2468" to listen on and it showed as enabled when i did a
"netstat -at" command.
On the sending computer on the network, i created a channel again and i put in the IP address of the first machine with the receiving channel on the destination. I also put in the port number that was used when creating the channel on the "receiving" computer.
However when i clicked on the "Test Connection" button i got an
unable to connect to host error
I also tried to send a message after deploying the channel and the message was not sent.
The error generated is shown below:
TCP Sender error
ERROR MESSAGE: Connection refused: connect
java.net.ConnectException: Connection refused: connect
at java.net.DualStackPlainSocketImpl.waitForConnect(Native Method)
at java.net.DualStackPlainSocketImpl.socketConnect(Unknown Source)
at java.net.AbstractPlainSocketImpl.doConnect(Unknown Source)
at java.net.AbstractPlainSocketImpl.connectToAddress(Unknown Source)
at java.net.AbstractPlainSocketImpl.connect(Unknown Source)
at java.net.PlainSocketImpl.connect(Unknown Source)
at java.net.SocksSocketImpl.connect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at com.mirth.connect.connectors.tcp.SocketUtil.connectSocket(SocketUtil.java:62)
at com.mirth.connect.connectors.tcp.TcpDispatcher.send(TcpDispatcher.java:213)
at com.mirth.connect.donkey.server.channel.DestinationConnector.handleSend(DestinationConnector.java:599)
at com.mirth.connect.donkey.server.channel.DestinationConnector.process(DestinationConnector.java:336)
at com.mirth.connect.donkey.server.channel.DestinationChain.call(DestinationChain.java:224)
at com.mirth.connect.donkey.server.channel.Channel.process(Channel.java:1428)
at com.mirth.connect.donkey.server.channel.Channel.dispatchRawMessage(Channel.java:956)
at com.mirth.connect.donkey.server.channel.SourceConnector.dispatchRawMessage(SourceConnector.java:175)
at com.mirth.connect.server.controllers.DonkeyEngineController.dispatchRawMessage(DonkeyEngineController.java:520)
at com.mirth.connect.server.servlets.MessageObjectServlet$2.run(MessageObjectServlet.java:193)
at java.lang.Thread.run(Unknown Source)
I can successfully ping both systems and can connect to a MySQL server on the host by using
mysql -utest -ptest -hipaddressofhost
I am using Mirthconnect 3.0.
Please where am i missing it?...thanks
(I also have not encrypted the message nor am i using SSL To test the transmission...i believe this is not an issue??)
There is several things that could possibly go wrong with something that seems as simple as this is:
Did you verify that you have no firewall installed or active. The commands you use seem to indicate that you may be using Linux. As such, you could become quite frustrated by something like iptables (/etc/init.d/iptables status) or another firewall like that.
Are you sure you do not have any kind of firewall in the way that would prevent network communications between the sender and the box that is listening on port 2468? Are they on the same subnets? If they are not on the same subnet it is possible that some kind of network device/firewall is blocking the traffic.
Can you telnet to the listener's ip address and port (telnet )?
Another simple way to test if you are on the right path is to import the channel (or just the destination that is sending to the listener) into the listener machine's Mirth instance. If you are able to establish a connection while not making any changes to the port and ip address in this destination you probably have some kind of network/firewall issue that is preventing traffic on that specific port from getting through.
Not sure if this will help you much, but good luck either way.
Frans

NoRouteToHostException / NoSuchHostException on remote JMX call

I'm having trouble making a remote JMX call to JBoss 6 on a Centos 5.6 server. I've previously been able to do this when running the same app on a Debian server.
./twiddle.sh --server=service:jmx:rmi:///jndi/rmi://SERVER:1090/jmxconnector invoke foo:service=bar baz
Caused by: java.net.NoRouteToHostException: No route to host
at java.net.PlainSocketImpl.socketConnect(Native Method)
at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:333)
at java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:195)
at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:182)
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:366)
at java.net.Socket.connect(Socket.java:529)
at java.net.Socket.connect(Socket.java:478)
at java.net.Socket.<init>(Socket.java:375)
at java.net.Socket.<init>(Socket.java:189)
at sun.rmi.transport.proxy.RMIDirectSocketFactory.createSocket(RMIDirectSocketFactory.java:22)
at sun.rmi.transport.proxy.RMIMasterSocketFactory.createSocket(RMIMasterSocketFactory.java:128)
at sun.rmi.transport.tcp.TCPEndpoint.newSocket(TCPEndpoint.java:595)
The same call succeeds if I run it locally on SERVER. I've opened port 1090 with iptables, and I can connect via telnet to SERVER:1090. hostname -i returns the correct IP address.
I've also tried starting JBoss with -Djava.rmi.server.hostname=localhost. If I do this, then I get a different exception:
Caused by: java.rmi.NoSuchObjectException: no such object in table
at sun.rmi.transport.StreamRemoteCall.exceptionReceivedFromServer(StreamRemoteCall.java:255)
at sun.rmi.transport.StreamRemoteCall.executeCall(StreamRemoteCall.java:233)
at sun.rmi.server.UnicastRef.invoke(UnicastRef.java:142)
at javax.management.remote.rmi.RMIServerImpl_Stub.newClient(Unknown Source)
at javax.management.remote.rmi.RMIConnector.getConnection(RMIConnector.java:2327)
at javax.management.remote.rmi.RMIConnector.connect(RMIConnector.java:279)
at javax.management.remote.JMXConnectorFactory.connect(JMXConnectorFactory.java:248)
at org.jboss.console.twiddle.Twiddle.createMBeanServerConnection(Twiddle.java:322)
at org.jboss.console.twiddle.Twiddle.connect(Twiddle.java:331)
at org.jboss.console.twiddle.Twiddle.access$400(Twiddle.java:60)
at org.jboss.console.twiddle.Twiddle$1.getServer(Twiddle.java:217)
It turns out that in addition to port 1090, JMX/RMI also uses a dynamically allocated port, which gets blocked by the firewall. So, if it's appropriate, disable the firewall altogether, or else this seems to be an alternative (which I've not tried yet):
http://olegz.wordpress.com/2009/03/23/jmx-connectivity-through-the-firewall/
What I did was this:
Update the file activemq.xml and specify rmiServerPort.
<managementContext createConnector="true" connectorPort="SOME_PORT" rmiServerPort="SOME_OTHER" jmxDomainName="org.apache.activemq"/>
Allow both ports by updating your iptables entry, restart activemq and it should work.