cwrothrock opened a new issue, #24623: URL: https://github.com/apache/beam/issues/24623
### What happened? Beam Version: 2.43.0+ Java LTS versions 11.0.11, 1.8.0_291 and up have TLSv1 and TLSv1.1 [disabled by default](https://www.petefreitag.com/item/916.cfm). Dataflow pipelines which use the Beam Java SDKs and attempt to connect to resources using these legacy algorithms experience problems (notably JDBC + MySQL connections). This currently affects at the very least Google Cloud Dataflow users opted into RunnerV2/Unified Worker. Relevant errors include but may not be limited to: ``` javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate) java.base/sun.security.ssl.HandshakeContext.<init>(HandshakeContext.java:170)... ``` or ``` java.sql.SQLException: Cannot create PoolableConnectionFactory (The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption. Error: "The server selected protocol version TLS10 is not accepted by client preferences [TLS12]".) ``` ### Issue Priority Priority: 2 (default / most bugs should be filed as P2) ### Issue Components - [ ] Component: Python SDK - [X] Component: Java SDK - [ ] Component: Go SDK - [ ] Component: Typescript SDK - [ ] Component: IO connector - [ ] Component: Beam examples - [ ] Component: Beam playground - [ ] Component: Beam katas - [ ] Component: Website - [ ] Component: Spark Runner - [ ] Component: Flink Runner - [ ] Component: Samza Runner - [ ] Component: Twister2 Runner - [ ] Component: Hazelcast Jet Runner - [X] Component: Google Cloud Dataflow Runner -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
