[ https://issues.apache.org/jira/browse/SOLR-14105?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17105784#comment-17105784 ]
Tim commented on SOLR-14105: ---------------------------- The issue seems to have to do with [https://github.com/apache/lucene-solr/blob/master/solr/core/src/java/org/apache/solr/handler/component/HttpShardHandlerFactory.java#L316] which in turn uses uses client jetty's SslContextFactory.Client inside Http2SolrClient, and latest jetty SslContextFactory.Client no longer seems to allow using multi domain certs. Perhaps it should be replaced with SslContextFactory.Server instead? > Http2SolrClient SSL not working in branch_8x > -------------------------------------------- > > Key: SOLR-14105 > URL: https://issues.apache.org/jira/browse/SOLR-14105 > Project: Solr > Issue Type: Bug > Affects Versions: 8.5 > Reporter: Jan Høydahl > Assignee: Kevin Risden > Priority: Major > Attachments: SOLR-14105.patch > > > In branch_8x we upgraded to Jetty 9.4.24. This causes the following > exceptions when attempting to start server with SSL: > {noformat} > 2019-12-17 14:46:16.646 ERROR (main) [ ] o.a.s.c.SolrCore > null:org.apache.solr.common.SolrException: Error instantiating > shardHandlerFactory class [HttpShardHandlerFactory]: > java.lang.UnsupportedOperationException: X509ExtendedKeyManager only > supported on Server > at > org.apache.solr.handler.component.ShardHandlerFactory.newInstance(ShardHandlerFactory.java:56) > at org.apache.solr.core.CoreContainer.load(CoreContainer.java:633) > ... > Caused by: java.lang.RuntimeException: > java.lang.UnsupportedOperationException: X509ExtendedKeyManager only > supported on Server > at > org.apache.solr.client.solrj.impl.Http2SolrClient.createHttpClient(Http2SolrClient.java:224) > at > org.apache.solr.client.solrj.impl.Http2SolrClient.<init>(Http2SolrClient.java:154) > at > org.apache.solr.client.solrj.impl.Http2SolrClient$Builder.build(Http2SolrClient.java:833) > at > org.apache.solr.handler.component.HttpShardHandlerFactory.init(HttpShardHandlerFactory.java:321) > at > org.apache.solr.handler.component.ShardHandlerFactory.newInstance(ShardHandlerFactory.java:51) > ... 50 more > Caused by: java.lang.UnsupportedOperationException: X509ExtendedKeyManager > only supported on Server > at > org.eclipse.jetty.util.ssl.SslContextFactory.newSniX509ExtendedKeyManager(SslContextFactory.java:1273) > at > org.eclipse.jetty.util.ssl.SslContextFactory.getKeyManagers(SslContextFactory.java:1255) > at > org.eclipse.jetty.util.ssl.SslContextFactory.load(SslContextFactory.java:374) > at > org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:245) > {noformat} -- This message was sent by Atlassian Jira (v8.3.4#803005) --------------------------------------------------------------------- To unsubscribe, e-mail: issues-unsubscr...@lucene.apache.org For additional commands, e-mail: issues-h...@lucene.apache.org