kafka-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From karan alang <karan.al...@gmail.com>
Subject Kafka SSL error
Date Tue, 19 Sep 2017 21:44:36 GMT
Hello All -
I was able to set up SSL for the Kafka brokers, using OpenSSL.

however, I'm having issues with setting up SSL using the pem file (i.e. SSL
certificate - certified by CA, provided by the company)

Here is what i've done -
created the server/client keystore & truststore files and imported the
provided cert.pem file

keytool -keystore kafka.server.keystore.jks -alias localhost -validity 365
keytool -keystore kafka.server.truststore.jks -alias CARoot -import -file
keytool -keystore kafka.client.truststore.jks -alias CARoot -import -file
keytool -keystore kafka.server.keystore.jks -alias CARoot -import -file
keytool -keystore kafka.client.keystore.jks -alias localhost -validity 365
keytool -keystore kafka.client.keystore.jks -alias CARoot -import -file

I've a console producer pushing data in to the topic, and gives error as
shown below ->

Caused by: javax.net.ssl.SSLProtocolException: Handshake message sequence
> violation, state = 1, type = 1
> at
> sun.security.ssl.ServerHandshaker.processMessage(ServerHandshaker.java:213)
> at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1026)
> at sun.security.ssl.Handshaker$1.run(Handshaker.java:966)
> at sun.security.ssl.Handshaker$1.run(Handshaker.java:963)
> at java.security.AccessController.doPrivileged(Native Method)
> at sun.security.ssl.Handshaker$DelegatedTask.run(Handshaker.java:1416)
> at
> org.apache.kafka.common.network.SslTransportLayer.runDelegatedTasks(SslTransportLayer.java:336)
> at
> org.apache.kafka.common.network.SslTransportLayer.handshakeUnwrap(SslTransportLayer.java:417)
> ... 7 more

Any ideas on what the issue might be ?
thanks for help in advance!

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message