Hello, I am working on Java code that sends data to Kafka. I am trying to configure TLS. I think I have created all of the keys and certs correctly. When I attempt to send a message to Kafka, I get the stacktrace below. I am stumped as to what is causing this.
Has anyone else seen this before? I'm running Kafka 2.7.1 with Corretto 11.0.8.10.1. Thanks. org.apache.kafka.common.errors.SslAuthenticationException: Failed to process post-handshake messages Caused by: javax.net.ssl.SSLException: Tag mismatch! at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:129) at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:321) at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:264) at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:259) at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:129) at java.base/sun.security.ssl.SSLEngineImpl.decode(SSLEngineImpl.java:672) at java.base/sun.security.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:627) at java.base/sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:443) at java.base/sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:422) at java.base/javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:634) at org.apache.kafka.common.network.SslTransportLayer.read(SslTransportLayer.java:567) at org.apache.kafka.common.network.NetworkReceive.readFrom(NetworkReceive.java:95) at org.apache.kafka.common.network.KafkaChannel.receive(KafkaChannel.java:447) at org.apache.kafka.common.network.KafkaChannel.read(KafkaChannel.java:397) at org.apache.kafka.common.network.Selector.attemptRead(Selector.java:674) at org.apache.kafka.common.network.Selector.pollSelectionKeys(Selector.java:576) at org.apache.kafka.common.network.Selector.poll(Selector.java:481) at org.apache.kafka.clients.NetworkClient.poll(NetworkClient.java:561) at org.apache.kafka.clients.NetworkClientUtils.awaitReady(NetworkClientUtils.java:74) at org.apache.kafka.clients.producer.internals.Sender.awaitNodeReady(Sender.java:531) at org.apache.kafka.clients.producer.internals.Sender.maybeSendAndPollTransactionalRequest(Sender.java:452) at org.apache.kafka.clients.producer.internals.Sender.runOnce(Sender.java:313) at org.apache.kafka.clients.producer.internals.Sender.run(Sender.java:240) at java.base/java.lang.Thread.run(Thread.java:834) Caused by: javax.crypto.AEADBadTagException: Tag mismatch! at java.base/com.sun.crypto.provider.GaloisCounterMode.decryptFinal(GaloisCounterMode.java:580) at java.base/com.sun.crypto.provider.CipherCore.finalNoPadding(CipherCore.java:1049) at java.base/com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:985) at java.base/com.sun.crypto.provider.AESCipher.engineDoFinal(AESCipher.java:491) at java.base/javax.crypto.CipherSpi.bufferCrypt(CipherSpi.java:779) at java.base/javax.crypto.CipherSpi.engineDoFinal(CipherSpi.java:730) at java.base/javax.crypto.Cipher.doFinal(Cipher.java:2497) at java.base/sun.security.ssl.SSLCipher$T13GcmReadCipherGenerator$GcmReadCipher.decrypt(SSLCipher.java:1887) at java.base/sun.security.ssl.SSLEngineInputRecord.decodeInputRecord(SSLEngineInputRecord.java:240) at java.base/sun.security.ssl.SSLEngineInputRecord.decode(SSLEngineInputRecord.java:197) at java.base/sun.security.ssl.SSLEngineInputRecord.decode(SSLEngineInputRecord.java:160) at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:108) ... 19 more -- Chris Baumgartner Java Software Developer FUJIFILM Medical Systems U.S.A., Inc. TeraMedica Division 10400 Innovation Drive, Suite 200 Milwaukee, WI 53226 Office: (414) 908-7724 www.teramedica.com *Helping provide healthcare experiences that enhance the quality of life. * -- NOTICE: This message, including any attachments, is only for the use of the intended recipient(s) and may contain confidential, sensitive and/or privileged information, or information otherwise prohibited from dissemination or disclosure by law or regulation, including applicable export regulations. If the reader of this message is not the intended recipient, you are hereby notified that any use, disclosure, copying, dissemination or distribution of this message or any of its attachments is strictly prohibited. If you received this message in error, please contact the sender immediately by reply email and destroy this message, including all attachments, and any copies thereof.