[ https://issues.apache.org/jira/browse/KAFKA-8381?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Rajini Sivaram updated KAFKA-8381: ---------------------------------- Affects Version/s: (was: 2.3.0) Removed AffectedVersion=2.3.0 since this was fixed before the release and the issue wasn't in any released version. > SSL factory for inter-broker listener is broken > ----------------------------------------------- > > Key: KAFKA-8381 > URL: https://issues.apache.org/jira/browse/KAFKA-8381 > Project: Kafka > Issue Type: Bug > Components: security > Reporter: Rajini Sivaram > Assignee: Rajini Sivaram > Priority: Blocker > Fix For: 2.3.0 > > > From a system test failure: > {code} > [2019-05-17 15:48:12,453] ERROR [KafkaServer id=1] Fatal error during > KafkaServer startup. Prepare to shutdown (kafka.server.KafkaServer) > org.apache.kafka.common.KafkaException: > org.apache.kafka.common.config.ConfigException: Invalid value > javax.net.ssl.SSLHandshakeException: General SSLEngine problem for > configuration A client SSLEngine created with the provided settings can't > connect to a server SSLEngine created with those settings. > at > org.apache.kafka.common.network.SaslChannelBuilder.configure(SaslChannelBuilder.java:162) > at > org.apache.kafka.common.network.ChannelBuilders.create(ChannelBuilders.java:146) > at > org.apache.kafka.common.network.ChannelBuilders.serverChannelBuilder(ChannelBuilders.java:85) > at kafka.network.Processor.<init>(SocketServer.scala:747) > at kafka.network.SocketServer.newProcessor(SocketServer.scala:388) > at > kafka.network.SocketServer.$anonfun$addDataPlaneProcessors$1(SocketServer.scala:282) > at scala.collection.immutable.Range.foreach$mVc$sp(Range.scala:158) > at > kafka.network.SocketServer.addDataPlaneProcessors(SocketServer.scala:281) > at > kafka.network.SocketServer.$anonfun$createDataPlaneAcceptorsAndProcessors$1(SocketServer.scala:244) > at > kafka.network.SocketServer.$anonfun$createDataPlaneAcceptorsAndProcessors$1$adapted(SocketServer.scala:241) > at > scala.collection.mutable.ResizableArray.foreach(ResizableArray.scala:62) > at > scala.collection.mutable.ResizableArray.foreach$(ResizableArray.scala:55) > at scala.collection.mutable.ArrayBuffer.foreach(ArrayBuffer.scala:49) > at > kafka.network.SocketServer.createDataPlaneAcceptorsAndProcessors(SocketServer.scala:241) > at kafka.network.SocketServer.startup(SocketServer.scala:120) > at kafka.server.KafkaServer.startup(KafkaServer.scala:293) > {code} > Looks like the changes under > https://github.com/apache/kafka/commit/0494cd329f3aaed94b3b46de0abe495f80faaedd > added validation for inter-broker SSL factory with hostname verification > enabled and `localhost` as the hostname. As a result, integration tests pass, > but system tests fail. -- This message was sent by Atlassian Jira (v8.3.4#803005)