kafka-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sachit Murarka <connectsac...@gmail.com>
Subject Re: [EXTERNAL] Unable to connect to SSL enabled kafka
Date Mon, 18 Jan 2021 12:32:11 GMT
Hey Jose,

Used these sets of commands for SSL config.

keytool -keystore  client.truststore.jks -storepass pass -alias CARoot
-import -file root.crt -noprompt
keytool -keystore client.keystore.jks -storepass pass -alias client
-validity 365 -keyalg RSA -genkey -keypass pass -dname
"CN=client,OU=xyz,O=abc,L=BLR,ST=ka,C=IN"
keytool -keystore client.keystore.jks -storepass pass -alias client
-certreq -file client.unsigned.crt
openssl x509 -req -CA root.crt -CAkey root.key -in client.unsigned.crt -out
client.signed.crt -days 365 -CAcreateserial -passin pass:pass -extensions
SAN -extfile <(printf "\n[SAN]\nsubjectAltName=DNS:client,DNS:localhost")
keytool -keystore client.keystore.jks -storepass pass -alias CARoot -import
-file root.crt -noprompt
keytool -keystore client.keystore.jks -storepass pass -alias client -import
-file client.signed.crt

Not sure what is causing the issue exactly.

Kind Regards,
Sachit Murarka


On Mon, Jan 18, 2021 at 5:49 PM Jose Manuel Vega Monroy <
jose.monroy@williamhill.com> wrote:

> @Sachit
>
> Review your SSL client config.
>
> Cheers,
>
>  <http://www.williamhill.com/>
>  <http://www.whenthefunstops.co.uk/>
> Jose Manuel Vega Monroy
> Java Developer / Software Developer Engineer in Test
> Direct: +0035 0 2008038 (Ext. 8038)
> Email: jose.monroy@williamhill.com
> William Hill | 6/1 Waterport Place | Gibraltar | GX11 1AA
>
>
>
>
> ´╗┐On 18/01/2021, 12:47, "Sachit Murarka" <connectsachit@gmail.com> wrote:
>
>     Hey Users,
>
>     I am getting the following error. Can anyone suggest?
>
>     Error in attempt 3 getting Kafka offsets:
>     org.apache.kafka.common.errors.SslAuthenticationException: SSL
> handshake
>     failed
>     Caused by: javax.net.ssl.SSLProtocolException: Unexpected handshake
>     message: server_hello
>             at sun.security.ssl.Alert.createSSLException(Alert.java:129)
>             at sun.security.ssl.Alert.createSSLException(Alert.java:117)
>             at
>     sun.security.ssl.TransportContext.fatal(TransportContext.java:314)
>             at
>     sun.security.ssl.TransportContext.fatal(TransportContext.java:270)
>             at
>     sun.security.ssl.TransportContext.fatal(TransportContext.java:261)
>             at
>     sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:444)
>             at
>
> sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:987)
>             at
>
> sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:974)
>             at java.security.AccessController.doPrivileged(Native Method)
>             at
>
> sun.security.ssl.SSLEngineImpl$DelegatedTask.run(SSLEngineImpl.java:921)
>             at
>
> org.apache.kafka.common.network.SslTransportLayer.runDelegatedTasks(SslTransportLayer.java:402)
>             at
>
> org.apache.kafka.common.network.SslTransportLayer.handshakeUnwrap(SslTransportLayer.java:484)
>             at
>
> org.apache.kafka.common.network.SslTransportLayer.doHandshake(SslTransportLayer.java:340)
>             at
>
> org.apache.kafka.common.network.SslTransportLayer.handshake(SslTransportLayer.java:265)
>             at
>
> org.apache.kafka.common.network.KafkaChannel.prepare(KafkaChannel.java:170)
>             at
>
> org.apache.kafka.common.network.Selector.pollSelectionKeys(Selector.java:547)
>             at
> org.apache.kafka.common.network.Selector.poll(Selector.java:483)
>             at
>     org.apache.kafka.clients.NetworkClient.poll(NetworkClient.java:547)
>             at
>
> org.apache.kafka.clients.consumer.internals.ConsumerNetworkClient.poll(ConsumerNetworkClient.java:262)
>             at
>
> org.apache.kafka.clients.consumer.internals.ConsumerNetworkClient.poll(ConsumerNetworkClient.java:233)
>             at
>
> org.apache.kafka.clients.consumer.internals.ConsumerNetworkClient.poll(ConsumerNetworkClient.java:212)
>             at
>
> org.apache.kafka.clients.consumer.internals.AbstractCoordinator.ensureCoordinatorReady(AbstractCoordinator.java:230)
>             at
>
> org.apache.kafka.clients.consumer.internals.ConsumerCoordinator.poll(ConsumerCoordinator.java:444)
>             at
>
> org.apache.kafka.clients.consumer.KafkaConsumer.updateAssignmentMetadataIfNeeded(KafkaConsumer.java:1267)
>             at
>
> org.apache.kafka.clients.consumer.KafkaConsumer.poll(KafkaConsumer.java:1235)
>             at
>
> org.apache.kafka.clients.consumer.KafkaConsumer.poll(KafkaConsumer.java:1168)
>             at
>
> org.apache.spark.sql.kafka010.KafkaOffsetReader.$anonfun$partitionsAssignedToConsumer$2(KafkaOffsetReader.scala:538)
>             at
>
> org.apache.spark.sql.kafka010.KafkaOffsetReader.$anonfun$withRetriesWithoutInterrupt$1(KafkaOffsetReader.scala:600)
>             at
>     scala.runtime.java8.JFunction0$mcV$sp.apply(JFunction0$mcV$sp.java:23)
>             at
>
> org.apache.spark.util.UninterruptibleThread.runUninterruptibly(UninterruptibleThread.scala:77)
>             at
>
> org.apache.spark.sql.kafka010.KafkaOffsetReader.withRetriesWithoutInterrupt(KafkaOffsetReader.scala:599)
>             at
>
> org.apache.spark.sql.kafka010.KafkaOffsetReader.$anonfun$partitionsAssignedToConsumer$1(KafkaOffsetReader.scala:536)
>             at
>
> org.apache.spark.sql.kafka010.KafkaOffsetReader.runUninterruptibly(KafkaOffsetReader.scala:567)
>             at
>
> org.apache.spark.sql.kafka010.KafkaOffsetReader.partitionsAssignedToConsumer(KafkaOffsetReader.scala:536)
>             at
>
> org.apache.spark.sql.kafka010.KafkaOffsetReader.fetchEarliestOffsets(KafkaOffsetReader.scala:298)
>             at
>
> org.apache.spark.sql.kafka010.KafkaMicroBatchStream.$anonfun$getOrCreateInitialPartitionOffsets$1(KafkaMicroBatchStream.scala:151)
>             at scala.Option.getOrElse(Option.scala:189)
>             at
>
> org.apache.spark.sql.kafka010.KafkaMicroBatchStream.getOrCreateInitialPartitionOffsets(KafkaMicroBatchStream.scala:148)
>             at
>
> org.apache.spark.sql.kafka010.KafkaMicroBatchStream.initialOffset(KafkaMicroBatchStream.scala:76)
>             at
>
> org.apache.spark.sql.execution.streaming.MicroBatchExecution.$anonfun$constructNextBatch$5(MicroBatchExecution.scala:378)
>             at scala.Option.getOrElse(Option.scala:189)
>             at
>
> org.apache.spark.sql.execution.streaming.MicroBatchExecution.$anonfun$constructNextBatch$3(MicroBatchExecution.scala:378)
>             at
>
> org.apache.spark.sql.execution.streaming.ProgressReporter.reportTimeTaken(ProgressReporter.scala:352)
>             at
>
> org.apache.spark.sql.execution.streaming.ProgressReporter.reportTimeTaken$(ProgressReporter.scala:350)
>             at
>
> org.apache.spark.sql.execution.streaming.StreamExecution.reportTimeTaken(StreamExecution.scala:69)
>             at
>
> org.apache.spark.sql.execution.streaming.MicroBatchExecution.$anonfun$constructNextBatch$2(MicroBatchExecution.scala:371)
>             at
>
> scala.collection.TraversableLike.$anonfun$map$1(TraversableLike.scala:238)
>             at scala.collection.immutable.Map$Map1.foreach(Map.scala:128)
>             at
> scala.collection.TraversableLike.map(TraversableLike.scala:238)
>             at
> scala.collection.TraversableLike.map$(TraversableLike.scala:231)
>             at
> scala.collection.AbstractTraversable.map(Traversable.scala:108)
>             at
>
> org.apache.spark.sql.execution.streaming.MicroBatchExecution.$anonfun$constructNextBatch$1(MicroBatchExecution.scala:368)
>             at
>     scala.runtime.java8.JFunction0$mcZ$sp.apply(JFunction0$mcZ$sp.java:23)
>             at
>
> org.apache.spark.sql.execution.streaming.MicroBatchExecution.withProgressLocked(MicroBatchExecution.scala:597)
>             at
>
> org.apache.spark.sql.execution.streaming.MicroBatchExecution.constructNextBatch(MicroBatchExecution.scala:364)
>             at
>
> org.apache.spark.sql.execution.streaming.MicroBatchExecution.$anonfun$runActivatedStream$2(MicroBatchExecution.scala:208)
>             at
>     scala.runtime.java8.JFunction0$mcV$sp.apply(JFunction0$mcV$sp.java:23)
>             at
>
> org.apache.spark.sql.execution.streaming.ProgressReporter.reportTimeTaken(ProgressReporter.scala:352)
>             at
>
> org.apache.spark.sql.execution.streaming.ProgressReporter.reportTimeTaken$(ProgressReporter.scala:350)
>             at
>
> org.apache.spark.sql.execution.streaming.StreamExecution.reportTimeTaken(StreamExecution.scala:69)
>             at
>
> org.apache.spark.sql.execution.streaming.MicroBatchExecution.$anonfun$runActivatedStream$1(MicroBatchExecution.scala:191)
>             at
>
> org.apache.spark.sql.execution.streaming.ProcessingTimeExecutor.execute(TriggerExecutor.scala:57)
>             at
>
> org.apache.spark.sql.execution.streaming.MicroBatchExecution.runActivatedStream(MicroBatchExecution.scala:185)
>             at
> org.apache.spark.sql.execution.streaming.StreamExecution.org
>
> $apache$spark$sql$execution$streaming$StreamExecution$$runStream(StreamExecution.sca
>     la:334)
>
>
>
>     Kind Regards,
>     Sachit Murarka
>
>
> Confidentiality: The contents of this e-mail and any attachments
> transmitted with it are intended to be confidential to the intended
> recipient; and may be privileged or otherwise protected from disclosure. If
> you are not an intended recipient of this e-mail, do not duplicate or
> redistribute it by any means. Please delete it and any attachments and
> notify the sender that you have received it in error. This e-mail is sent
> by a William Hill PLC group company. The William Hill group companies
> include, among others, William Hill PLC (registered number 4212563),
> William Hill Organization Limited (registered number 278208), William Hill
> US HoldCo Inc, WHG (International) Limited (registered number 99191) and Mr
> Green Limited (registered number C43260). Each of William Hill PLC and
> William Hill Organization Limited is registered in England and Wales and
> has its registered office at 1 Bedford Avenue, London, WC1B 3AU, UK.
> William Hill U.S. HoldCo, Inc. is registered in Delaware and has its
> registered office at 1007 N. Orange Street, 9 Floor, Wilmington, New Castle
> County DE 19801 Delaware, United States of America. WHG (International)
> Limited is registered in Gibraltar and has its registered office at 6/1
> Waterport Place, Gibraltar. Mr Green Limited is registered in Malta and has
> its registered office at Tagliaferro Business Centre, Level 7, 14 High
> Street, Sliema SLM 1549, Malta. Unless specifically indicated otherwise,
> the contents of this e-mail are subject to contract; and are not an
> official statement, and do not necessarily represent the views, of William
> Hill PLC, its subsidiaries or affiliated companies. Please note that
> neither William Hill PLC, nor its subsidiaries and affiliated companies can
> accept any responsibility for any viruses contained within this e-mail and
> it is your responsibility to scan any emails and their attachments. William
> Hill PLC, its subsidiaries and affiliated companies may monitor e-mail
> traffic data and also the content of e-mails for effective operation of the
> e-mail system, or for security, purposes.
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message