Hi,
We are getting the below error when trying to use a Java new producer client.
Please let us know the reason for this error -
Error message:
[2016-02-18 15:41:06,182] DEBUG Accepted connection from /10.**.***.** on
/10.**.***.**:9093. sendBufferSize [actual|requested]: [102400|102400]
recvBufferSize [actual|requested]: [102400|102400] (kafka.network.Acceptor)
[2016-02-18 15:41:06,183] DEBUG Processor 1 listening to new connection from
/10.**.**.**:46419 (kafka.network.Processor)
[2016-02-18 15:41:06,283] DEBUG SSLEngine.closeInBound() raised an exception.
(org.apache.kafka.common.network.SslTransportLayer)
javax.net.ssl.SSLException: Inbound closed before receiving peer's
close_notify: possible truncation attack?
at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1639)
at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1607)
at sun.security.ssl.SSLEngineImpl.closeInbound(SSLEngineImpl.java:1537)
at
org.apache.kafka.common.network.SslTransportLayer.handshakeFailure(SslTransportLayer.java:723)
at
org.apache.kafka.common.network.SslTransportLayer.handshake(SslTransportLayer.java:313)
at org.apache.kafka.common.network.KafkaChannel.prepare(KafkaChannel.java:68)
at org.apache.kafka.common.network.Selector.poll(Selector.java:281)
at kafka.network.Processor.run(SocketServer.scala:413)
at java.lang.Thread.run(Thread.java:722)
[2016-02-18 15:41:06,283] DEBUG Connection with l************.com/10.**.**.**
disconnected (org.apache.kafka.common.network.Selector)
javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
at
sun.security.ssl.EngineInputRecord.bytesInCompletePacket(EngineInputRecord.java:171)
at sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:845)
at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:758)
at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624)
at
org.apache.kafka.common.network.SslTransportLayer.handshakeUnwrap(SslTransportLayer.java:408)
at
org.apache.kafka.common.network.SslTransportLayer.handshake(SslTransportLayer.java:269)
at org.apache.kafka.common.network.KafkaChannel.prepare(KafkaChannel.java:68)
at org.apache.kafka.common.network.Selector.poll(Selector.java:281)
at kafka.network.Processor.run(SocketServer.scala:413)
at java.lang.Thread.run(Thread.java:722)
Producer Java client code:
System.setProperty("javax.net.debug","ssl:handshake:verbose");
Properties props = new Properties();
props.put("bootstrap.servers", "************.com:9093");
props.put("acks", "all");
props.put("retries", "0");
props.put("batch.size", "16384");
props.put("linger.ms", "1");
props.put("buffer.memory", "33554432");
props.put("key.serializer",
"org.apache.kafka.common.serialization.StringSerializer");
props.put("value.serializer",
"org.apache.kafka.common.serialization.StringSerializer");
props.put("security.protocol", "SSL");
props.put("ssl.protocal", "SSL");
props.put("ssl.truststore.location",
"/idn/home/salla8/ssl/kafka_client_truststore.jks");
props.put("ssl.truststore.password", "p@ssw0rd");
props.put("ssl.keystore.location",
"/idn/home/salla8/ssl/kafka_client_keystore.jks");
props.put("ssl.keystore.password", "p@ssw0rd");
props.put("ssl.key.password", "p@ssw0rd");
Producer<String, String> producer = new KafkaProducer<String,
String>(props);
Configuration -server.properties:
broker.id=0
listeners=SSL://:9093
num.network.threads=3
num.io.threads=8
socket.send.buffer.bytes=102400
socket.receive.buffer.bytes=102400
socket.request.max.bytes=104857600
security.inter.broker.protocol=SSL
ssl.keystore.location=/opt/kafka_2.11-0.9.0.0/config/ssl/kafka.server.keystore.jks
ssl.keystore.password=p@ssw0rd
ssl.key.password=p@ssw0rd
ssl.truststore.location=/opt/kafka_2.11-0.9.0.0/config/ssl/kafka.server.truststore.jks
ssl.truststore.password=p@ssw0rd
ssl.client.auth=required
log.dirs=/tmp/kafka-logs
num.partitions=1
num.recovery.threads.per.data.dir=1
log.retention.hours=168
log.segment.bytes=1073741824
log.retention.check.interval.ms=300000
log.cleaner.enable=false
zookeeper.connect=*********:5181/test900
zookeeper.connection.timeout.ms=6000
Logs - kafkaServer.out:
[2016-02-17 08:58:00,226] INFO KafkaConfig values:
request.timeout.ms = 30000
log.roll.hours = 168
inter.broker.protocol.version = 0.9.0.X
log.preallocate = false
security.inter.broker.protocol = SSL
controller.socket.timeout.ms = 30000
ssl.keymanager.algorithm = SunX509
ssl.key.password = null
log.cleaner.enable = false
num.recovery.threads.per.data.dir = 1
background.threads = 10
unclean.leader.election.enable = true
sasl.kerberos.kinit.cmd = /usr/bin/kinit
replica.lag.time.max.ms = 10000
ssl.endpoint.identification.algorithm = null
auto.create.topics.enable = true
zookeeper.sync.time.ms = 2000
ssl.client.auth = required
ssl.keystore.password = [hidden]
log.cleaner.io.buffer.load.factor = 0.9
offsets.topic.compression.codec = 0
log.retention.hours = 168
ssl.protocol = TLS
log.dirs = /tmp/kafka-logs
log.index.size.max.bytes = 10485760
sasl.kerberos.min.time.before.relogin = 60000
log.retention.minutes = null
connections.max.idle.ms = 600000
ssl.trustmanager.algorithm = PKIX
offsets.retention.minutes = 1440
max.connections.per.ip = 2147483647
replica.fetch.wait.max.ms = 500
metrics.num.samples = 2
port = 9092
offsets.retention.check.interval.ms = 600000
log.cleaner.dedupe.buffer.size = 524288000
log.segment.bytes = 1073741824
group.min.session.timeout.ms = 6000
producer.purgatory.purge.interval.requests = 1000
min.insync.replicas = 1
ssl.truststore.password = [hidden]
log.flush.scheduler.interval.ms = 9223372036854775807
socket.receive.buffer.bytes = 102400
leader.imbalance.per.broker.percentage = 10
num.io.threads = 8
offsets.topic.replication.factor = 3
zookeeper.connect = lpdbd0055:5181/test900
queued.max.requests = 500
replica.socket.timeout.ms = 30000
offsets.topic.segment.bytes = 104857600
replica.high.watermark.checkpoint.interval.ms = 5000
broker.id = 0
ssl.keystore.location =
/opt/kafka_2.11-0.9.0.0/config/ssl/keystore.jks
listeners = SSL://:9093
log.flush.interval.messages = 9223372036854775807
principal.builder.class = class
org.apache.kafka.common.security.auth.DefaultPrincipalBuilder
log.retention.ms = null
offsets.commit.required.acks = -1
sasl.kerberos.principal.to.local.rules = [DEFAULT]
group.max.session.timeout.ms = 30000
num.replica.fetchers = 1
advertised.listeners = null
replica.socket.receive.buffer.bytes = 65536
delete.topic.enable = false
log.index.interval.bytes = 4096
metric.reporters = []
compression.type = producer
log.cleanup.policy = delete
controlled.shutdown.max.retries = 3
log.cleaner.threads = 1
quota.window.size.seconds = 1
zookeeper.connection.timeout.ms = 6000
offsets.load.buffer.size = 5242880
zookeeper.session.timeout.ms = 6000
ssl.cipher.suites = null
authorizer.class.name =
sasl.kerberos.ticket.renew.jitter = 0.05
sasl.kerberos.service.name = null
controlled.shutdown.enable = true
offsets.topic.num.partitions = 50
quota.window.num = 11
message.max.bytes = 1000012
log.cleaner.backoff.ms = 15000
log.roll.jitter.hours = 0
log.retention.check.interval.ms = 300000
replica.fetch.max.bytes = 1048576
log.cleaner.delete.retention.ms = 86400000
fetch.purgatory.purge.interval.requests = 1000
log.cleaner.min.cleanable.ratio = 0.5
offsets.commit.timeout.ms = 5000
zookeeper.set.acl = false
log.retention.bytes = -1
offset.metadata.max.bytes = 4096
leader.imbalance.check.interval.seconds = 300
quota.consumer.default = 9223372036854775807
log.roll.jitter.ms = null
reserved.broker.max.id = 1000
replica.fetch.backoff.ms = 1000
advertised.host.name = null
quota.producer.default = 9223372036854775807
log.cleaner.io.buffer.size = 524288
controlled.shutdown.retry.backoff.ms = 5000
log.dir = /tmp/kafka-logs
log.flush.offset.checkpoint.interval.ms = 60000
log.segment.delete.delay.ms = 60000
num.partitions = 1
num.network.threads = 3
socket.request.max.bytes = 104857600
sasl.kerberos.ticket.renew.window.factor = 0.8
log.roll.ms = null
ssl.enabled.protocols = [TLSv1.2, TLSv1.1, TLSv1]
socket.send.buffer.bytes = 102400
log.flush.interval.ms = null
ssl.truststore.location =
/opt/kafka_2.11-0.9.0.0/config/ssl/truststore.jks
log.cleaner.io.max.bytes.per.second = 1.7976931348623157E308
default.replication.factor = 1
metrics.sample.window.ms = 30000
auto.leader.rebalance.enable = true
host.name =
ssl.truststore.type = JKS
advertised.port = null
max.connections.per.ip.overrides =
replica.fetch.min.bytes = 1
ssl.keystore.type = JKS
(kafka.server.KafkaConfig)
Thanks,
Sri
American Express made the following annotations
******************************************************************************
"This message and any attachments are solely for the intended recipient and may
contain confidential or privileged information. If you are not the intended
recipient, any disclosure, copying, use, or distribution of the information
included in this message and any attachments is prohibited. If you have
received this communication in error, please notify us by reply e-mail and
immediately and permanently delete this message and any attachments. Thank you."
American Express a ajouté le commentaire suivant le Ce courrier et toute pièce
jointe qu'il contient sont réservés au seul destinataire indiqué et peuvent
renfermer des
renseignements confidentiels et privilégiés. Si vous n'êtes pas le destinataire
prévu, toute divulgation, duplication, utilisation ou distribution du courrier
ou de toute pièce jointe est interdite. Si vous avez reçu cette communication
par erreur, veuillez nous en aviser par courrier et détruire immédiatement le
courrier et les pièces jointes. Merci.
******************************************************************************
