[jira] [Updated] (FLINK-9261) Regression - Flink CLI and Web UI not working when SSL is enabled

Thu, 26 Apr 2018 06:03:42 -0700 

     [ 
https://issues.apache.org/jira/browse/FLINK-9261?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Edward Rojas updated FLINK-9261:
--------------------------------
    Labels: regression  (was: )

> Regression - Flink CLI and Web UI not working when SSL is enabled
> -----------------------------------------------------------------
>
>                 Key: FLINK-9261
>                 URL: https://issues.apache.org/jira/browse/FLINK-9261
>             Project: Flink
>          Issue Type: Bug
>          Components: Client, Network, Web Client
>    Affects Versions: 1.5.0
>            Reporter: Edward Rojas
>            Priority: Major
>              Labels: regression
>
> When *security.ssl.enabled* config is set to true, Web UI is no longer 
> reachable; there is no logs on jobmanager. 
>  
> When setting *web.ssl.enabled* to false (keeping security.ssl.enabled to 
> true), the dashboard is not reachable and there is the following exception on 
> jobmanager: 
> {code:java}
> WARN  org.apache.flink.runtime.dispatcher.DispatcherRestEndpoint    - 
> Unhandled exception
> org.apache.flink.shaded.netty4.io.netty.handler.ssl.NotSslRecordException: 
> not an SSL/TLS record: 
> 474554202f20485454502f312e310d0a486f73743a206c6f63616c686f73743a383038310d0a436f6e6e656374696f6e3a206b6565702d616c6976650d0a557067726164652d496e7365637572652d52657175657374733a20310d0a557365722d4167656e743a204d6f7a696c6c612f352e3020284d6163696e746f73683b20496e74656c204d6163204f5320582031305f31335f3329204170706c655765624b69742f3533372e333620284b48544d4c2c206c696b65204765636b6f29204368726f6d652f36352e302e333332352e313831205361666172692f3533372e33360d0a4163636570743a20746578742f68746d6c2c6170706c69636174696f6e2f7868746d6c2b786d6c2c6170706c69636174696f6e2f786d6c3b713d302e392c696d6167652f776562702c696d6167652f61706e672c2a2f2a3b713d302e380d0a4163636570742d456e636f64696e673a20677a69702c206465666c6174652c2062720d0a4163636570742d4c616e67756167653a20656e2c656e2d47423b713d302e392c65732d3431393b713d302e382c65733b713d302e372c66722d46523b713d302e362c66723b713d302e350d0a436f6f6b69653a20496465612d39326365626136363d39396464633637632d613838382d346439332d396166612d3737396631373636326264320d0a49662d4d6f6469666965642d53696e63653a205468752c2032362041707220323031382031313a30313a313520474d540d0a0d0a
> at 
> org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslHandler.decode(SslHandler.java:940)
> at 
> org.apache.flink.shaded.netty4.io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:315)
> at 
> org.apache.flink.shaded.netty4.io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:229)
> at 
> org.apache.flink.shaded.netty4.io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:339)
> at 
> org.apache.flink.shaded.netty4.io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:324)
> at 
> org.apache.flink.shaded.netty4.io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:847)
> at 
> org.apache.flink.shaded.netty4.io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:131)
> at 
> org.apache.flink.shaded.netty4.io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:511)
> at 
> org.apache.flink.shaded.netty4.io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:468)
> at 
> org.apache.flink.shaded.netty4.io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:382)
> at 
> org.apache.flink.shaded.netty4.io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:354)
> at 
> org.apache.flink.shaded.netty4.io.netty.util.concurrent.SingleThreadEventExecutor$2.run(SingleThreadEventExecutor.java:111)
> at 
> org.apache.flink.shaded.netty4.io.netty.util.concurrent.DefaultThreadFactory$DefaultRunnableDecorator.run(DefaultThreadFactory.java:137)
> at java.lang.Thread.run(Thread.java:745)
> {code}
> Also when trying to use the Flink CLI, it get stuck on "Waiting for 
> response..." and there is no error messages on jobmanager. None of the 
> commands works, list, run etc.
>  
> Taskmanagers are able to registrate to Jobmanager, so the SSL configuration 
> is good.
>  
> SSL configuration:
> security.ssl.enabled: true
> security.ssl.keystore: /path/to/keystore
> security.ssl.keystore-password: xxxx
> security.ssl.key-password: xxxx
> security.ssl.truststore: /path/to/truststore
> security.ssl.truststore-password: xxxx
> web.ssl.enabled: false
> This same configuration works perfectly on Flink 1.4.
>  



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to