Support Questions
Find answers, ask questions, and share your expertise

NiFi ListenSyslog: Error reading from channel due to Input record too big

NiFi ListenSyslog: Error reading from channel due to Input record too big

Explorer

hi

 

using NiFi 1.12.1 in docker

 

getting below error for ListenSyslog for incoming syslog items via TCP with SSL:

 

 

ERROR [pool-29-thread-5] o.a.n.processors.standard.ListenSyslog ListenSyslog[] Error reading from channel due to Input record too big: max = 16709 len = 51563: javax.net.ssl.SSLProtocolException: Input record too big: max = 16709 len = 51563
javax.net.ssl.SSLProtocolException: Input record too big: max = 16709 len = 51563
	at java.base/sun.security.ssl.SSLEngineImpl.readRecord(Unknown Source)
org.apache.nifi.remote.io.socket.ssl.SSLSocketChannel.read(SSLSocketChannel.java:546)
	at org.apache.nifi.processor.util.listen.handler.socket.SSLSocketChannelHandler.run(SSLSocketChannelHandler.java:76)
	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
	at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
	at java.base/java.lang.Thread.run(Unknown Source)

ERROR [pool-31-thread-10] o.a.n.processors.standard.ListenSyslog ListenSyslog[] Error reading from channel due to bad record MAC: javax.net.ssl.SSLException: bad record MAC
javax.net.ssl.SSLException: bad record MAC
	at java.base/sun.security.ssl.Alert.createSSLException(Unknown Source)
	at java.base/sun.security.ssl.TransportContext.fatal(Unknown Source)
	at java.base/sun.security.ssl.TransportContext.fatal(Unknown Source)
	at java.base/sun.security.ssl.TransportContext.fatal(Unknown Source)
	at java.base/sun.security.ssl.SSLTransport.decode(Unknown Source)
	at java.base/sun.security.ssl.SSLEngineImpl.decode(Unknown Source)
	at java.base/sun.security.ssl.SSLEngineImpl.readRecord(Unknown Source)
	at java.base/sun.security.ssl.SSLEngineImpl.unwrap(Unknown Source)
	at java.base/sun.security.ssl.SSLEngineImpl.unwrap(Unknown Source)
	at java.base/javax.net.ssl.SSLEngine.unwrap(Unknown Source)
	at org.apache.nifi.remote.io.socket.ssl.SSLSocketChannel.read(SSLSocketChannel.java:568)
	at org.apache.nifi.remote.io.socket.ssl.SSLSocketChannel.read(SSLSocketChannel.java:546)
	at org.apache.nifi.processor.util.listen.handler.socket.SSLSocketChannelHandler.run(SSLSocketChannelHandler.java:76)
	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
	at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
	at java.base/java.lang.Thread.run(Unknown Source)
Caused by: javax.crypto.BadPaddingException: bad record MAC
	at java.base/sun.security.ssl.SSLCipher.checkCBCMac(Unknown Source)
	at java.base/sun.security.ssl.SSLCipher$T11BlockReadCipherGenerator$BlockReadCipher.decrypt(Unknown Source)
	at java.base/sun.security.ssl.SSLEngineInputRecord.decodeInputRecord(Unknown Source)
	at java.base/sun.security.ssl.SSLEngineInputRecord.decode(Unknown Source)
	at java.base/sun.security.ssl.SSLEngineInputRecord.decode(Unknown Source)
	... 12 common frames omitted

 

 

see below settings for ListenSyslog:

Screen Shot 2021-02-09 at 3.42.18 PM.png

TLSv1.3 enabled in StandardRestrictedSSLContextService 1.12.1:

Screen Shot 2021-02-09 at 3.47.47 PM.png

please help