Support Questions
Find answers, ask questions, and share your expertise
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Cloudera Community
- Support
- Support Questions
- Re: kafka ssl Received fatal alert: bad_certificat...
Options
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Float this Question for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Float this Question for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
kafka ssl Received fatal alert: bad_certificate
Labels:
- Labels:
-
Apache Kafka
-
Apache Zookeeper
New Contributor
Created 01-23-2021 06:42 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
kafka_2.12-2.5.0
apache-zookeeper-3.5.9
zoo.cfg
# TLS options
serverCnxnFactory=org.apache.zookeeper.server.NettyServerCnxnFactory
ssl.clientAuth=need
ssl.quorum.clientAuth=need
secureClientPort=2281
sslQuorum=true
ssl.trustStore.location=./ssl/kafka.zookeeper.truststore.jks
ssl.trustStore.password=xxx
# ssl.trustStore.type=PKCS12
ssl.quorum.trustStore.location=./ssl/kafka.zookeeper.truststore.jks
ssl.quorum.trustStore.password=xxx
# ssl.quorum.trustStore.type=PKCS12
ssl.keyStore.location=./ssl/kafka.zookeeper.keystore.jks
ssl.keyStore.password=xxx
# ssl.keyStore.type=PKCS12
ssl.quorum.keyStore.location=./ssl/kafka.zookeeper.keystore.jks
ssl.quorum.keyStore.password=xxx
# ssl.quorum.keyStore.type=PKCS12
kafka server-0.properties
# TLS broker <--> zookeeper
zookeeper.ssl.client.enable=true
# zookeeper.set.acl=true
zookeeper.clientCnxnSocket=org.apache.zookeeper.ClientCnxnSocketNetty
zookeeper.ssl.keyStore.location=./ssl/kafka.zookeeper-client.keystore.jks
zookeeper.ssl.keyStore.password=xxx
zookeeper.ssl.trustStore.location=./ssl/kafka.zookeeper-client.truststore.jks
zookeeper.ssl.trustStore.password=xxx
kafka log
[2021-01-23 22:02:01,482] INFO Client environment:java.io.tmpdir=/var/folders/4f/gy92m6hd2xj3c6_yz0dht6880000gn/T/ (org.apache.zookeeper.ZooKeeper)
[2021-01-23 22:02:01,482] INFO Client environment:java.compiler=<NA> (org.apache.zookeeper.ZooKeeper)
[2021-01-23 22:02:01,482] INFO Client environment:os.name=Mac OS X (org.apache.zookeeper.ZooKeeper)
[2021-01-23 22:02:01,482] INFO Client environment:os.arch=x86_64 (org.apache.zookeeper.ZooKeeper)
[2021-01-23 22:02:01,482] INFO Client environment:os.version=10.16 (org.apache.zookeeper.ZooKeeper)
[2021-01-23 22:02:01,482] INFO Client environment:user.name=huzhi (org.apache.zookeeper.ZooKeeper)
[2021-01-23 22:02:01,482] INFO Client environment:user.home=/Users/huzhi (org.apache.zookeeper.ZooKeeper)
[2021-01-23 22:02:01,482] INFO Client environment:user.dir=/Users/huzhi/work/code/go_code/kafka_and_zookeeper (org.apache.zookeeper.ZooKeeper)
[2021-01-23 22:02:01,482] INFO Client environment:os.memory.free=976MB (org.apache.zookeeper.ZooKeeper)
[2021-01-23 22:02:01,482] INFO Client environment:os.memory.max=1024MB (org.apache.zookeeper.ZooKeeper)
[2021-01-23 22:02:01,482] INFO Client environment:os.memory.total=1024MB (org.apache.zookeeper.ZooKeeper)
[2021-01-23 22:02:01,484] INFO Initiating client connection, connectString=127.0.0.1:2281 sessionTimeout=18000 watcher=kafka.zookeeper.ZooKeeperClient$ZooKeeperClientWatcher$@479d31f3 (org.apache.zookeeper.ZooKeeper)
[2021-01-23 22:02:01,543] INFO jute.maxbuffer value is 4194304 Bytes (org.apache.zookeeper.ClientCnxnSocket)
[2021-01-23 22:02:01,548] INFO zookeeper.request.timeout value is 0. feature enabled= (org.apache.zookeeper.ClientCnxn)
[2021-01-23 22:02:01,550] INFO [ZooKeeperClient Kafka server] Waiting until connected. (kafka.zookeeper.ZooKeeperClient)
[2021-01-23 22:02:01,552] INFO Opening socket connection to server localhost/127.0.0.1:2281. Will not attempt to authenticate using SASL (unknown error) (org.apache.zookeeper.ClientCnxn)
[2021-01-23 22:02:01,614] WARN zookeeper.ssl.keyStore.location not specified (org.apache.zookeeper.common.X509Util)
[2021-01-23 22:02:01,614] WARN zookeeper.ssl.trustStore.location not specified (org.apache.zookeeper.common.X509Util)
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.676 CST|Logger.java:765|jdk.tls.keyLimits: entry = AES/GCM/NoPadding KeyUpdate 2^37. AES/GCM/NOPADDING:KEYUPDATE = 137438953472
[2021-01-23 22:02:01,743] INFO SSL handler added for channel: [id: 0xb65a8e1f] (org.apache.zookeeper.ClientCnxnSocketNetty)
[2021-01-23 22:02:01,750] INFO Socket connection established, initiating session, client: /127.0.0.1:49569, server: localhost/127.0.0.1:2281 (org.apache.zookeeper.ClientCnxn)
[2021-01-23 22:02:01,751] INFO channel is connected: [id: 0xb65a8e1f, L:/127.0.0.1:49569 - R:localhost/127.0.0.1:2281] (org.apache.zookeeper.ClientCnxnSocketNetty)
javax.net.ssl|WARNING|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.764 CST|Logger.java:765|Unable to indicate server name
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.764 CST|Logger.java:765|Ignore, context unavailable extension: server_name
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.764 CST|Logger.java:765|Ignore, context unavailable extension: status_request
javax.net.ssl|WARNING|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.767 CST|Logger.java:765|Signature algorithm, ed25519, is not supported by the underlying providers
javax.net.ssl|WARNING|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.767 CST|Logger.java:765|Signature algorithm, ed448, is not supported by the underlying providers
javax.net.ssl|INFO|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.770 CST|Logger.java:765|No available application protocols
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.770 CST|Logger.java:765|Ignore, context unavailable extension: application_layer_protocol_negotiation
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.770 CST|Logger.java:765|Ignore, context unavailable extension: status_request_v2
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.771 CST|Logger.java:765|Ignore, context unavailable extension: renegotiation_info
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.772 CST|Logger.java:765|Produced ClientHello handshake message (
"ClientHello": {
"client version" : "TLSv1.2",
"random" : "8D BB 78 35 3B 81 E4 DA F9 7C DA C2 80 0E 4B 76 85 B2 93 9C 2D 13 91 CB 1B 83 85 AC 6B 0A 7A 8A",
"session id" : "",
"cipher suites" : "[TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384(0xC02C), TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256(0xC02B), TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384(0xC030), TLS_RSA_WITH_AES_256_GCM_SHA384(0x009D), TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384(0xC02E), TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384(0xC032), TLS_DHE_RSA_WITH_AES_256_GCM_SHA384(0x009F), TLS_DHE_DSS_WITH_AES_256_GCM_SHA384(0x00A3), TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256(0xC02F), TLS_RSA_WITH_AES_128_GCM_SHA256(0x009C), TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256(0xC02D), TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256(0xC031), TLS_DHE_RSA_WITH_AES_128_GCM_SHA256(0x009E), TLS_DHE_DSS_WITH_AES_128_GCM_SHA256(0x00A2), TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384(0xC024), TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384(0xC028), TLS_RSA_WITH_AES_256_CBC_SHA256(0x003D), TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384(0xC026), TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384(0xC02A), TLS_DHE_RSA_WITH_AES_256_CBC_SHA256(0x006B), TLS_DHE_DSS_WITH_AES_256_CBC_SHA256(0x006A), TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA(0xC00A), TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA(0xC014), TLS_RSA_WITH_AES_256_CBC_SHA(0x0035), TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA(0xC005), TLS_ECDH_RSA_WITH_AES_256_CBC_SHA(0xC00F), TLS_DHE_RSA_WITH_AES_256_CBC_SHA(0x0039), TLS_DHE_DSS_WITH_AES_256_CBC_SHA(0x0038), TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256(0xC023), TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256(0xC027), TLS_RSA_WITH_AES_128_CBC_SHA256(0x003C), TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256(0xC025), TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256(0xC029), TLS_DHE_RSA_WITH_AES_128_CBC_SHA256(0x0067), TLS_DHE_DSS_WITH_AES_128_CBC_SHA256(0x0040), TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA(0xC009), TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA(0xC013), TLS_RSA_WITH_AES_128_CBC_SHA(0x002F), TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA(0xC004), TLS_ECDH_RSA_WITH_AES_128_CBC_SHA(0xC00E), TLS_DHE_RSA_WITH_AES_128_CBC_SHA(0x0033), TLS_DHE_DSS_WITH_AES_128_CBC_SHA(0x0032), TLS_EMPTY_RENEGOTIATION_INFO_SCSV(0x00FF)]",
"compression methods" : "00",
"extensions" : [
"supported_groups (10)": {
"versions": [secp256r1, secp384r1, secp521r1, ffdhe2048, ffdhe3072, ffdhe4096, ffdhe6144, ffdhe8192]
},
"ec_point_formats (11)": {
"formats": [uncompressed]
},
"signature_algorithms (13)": {
"signature schemes": [ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp521r1_sha512, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, dsa_sha256, ecdsa_sha224, rsa_sha224, dsa_sha224, ecdsa_sha1, rsa_pkcs1_sha1, dsa_sha1]
},
"signature_algorithms_cert (50)": {
"signature schemes": [ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp521r1_sha512, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, dsa_sha256, ecdsa_sha224, rsa_sha224, dsa_sha224, ecdsa_sha1, rsa_pkcs1_sha1, dsa_sha1]
},
"extended_master_secret (23)": {
<empty>
},
"supported_versions (43)": {
"versions": [TLSv1.2, TLSv1.1, TLSv1]
}
]
}
)
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.796 CST|Logger.java:765|Consuming ServerHello handshake message (
"ServerHello": {
"server version" : "TLSv1.2",
"random" : "AB E1 15 89 99 73 1A 98 BD 53 AE 53 C0 63 0D D1 65 A8 D5 D4 1F E2 DA 6F 4A 36 40 E7 DC 33 A9 E1",
"session id" : "11 86 61 11 E4 06 B0 0F 6F D3 AA D0 3C 0C F0 A7 BA E1 5D 72 C9 E8 21 26 10 AA 16 AD 57 12 42 F6",
"cipher suite" : "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384(0xC030)",
"compression methods" : "00",
"extensions" : [
"extended_master_secret (23)": {
<empty>
},
"renegotiation_info (65,281)": {
"renegotiated connection": [<no renegotiated connection>]
}
]
}
)
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.796 CST|Logger.java:765|Ignore unavailable extension: supported_versions
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.796 CST|Logger.java:765|Negotiated protocol version: TLSv1.2
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.797 CST|Logger.java:765|Consumed extension: renegotiation_info
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.797 CST|Logger.java:765|Ignore unavailable extension: server_name
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.797 CST|Logger.java:765|Ignore unavailable extension: max_fragment_length
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.797 CST|Logger.java:765|Ignore unavailable extension: status_request
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.797 CST|Logger.java:765|Ignore unavailable extension: ec_point_formats
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.797 CST|Logger.java:765|Ignore unavailable extension: status_request_v2
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.798 CST|Logger.java:765|Consumed extension: extended_master_secret
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.798 CST|Logger.java:765|Consumed extension: renegotiation_info
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.798 CST|Logger.java:765|Ignore unavailable extension: server_name
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.798 CST|Logger.java:765|Ignore unavailable extension: max_fragment_length
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.798 CST|Logger.java:765|Ignore unavailable extension: status_request
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.798 CST|Logger.java:765|Ignore unavailable extension: ec_point_formats
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.798 CST|Logger.java:765|Ignore unavailable extension: application_layer_protocol_negotiation
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.798 CST|Logger.java:765|Ignore unavailable extension: status_request_v2
javax.net.ssl|WARNING|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.798 CST|Logger.java:765|Ignore impact of unsupported extension: extended_master_secret
javax.net.ssl|WARNING|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.799 CST|Logger.java:765|Ignore impact of unsupported extension: renegotiation_info
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.801 CST|Logger.java:765|Consuming server Certificate handshake message (
"Certificates": [
"certificate" : {
"version" : "v1",
"serial number" : "00 CA E2 10 31 59 C6 F3 45",
"signature algorithm": "SHA1withRSA",
"issuer" : "EMAILADDRESS=hzhilamp@163.com, CN=ca-cert, OU=alauda, O=alauda, L=beijing, ST=beijing, C=CN",
"not before" : "2021-01-23 17:44:44.000 CST",
"not after" : "2031-01-21 17:44:44.000 CST",
"subject" : "CN=localhost, OU=alauda, O=alauda, L=beijing, ST=beijing, C=CN",
"subject public key" : "RSA"},
"certificate" : {
"version" : "v1",
"serial number" : "00 A4 EF FB 5F D7 70 5D EC",
"signature algorithm": "SHA256withRSA",
"issuer" : "EMAILADDRESS=hzhilamp@163.com, CN=ca-cert, OU=alauda, O=alauda, L=beijing, ST=beijing, C=CN",
"not before" : "2021-01-23 17:39:50.000 CST",
"not after" : "2031-01-21 17:39:50.000 CST",
"subject" : "EMAILADDRESS=hzhilamp@163.com, CN=ca-cert, OU=alauda, O=alauda, L=beijing, ST=beijing, C=CN",
"subject public key" : "RSA"}
]
)
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.831 CST|Logger.java:765|Consuming ECDH ServerKeyExchange handshake message (
"ECDH ServerKeyExchange": {
"parameters": {
"named group": "secp256r1"
"ecdh public": {
0000: 04 B6 28 A4 3F C0 90 55 D7 AD C0 8F 23 6F A6 6A ..(.?..U....#o.j
0010: AA 61 59 E9 4A 4C 11 78 2B 83 5E 27 B3 F8 34 6A .aY.JL.x+.^'..4j
0020: C4 61 A6 72 C7 D9 DD 36 FD 0F D5 B7 C2 5A 01 65 .a.r...6.....Z.e
0030: 1E 7E F9 17 1B D6 D6 C6 F6 3E 0E D5 8A A2 42 A3 .........>....B.
0040: 01 .
},
},
"digital signature": {
"signature algorithm": "rsa_pss_rsae_sha256"
"signature": {
0000: 55 AB 9D 30 32 CF 35 05 13 60 1C 7E 65 15 03 AE U..02.5..`..e...
0010: 7F 1E 7F BE 55 AD F6 6A 76 AE F5 7D C2 B8 93 85 ....U..jv.......
0020: 4E 40 2E 10 57 09 07 A2 AC E7 BE 9F 18 6B 2A DC N@..W........k*.
0030: F3 B2 83 38 D1 00 7F D0 C3 22 24 4A F0 40 97 D7 ...8....."$J.@..
0040: 2B 16 B3 D1 46 23 48 59 A6 C6 27 D7 EE DD B5 6B +...F#HY..'....k
0050: 25 76 F4 0D 8C 15 7C 60 52 DC B1 4B 98 90 F6 67 %v.....`R..K...g
0060: 6E D0 FC F8 7E 58 A4 59 F5 79 09 4E 07 AC 83 E6 n....X.Y.y.N....
0070: 5B 3F F3 92 FC 08 11 1F 7D FD BF 30 9B 3C 9D 8B [?.........0.<..
0080: 90 07 91 93 70 0A BF 53 6E 33 D4 21 91 34 C9 1E ....p..Sn3.!.4..
0090: 21 6A 11 99 56 AA 43 E6 84 03 92 A3 2F 01 C5 E7 !j..V.C...../...
00A0: EE 39 C0 58 D1 95 23 0B 69 B6 E2 35 B9 84 AB 00 .9.X..#.i..5....
00B0: 11 17 19 7E DC BD 5F 45 33 2A 09 50 0A 73 BF 9A ......_E3*.P.s..
00C0: DF D0 53 FD C6 7F 79 7A FC 86 C4 EE 1B AF 6B CC ..S...yz......k.
00D0: F3 5E 42 0E ED 9F FF 55 F3 0F 2F 07 C5 42 C4 F7 .^B....U../..B..
00E0: 4D 00 80 BE 44 D7 88 70 D6 4B 24 45 69 E2 F5 DC M...D..p.K$Ei...
00F0: 4F D0 68 5E 65 96 04 27 74 B6 3D A5 94 8F 05 F7 O.h^e..'t.=.....
},
}
}
)
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.832 CST|Logger.java:765|Consuming CertificateRequest handshake message (
"CertificateRequest": {
"certificate types": [ecdsa_sign, rsa_sign, dss_sign]
"supported signature algorithms": [ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp521r1_sha512, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, dsa_sha256, ecdsa_sha224, rsa_sha224, dsa_sha224, ecdsa_sha1, rsa_pkcs1_sha1, dsa_sha1]
"certificate authorities": [EMAILADDRESS=hzhilamp@163.com, CN=ca-cert, OU=alauda, O=alauda, L=beijing, ST=beijing, C=CN]
}
)
javax.net.ssl|ALL|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.833 CST|Logger.java:765|No X.509 cert selected for EC
javax.net.ssl|WARNING|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.833 CST|Logger.java:765|Unavailable authentication scheme: ecdsa_secp256r1_sha256
javax.net.ssl|ALL|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.833 CST|Logger.java:765|No X.509 cert selected for EC
javax.net.ssl|WARNING|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.833 CST|Logger.java:765|Unavailable authentication scheme: ecdsa_secp384r1_sha384
javax.net.ssl|ALL|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.833 CST|Logger.java:765|No X.509 cert selected for EC
javax.net.ssl|WARNING|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.834 CST|Logger.java:765|Unavailable authentication scheme: ecdsa_secp521r1_sha512
javax.net.ssl|ALL|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.834 CST|Logger.java:765|No X.509 cert selected for RSA
javax.net.ssl|WARNING|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.834 CST|Logger.java:765|Unavailable authentication scheme: rsa_pss_rsae_sha256
javax.net.ssl|ALL|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.834 CST|Logger.java:765|No X.509 cert selected for RSA
javax.net.ssl|WARNING|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.834 CST|Logger.java:765|Unavailable authentication scheme: rsa_pss_rsae_sha384
javax.net.ssl|ALL|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.834 CST|Logger.java:765|No X.509 cert selected for RSA
javax.net.ssl|WARNING|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.834 CST|Logger.java:765|Unavailable authentication scheme: rsa_pss_rsae_sha512
javax.net.ssl|ALL|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.834 CST|Logger.java:765|No X.509 cert selected for RSASSA-PSS
javax.net.ssl|WARNING|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.834 CST|Logger.java:765|Unavailable authentication scheme: rsa_pss_pss_sha256
javax.net.ssl|ALL|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.834 CST|Logger.java:765|No X.509 cert selected for RSASSA-PSS
javax.net.ssl|WARNING|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.835 CST|Logger.java:765|Unavailable authentication scheme: rsa_pss_pss_sha384
javax.net.ssl|ALL|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.835 CST|Logger.java:765|No X.509 cert selected for RSASSA-PSS
javax.net.ssl|WARNING|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.835 CST|Logger.java:765|Unavailable authentication scheme: rsa_pss_pss_sha512
javax.net.ssl|ALL|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.835 CST|Logger.java:765|No X.509 cert selected for RSA
javax.net.ssl|WARNING|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.835 CST|Logger.java:765|Unavailable authentication scheme: rsa_pkcs1_sha256
javax.net.ssl|ALL|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.835 CST|Logger.java:765|No X.509 cert selected for RSA
javax.net.ssl|WARNING|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.835 CST|Logger.java:765|Unavailable authentication scheme: rsa_pkcs1_sha384
javax.net.ssl|ALL|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.835 CST|Logger.java:765|No X.509 cert selected for RSA
javax.net.ssl|WARNING|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.835 CST|Logger.java:765|Unavailable authentication scheme: rsa_pkcs1_sha512
javax.net.ssl|ALL|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.836 CST|Logger.java:765|No X.509 cert selected for DSA
javax.net.ssl|WARNING|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.836 CST|Logger.java:765|Unavailable authentication scheme: dsa_sha256
javax.net.ssl|ALL|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.836 CST|Logger.java:765|No X.509 cert selected for EC
javax.net.ssl|WARNING|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.836 CST|Logger.java:765|Unavailable authentication scheme: ecdsa_sha224
javax.net.ssl|ALL|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.836 CST|Logger.java:765|No X.509 cert selected for RSA
javax.net.ssl|WARNING|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.836 CST|Logger.java:765|Unavailable authentication scheme: rsa_sha224
javax.net.ssl|ALL|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.836 CST|Logger.java:765|No X.509 cert selected for DSA
javax.net.ssl|WARNING|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.837 CST|Logger.java:765|Unavailable authentication scheme: dsa_sha224
javax.net.ssl|ALL|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.837 CST|Logger.java:765|No X.509 cert selected for EC
javax.net.ssl|WARNING|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.837 CST|Logger.java:765|Unavailable authentication scheme: ecdsa_sha1
javax.net.ssl|ALL|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.837 CST|Logger.java:765|No X.509 cert selected for RSA
javax.net.ssl|WARNING|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.837 CST|Logger.java:765|Unavailable authentication scheme: rsa_pkcs1_sha1
javax.net.ssl|ALL|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.837 CST|Logger.java:765|No X.509 cert selected for DSA
javax.net.ssl|WARNING|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.837 CST|Logger.java:765|Unavailable authentication scheme: dsa_sha1
javax.net.ssl|WARNING|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.837 CST|Logger.java:765|No available authentication scheme
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.838 CST|Logger.java:765|Consuming ServerHelloDone handshake message (
<empty>
)
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.838 CST|Logger.java:765|No X.509 certificate for client authentication, use empty Certificate message instead
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.838 CST|Logger.java:765|Produced client Certificate handshake message (
"Certificates": <empty list>
)
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.849 CST|Logger.java:765|Produced ECDHE ClientKeyExchange handshake message (
"ECDH ClientKeyExchange": {
"ecdh public": {
0000: 04 AB EF A7 72 09 20 1F E2 ED F3 E3 03 88 55 F7 ....r. .......U.
0010: 75 3C FC A1 C7 65 6D 77 7A 61 16 B7 E3 0E 6E B1 u<...emwza....n.
0020: D8 1D 6C A1 F6 2F 1E 92 6F 4E A3 C9 B6 D3 CD 64 ..l../..oN.....d
0030: C2 79 12 B8 51 E7 62 A1 A6 5B 54 53 DB D3 2E C5 .y..Q.b..[TS....
0040: AE .
},
}
)
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.861 CST|Logger.java:765|Produced ChangeCipherSpec message
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.862 CST|Logger.java:765|Produced client Finished handshake message (
"Finished": {
"verify data": {
0000: 0D FA BA E7 FF 4E 9F E6 4A B4 6D 6C
}'}
)
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.880 CST|Logger.java:765|Received alert message (
"Alert": {
"level" : "fatal",
"description": "bad_certificate"
}
)
javax.net.ssl|SEVERE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:01.881 CST|Logger.java:765|Fatal (BAD_CERTIFICATE): Received fatal alert: bad_certificate (
"throwable" : {
javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate
at sun.security.ssl.Alert.createSSLException(Alert.java:131)
at sun.security.ssl.Alert.createSSLException(Alert.java:117)
at sun.security.ssl.TransportContext.fatal(TransportContext.java:311)
at sun.security.ssl.Alert$AlertConsumer.consume(Alert.java:293)
at sun.security.ssl.TransportContext.dispatch(TransportContext.java:185)
at sun.security.ssl.SSLTransport.decode(SSLTransport.java:149)
at sun.security.ssl.SSLEngineImpl.decode(SSLEngineImpl.java:575)
at sun.security.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:531)
at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:398)
at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:377)
at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:626)
at io.netty.handler.ssl.SslHandler$SslEngineType$3.unwrap(SslHandler.java:281)
at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1324)
at io.netty.handler.ssl.SslHandler.decodeJdkCompatible(SslHandler.java:1219)
at io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1266)
at io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:498)
at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:437)
at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:276)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:377)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:363)
at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:355)
at io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1410)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:377)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:363)
at io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:919)
at io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:163)
at io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:714)
at io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:650)
at io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:576)
at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:493)
at io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:989)
at io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74)
at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
at java.lang.Thread.run(Thread.java:748)}
)
[2021-01-23 22:02:01,885] WARN Exception caught (org.apache.zookeeper.ClientCnxnSocketNetty)
io.netty.handler.codec.DecoderException: javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate
at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:468)
at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:276)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:377)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:363)
at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:355)
at io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1410)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:377)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:363)
at io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:919)
at io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:163)
at io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:714)
at io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:650)
at io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:576)
at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:493)
at io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:989)
at io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74)
at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
at java.lang.Thread.run(Thread.java:748)
Caused by: javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate
at sun.security.ssl.Alert.createSSLException(Alert.java:131)
at sun.security.ssl.Alert.createSSLException(Alert.java:117)
at sun.security.ssl.TransportContext.fatal(TransportContext.java:311)
at sun.security.ssl.Alert$AlertConsumer.consume(Alert.java:293)
at sun.security.ssl.TransportContext.dispatch(TransportContext.java:185)
at sun.security.ssl.SSLTransport.decode(SSLTransport.java:149)
at sun.security.ssl.SSLEngineImpl.decode(SSLEngineImpl.java:575)
at sun.security.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:531)
at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:398)
at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:377)
at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:626)
at io.netty.handler.ssl.SslHandler$SslEngineType$3.unwrap(SslHandler.java:281)
at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1324)
at io.netty.handler.ssl.SslHandler.decodeJdkCompatible(SslHandler.java:1219)
at io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1266)
at io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:498)
at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:437)
... 17 more
[2021-01-23 22:02:01,887] INFO channel is told closing (org.apache.zookeeper.ClientCnxnSocketNetty)
[2021-01-23 22:02:01,888] INFO channel for sessionid 0x0 is lost, closing socket connection and attempting reconnect (org.apache.zookeeper.ClientCnxn)
[2021-01-23 22:02:01,888] INFO channel is disconnected: [id: 0xb65a8e1f, L:/127.0.0.1:49569 ! R:localhost/127.0.0.1:2281] (org.apache.zookeeper.ClientCnxnSocketNetty)
[2021-01-23 22:02:03,363] INFO Opening socket connection to server localhost/127.0.0.1:2281. Will not attempt to authenticate using SASL (unknown error) (org.apache.zookeeper.ClientCnxn)
[2021-01-23 22:02:03,365] WARN zookeeper.ssl.keyStore.location not specified (org.apache.zookeeper.common.X509Util)
[2021-01-23 22:02:03,366] WARN zookeeper.ssl.trustStore.location not specified (org.apache.zookeeper.common.X509Util)
[2021-01-23 22:02:03,366] INFO SSL handler added for channel: [id: 0x3cc3830e] (org.apache.zookeeper.ClientCnxnSocketNetty)
[2021-01-23 22:02:03,366] INFO Socket connection established, initiating session, client: /127.0.0.1:49570, server: localhost/127.0.0.1:2281 (org.apache.zookeeper.ClientCnxn)
[2021-01-23 22:02:03,367] INFO channel is connected: [id: 0x3cc3830e, L:/127.0.0.1:49570 - R:localhost/127.0.0.1:2281] (org.apache.zookeeper.ClientCnxnSocketNetty)
javax.net.ssl|WARNING|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.369 CST|Logger.java:765|Unable to indicate server name
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.369 CST|Logger.java:765|Ignore, context unavailable extension: server_name
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.369 CST|Logger.java:765|Ignore, context unavailable extension: status_request
javax.net.ssl|INFO|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.370 CST|Logger.java:765|No available application protocols
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.370 CST|Logger.java:765|Ignore, context unavailable extension: application_layer_protocol_negotiation
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.370 CST|Logger.java:765|Ignore, context unavailable extension: status_request_v2
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.370 CST|Logger.java:765|Ignore, context unavailable extension: renegotiation_info
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.371 CST|Logger.java:765|Produced ClientHello handshake message (
"ClientHello": {
"client version" : "TLSv1.2",
"random" : "28 E9 69 57 DA 44 4F 10 91 84 38 28 C4 2F 0E 29 2E 13 41 C4 F5 C5 9C BA 85 D7 1B 50 84 21 B6 4A",
"session id" : "",
"cipher suites" : "[TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384(0xC02C), TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256(0xC02B), TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384(0xC030), TLS_RSA_WITH_AES_256_GCM_SHA384(0x009D), TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384(0xC02E), TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384(0xC032), TLS_DHE_RSA_WITH_AES_256_GCM_SHA384(0x009F), TLS_DHE_DSS_WITH_AES_256_GCM_SHA384(0x00A3), TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256(0xC02F), TLS_RSA_WITH_AES_128_GCM_SHA256(0x009C), TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256(0xC02D), TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256(0xC031), TLS_DHE_RSA_WITH_AES_128_GCM_SHA256(0x009E), TLS_DHE_DSS_WITH_AES_128_GCM_SHA256(0x00A2), TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384(0xC024), TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384(0xC028), TLS_RSA_WITH_AES_256_CBC_SHA256(0x003D), TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384(0xC026), TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384(0xC02A), TLS_DHE_RSA_WITH_AES_256_CBC_SHA256(0x006B), TLS_DHE_DSS_WITH_AES_256_CBC_SHA256(0x006A), TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA(0xC00A), TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA(0xC014), TLS_RSA_WITH_AES_256_CBC_SHA(0x0035), TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA(0xC005), TLS_ECDH_RSA_WITH_AES_256_CBC_SHA(0xC00F), TLS_DHE_RSA_WITH_AES_256_CBC_SHA(0x0039), TLS_DHE_DSS_WITH_AES_256_CBC_SHA(0x0038), TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256(0xC023), TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256(0xC027), TLS_RSA_WITH_AES_128_CBC_SHA256(0x003C), TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256(0xC025), TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256(0xC029), TLS_DHE_RSA_WITH_AES_128_CBC_SHA256(0x0067), TLS_DHE_DSS_WITH_AES_128_CBC_SHA256(0x0040), TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA(0xC009), TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA(0xC013), TLS_RSA_WITH_AES_128_CBC_SHA(0x002F), TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA(0xC004), TLS_ECDH_RSA_WITH_AES_128_CBC_SHA(0xC00E), TLS_DHE_RSA_WITH_AES_128_CBC_SHA(0x0033), TLS_DHE_DSS_WITH_AES_128_CBC_SHA(0x0032), TLS_EMPTY_RENEGOTIATION_INFO_SCSV(0x00FF)]",
"compression methods" : "00",
"extensions" : [
"supported_groups (10)": {
"versions": [secp256r1, secp384r1, secp521r1, ffdhe2048, ffdhe3072, ffdhe4096, ffdhe6144, ffdhe8192]
},
"ec_point_formats (11)": {
"formats": [uncompressed]
},
"signature_algorithms (13)": {
"signature schemes": [ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp521r1_sha512, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, dsa_sha256, ecdsa_sha224, rsa_sha224, dsa_sha224, ecdsa_sha1, rsa_pkcs1_sha1, dsa_sha1]
},
"signature_algorithms_cert (50)": {
"signature schemes": [ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp521r1_sha512, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, dsa_sha256, ecdsa_sha224, rsa_sha224, dsa_sha224, ecdsa_sha1, rsa_pkcs1_sha1, dsa_sha1]
},
"extended_master_secret (23)": {
<empty>
},
"supported_versions (43)": {
"versions": [TLSv1.2, TLSv1.1, TLSv1]
}
]
}
)
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.377 CST|Logger.java:765|Consuming ServerHello handshake message (
"ServerHello": {
"server version" : "TLSv1.2",
"random" : "1B 6F 1E 9A D9 D3 46 37 8B C1 A7 1C 33 30 DB 4B 1A CE BC F2 04 10 4F F6 56 B7 10 5A 00 5B E4 71",
"session id" : "4F DB 1F 27 B4 93 30 9E 28 69 C3 15 46 0D 02 28 FF C4 32 C1 4A B5 AF A0 EB 4A 36 E2 58 E3 04 29",
"cipher suite" : "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384(0xC030)",
"compression methods" : "00",
"extensions" : [
"extended_master_secret (23)": {
<empty>
},
"renegotiation_info (65,281)": {
"renegotiated connection": [<no renegotiated connection>]
}
]
}
)
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.378 CST|Logger.java:765|Ignore unavailable extension: supported_versions
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.378 CST|Logger.java:765|Negotiated protocol version: TLSv1.2
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.378 CST|Logger.java:765|Consumed extension: renegotiation_info
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.378 CST|Logger.java:765|Ignore unavailable extension: server_name
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.378 CST|Logger.java:765|Ignore unavailable extension: max_fragment_length
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.378 CST|Logger.java:765|Ignore unavailable extension: status_request
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.378 CST|Logger.java:765|Ignore unavailable extension: ec_point_formats
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.379 CST|Logger.java:765|Ignore unavailable extension: status_request_v2
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.379 CST|Logger.java:765|Consumed extension: extended_master_secret
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.379 CST|Logger.java:765|Consumed extension: renegotiation_info
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.379 CST|Logger.java:765|Ignore unavailable extension: server_name
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.379 CST|Logger.java:765|Ignore unavailable extension: max_fragment_length
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.379 CST|Logger.java:765|Ignore unavailable extension: status_request
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.379 CST|Logger.java:765|Ignore unavailable extension: ec_point_formats
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.379 CST|Logger.java:765|Ignore unavailable extension: application_layer_protocol_negotiation
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.379 CST|Logger.java:765|Ignore unavailable extension: status_request_v2
javax.net.ssl|WARNING|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.380 CST|Logger.java:765|Ignore impact of unsupported extension: extended_master_secret
javax.net.ssl|WARNING|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.380 CST|Logger.java:765|Ignore impact of unsupported extension: renegotiation_info
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.380 CST|Logger.java:765|Consuming server Certificate handshake message (
"Certificates": [
"certificate" : {
"version" : "v1",
"serial number" : "00 CA E2 10 31 59 C6 F3 45",
"signature algorithm": "SHA1withRSA",
"issuer" : "EMAILADDRESS=hzhilamp@163.com, CN=ca-cert, OU=alauda, O=alauda, L=beijing, ST=beijing, C=CN",
"not before" : "2021-01-23 17:44:44.000 CST",
"not after" : "2031-01-21 17:44:44.000 CST",
"subject" : "CN=localhost, OU=alauda, O=alauda, L=beijing, ST=beijing, C=CN",
"subject public key" : "RSA"},
"certificate" : {
"version" : "v1",
"serial number" : "00 A4 EF FB 5F D7 70 5D EC",
"signature algorithm": "SHA256withRSA",
"issuer" : "EMAILADDRESS=hzhilamp@163.com, CN=ca-cert, OU=alauda, O=alauda, L=beijing, ST=beijing, C=CN",
"not before" : "2021-01-23 17:39:50.000 CST",
"not after" : "2031-01-21 17:39:50.000 CST",
"subject" : "EMAILADDRESS=hzhilamp@163.com, CN=ca-cert, OU=alauda, O=alauda, L=beijing, ST=beijing, C=CN",
"subject public key" : "RSA"}
]
)
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.383 CST|Logger.java:765|Consuming ECDH ServerKeyExchange handshake message (
"ECDH ServerKeyExchange": {
"parameters": {
"named group": "secp256r1"
"ecdh public": {
0000: 04 19 BE 80 09 F8 D4 1C 60 22 4D 19 DE 81 F3 EC ........`"M.....
0010: 13 B7 D1 4A C3 AA BF 1C 72 5E BA 04 74 69 E2 28 ...J....r^..ti.(
0020: 66 24 57 58 3F B0 38 54 FA 5D 79 6F BE B5 03 E4 f$WX?.8T.]yo....
0030: 61 8B B0 40 59 6D 05 34 DE 8D ED A8 DB 5E 9B 1C a..@Ym.4.....^..
0040: D6 .
},
},
"digital signature": {
"signature algorithm": "rsa_pss_rsae_sha256"
"signature": {
0000: 50 25 A9 03 A2 68 A0 38 85 71 56 CB 63 16 19 23 P%...h.8.qV.c..#
0010: 7F 98 AD B4 17 F5 0B 2E AD 89 7D 66 2C BB E6 83 ...........f,...
0020: 87 95 A2 2E 8D 7A 96 2C 33 F5 AA 9F 1B 36 1D D5 .....z.,3....6..
0030: BE 69 D5 10 5C CD 3F E4 85 5F F3 84 ED 9F 43 15 .i..\.?.._....C.
0040: C3 9B 45 03 29 44 9F 51 1F 0F 12 65 DD 87 FB F8 ..E.)D.Q...e....
0050: 9B 6E F0 72 CA 75 0F EC 37 08 16 E1 60 CD 8F 1D .n.r.u..7...`...
0060: AB DD C8 04 A8 B2 7B BD 62 7F 74 C9 7D 70 74 50 ........b.t..ptP
0070: C0 37 45 6F 7A 9F E2 0C 6E 76 26 CA 06 F3 95 AE .7Eoz...nv&.....
0080: BE 8F 5A FC 1E 5F B9 F9 78 12 20 3C 45 52 36 C7 ..Z.._..x. <ER6.
0090: 9A FC 48 4B A1 13 75 91 77 D2 46 CB 6D 0D C4 5D ..HK..u.w.F.m..]
00A0: E0 43 BE 97 5A B0 9D 31 48 CD 33 D0 B7 64 14 6E .C..Z..1H.3..d.n
00B0: 02 70 DE 4F 8A EF 5A CB 18 42 A9 47 74 C5 3A A5 .p.O..Z..B.Gt.:.
00C0: A7 48 CE C2 2D 7D C5 63 E7 B4 D6 06 40 45 F6 58 .H..-..c....@E.X
00D0: DB 98 0D 7E E7 C7 95 FE 75 9C 7C 08 C5 7F 76 65 ........u.....ve
00E0: 2C 4A C2 46 C8 13 22 D4 D4 88 7B 32 E1 72 86 E9 ,J.F.."....2.r..
00F0: 23 BF 07 FF 84 EE 0A 01 E3 FE 94 06 D0 95 19 D2 #...............
},
}
}
)
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.384 CST|Logger.java:765|Consuming CertificateRequest handshake message (
"CertificateRequest": {
"certificate types": [ecdsa_sign, rsa_sign, dss_sign]
"supported signature algorithms": [ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp521r1_sha512, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, dsa_sha256, ecdsa_sha224, rsa_sha224, dsa_sha224, ecdsa_sha1, rsa_pkcs1_sha1, dsa_sha1]
"certificate authorities": [EMAILADDRESS=hzhilamp@163.com, CN=ca-cert, OU=alauda, O=alauda, L=beijing, ST=beijing, C=CN]
}
)
javax.net.ssl|ALL|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.384 CST|Logger.java:765|No X.509 cert selected for EC
javax.net.ssl|WARNING|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.384 CST|Logger.java:765|Unavailable authentication scheme: ecdsa_secp256r1_sha256
javax.net.ssl|ALL|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.384 CST|Logger.java:765|No X.509 cert selected for EC
javax.net.ssl|WARNING|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.384 CST|Logger.java:765|Unavailable authentication scheme: ecdsa_secp384r1_sha384
javax.net.ssl|ALL|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.384 CST|Logger.java:765|No X.509 cert selected for EC
javax.net.ssl|WARNING|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.385 CST|Logger.java:765|Unavailable authentication scheme: ecdsa_secp521r1_sha512
javax.net.ssl|ALL|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.385 CST|Logger.java:765|No X.509 cert selected for RSA
javax.net.ssl|WARNING|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.385 CST|Logger.java:765|Unavailable authentication scheme: rsa_pss_rsae_sha256
javax.net.ssl|ALL|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.385 CST|Logger.java:765|No X.509 cert selected for RSA
javax.net.ssl|WARNING|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.385 CST|Logger.java:765|Unavailable authentication scheme: rsa_pss_rsae_sha384
javax.net.ssl|ALL|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.385 CST|Logger.java:765|No X.509 cert selected for RSA
javax.net.ssl|WARNING|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.385 CST|Logger.java:765|Unavailable authentication scheme: rsa_pss_rsae_sha512
javax.net.ssl|ALL|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.385 CST|Logger.java:765|No X.509 cert selected for RSASSA-PSS
javax.net.ssl|WARNING|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.385 CST|Logger.java:765|Unavailable authentication scheme: rsa_pss_pss_sha256
javax.net.ssl|ALL|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.386 CST|Logger.java:765|No X.509 cert selected for RSASSA-PSS
javax.net.ssl|WARNING|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.386 CST|Logger.java:765|Unavailable authentication scheme: rsa_pss_pss_sha384
javax.net.ssl|ALL|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.386 CST|Logger.java:765|No X.509 cert selected for RSASSA-PSS
javax.net.ssl|WARNING|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.386 CST|Logger.java:765|Unavailable authentication scheme: rsa_pss_pss_sha512
javax.net.ssl|ALL|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.386 CST|Logger.java:765|No X.509 cert selected for RSA
javax.net.ssl|WARNING|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.386 CST|Logger.java:765|Unavailable authentication scheme: rsa_pkcs1_sha256
javax.net.ssl|ALL|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.386 CST|Logger.java:765|No X.509 cert selected for RSA
javax.net.ssl|WARNING|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.387 CST|Logger.java:765|Unavailable authentication scheme: rsa_pkcs1_sha384
javax.net.ssl|ALL|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.387 CST|Logger.java:765|No X.509 cert selected for RSA
javax.net.ssl|WARNING|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.387 CST|Logger.java:765|Unavailable authentication scheme: rsa_pkcs1_sha512
javax.net.ssl|ALL|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.387 CST|Logger.java:765|No X.509 cert selected for DSA
javax.net.ssl|WARNING|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.387 CST|Logger.java:765|Unavailable authentication scheme: dsa_sha256
javax.net.ssl|ALL|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.387 CST|Logger.java:765|No X.509 cert selected for EC
javax.net.ssl|WARNING|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.387 CST|Logger.java:765|Unavailable authentication scheme: ecdsa_sha224
javax.net.ssl|ALL|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.387 CST|Logger.java:765|No X.509 cert selected for RSA
javax.net.ssl|WARNING|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.387 CST|Logger.java:765|Unavailable authentication scheme: rsa_sha224
javax.net.ssl|ALL|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.387 CST|Logger.java:765|No X.509 cert selected for DSA
javax.net.ssl|WARNING|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.388 CST|Logger.java:765|Unavailable authentication scheme: dsa_sha224
javax.net.ssl|ALL|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.388 CST|Logger.java:765|No X.509 cert selected for EC
javax.net.ssl|WARNING|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.388 CST|Logger.java:765|Unavailable authentication scheme: ecdsa_sha1
javax.net.ssl|ALL|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.388 CST|Logger.java:765|No X.509 cert selected for RSA
javax.net.ssl|WARNING|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.388 CST|Logger.java:765|Unavailable authentication scheme: rsa_pkcs1_sha1
javax.net.ssl|ALL|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.388 CST|Logger.java:765|No X.509 cert selected for DSA
javax.net.ssl|WARNING|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.388 CST|Logger.java:765|Unavailable authentication scheme: dsa_sha1
javax.net.ssl|WARNING|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.388 CST|Logger.java:765|No available authentication scheme
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.388 CST|Logger.java:765|Consuming ServerHelloDone handshake message (
<empty>
)
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.389 CST|Logger.java:765|No X.509 certificate for client authentication, use empty Certificate message instead
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.389 CST|Logger.java:765|Produced client Certificate handshake message (
"Certificates": <empty list>
)
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.391 CST|Logger.java:765|Produced ECDHE ClientKeyExchange handshake message (
"ECDH ClientKeyExchange": {
"ecdh public": {
0000: 04 F2 7D A1 76 05 4B 8D 0B 51 73 29 12 01 67 73 ....v.K..Qs)..gs
0010: D3 AE 00 58 38 07 33 44 A4 E9 E8 29 E6 CE 58 89 ...X8.3D...)..X.
0020: E6 1B 56 9C 3C 68 7E 5D 15 2F 1A A4 9B 63 50 D3 ..V.<h.]./...cP.
0030: 95 36 69 DF 02 D3 FE DD 14 49 7F AA 31 7D 45 1D .6i......I..1.E.
0040: 4D M
},
}
)
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.396 CST|Logger.java:765|Produced ChangeCipherSpec message
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.396 CST|Logger.java:765|Produced client Finished handshake message (
"Finished": {
"verify data": {
0000: D7 2C 16 89 95 59 30 5E B5 34 61 B5
}'}
)
javax.net.ssl|FINE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.398 CST|Logger.java:765|Received alert message (
"Alert": {
"level" : "fatal",
"description": "bad_certificate"
}
)
javax.net.ssl|SEVERE|1B|nioEventLoopGroup-2-1|2021-01-23 22:02:03.398 CST|Logger.java:765|Fatal (BAD_CERTIFICATE): Received fatal alert: bad_certificate (
"throwable" : {
javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate
at sun.security.ssl.Alert.createSSLException(Alert.java:131)
at sun.security.ssl.Alert.createSSLException(Alert.java:117)
at sun.security.ssl.TransportContext.fatal(TransportContext.java:311)
at sun.security.ssl.Alert$AlertConsumer.consume(Alert.java:293)
at sun.security.ssl.TransportContext.dispatch(TransportContext.java:185)
at sun.security.ssl.SSLTransport.decode(SSLTransport.java:149)
at sun.security.ssl.SSLEngineImpl.decode(SSLEngineImpl.java:575)
at sun.security.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:531)
at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:398)
at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:377)
at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:626)
at io.netty.handler.ssl.SslHandler$SslEngineType$3.unwrap(SslHandler.java:281)
at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1324)
at io.netty.handler.ssl.SslHandler.decodeJdkCompatible(SslHandler.java:1219)
at io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1266)
at io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:498)
at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:437)
at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:276)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:377)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:363)
at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:355)
at io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1410)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:377)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:363)
at io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:919)
at io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:163)
at io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:714)
at io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:650)
at io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:576)
at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:493)
at io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:989)
at io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74)
at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
at java.lang.Thread.run(Thread.java:748)}
)
[2021-01-23 22:02:03,400] WARN Exception caught (org.apache.zookeeper.ClientCnxnSocketNetty)
io.netty.handler.codec.DecoderException: javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate
at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:468)
at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:276)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:377)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:363)
at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:355)
at io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1410)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:377)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:363)
at io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:919)
at io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:163)
at io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:714)
at io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:650)
at io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:576)
at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:493)
at io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:989)
at io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74)
at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
at java.lang.Thread.run(Thread.java:748)
Caused by: javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate
at sun.security.ssl.Alert.createSSLException(Alert.java:131)
at sun.security.ssl.Alert.createSSLException(Alert.java:117)
at sun.security.ssl.TransportContext.fatal(TransportContext.java:311)
at sun.security.ssl.Alert$AlertConsumer.consume(Alert.java:293)
at sun.security.ssl.TransportContext.dispatch(TransportContext.java:185)
at sun.security.ssl.SSLTransport.decode(SSLTransport.java:149)
at sun.security.ssl.SSLEngineImpl.decode(SSLEngineImpl.java:575)
at sun.security.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:531)
at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:398)
at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:377)
at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:626)
at io.netty.handler.ssl.SslHandler$SslEngineType$3.unwrap(SslHandler.java:281)
at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1324)
at io.netty.handler.ssl.SslHandler.decodeJdkCompatible(SslHandler.java:1219)
at io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1266)
at io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:498)
at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:437)
... 17 more
[2021-01-23 22:02:03,401] INFO channel is told closing (org.apache.zookeeper.ClientCnxnSocketNetty)
zookeeper log
2021-01-23 21:52:09,670 [myid:] - ERROR [nioEventLoopGroup-7-6:NettyServerCnxnFactory$CertificateVerifier@363] - Unsuccessful handshake with session 0x0
2021-01-23 21:52:09,671 [myid:] - WARN [nioEventLoopGroup-7-6:NettyServerCnxnFactory$CnxnChannelHandler@220] - Exception caught
io.netty.handler.codec.DecoderException: javax.net.ssl.SSLHandshakeException: Empty server certificate chain
at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:471)
at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:276)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:379)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:365)
at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:357)
at io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1410)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:379)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:365)
at io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:919)
at io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:163)
at io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:714)
at io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:650)
at io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:576)
at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:493)
at io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:989)
at io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74)
at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
at java.lang.Thread.run(Thread.java:748)
1 REPLY 1
New Contributor
Created 09-10-2021 05:56 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@lanzhiwang anyone helped you or have you been able to fix this one? Im meeting with the same issue on the same version of Kafka.
Thanks,
Ivan
Announcements
What's New @ Cloudera
What's New @ Cloudera
What's New @ Cloudera
What's New @ Cloudera
What's New @ Cloudera
