This is an automated email from the ASF dual-hosted git repository.
chia7712 pushed a commit to branch 3.9
in repository https://gitbox.apache.org/repos/asf/kafka.git
The following commit(s) were added to refs/heads/3.9 by this push:
new d251ec045f2 MINOR: Use SHA256withRSA instead of SHA1withRSA when
running SslTransportLayerTest (#20961)
d251ec045f2 is described below
commit d251ec045f200c8fa48d44a1b27408b320161f8b
Author: Ming-Yen Chung <[email protected]>
AuthorDate: Sun Nov 23 02:27:36 2025 +0800
MINOR: Use SHA256withRSA instead of SHA1withRSA when running
SslTransportLayerTest (#20961)
`SHA1withRSA` is disabled in some linux distribution, such as Fedora 43
server, which results in the following error. Hence, this PR adopts the
solution suggested by @gaurav-narula in
https://github.com/apache/kafka/pull/20561#issuecomment-3378701638,
which is to use `SHA256withRSA` instead of `SHA1withRSA`
```
Gradle Test Run :clients:test > Gradle Test Executor 28 >
Tls13SslFactoryTest > testSslFactoryConfiguration() FAILED
org.apache.kafka.common.config.ConfigException: Invalid value
javax.net.ssl.SSLHandshakeException: (handshake_failure) No available
authentication scheme for configuration A client SSLEngine created with the
provided settings can't connect to a server SSLEngine created with those
settings.
at
app//org.apache.kafka.common.security.ssl.SslFactory.configure(SslFactory.java:105)
at
app//org.apache.kafka.common.security.ssl.SslFactoryTest.testSslFactoryConfiguration(SslFactoryTest.java:80)
at [email protected]/java.lang.reflect.Method.invoke(Method.java:580)
at [email protected]/java.util.ArrayList.forEach(ArrayList.java:1596)
at [email protected]/java.util.ArrayList.forEach(ArrayList.java:1596)
```
Reviewers: Chia-Ping Tsai <[email protected]>
---
clients/src/test/java/org/apache/kafka/test/TestSslUtils.java | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/clients/src/test/java/org/apache/kafka/test/TestSslUtils.java
b/clients/src/test/java/org/apache/kafka/test/TestSslUtils.java
index 72a1ccfe651..39544e2b154 100644
--- a/clients/src/test/java/org/apache/kafka/test/TestSslUtils.java
+++ b/clients/src/test/java/org/apache/kafka/test/TestSslUtils.java
@@ -111,7 +111,7 @@ public class TestSslUtils {
* @param dn the X.509 Distinguished Name, eg "CN=Test, L=London, C=GB"
* @param pair the KeyPair
* @param days how many days from now the Certificate is valid for, or -
for negative values - how many days before now
- * @param algorithm the signing algorithm, eg "SHA1withRSA"
+ * @param algorithm the signing algorithm, eg "SHA256withRSA"
* @return the self-signed certificate
* @throws CertificateException thrown if a security error or an IO error
occurred.
*/
@@ -132,7 +132,7 @@ public class TestSslUtils {
* CA.
* @param parentKeyPair The key pair of the issuer. Leave null if you want
to generate a root
* CA.
- * @param algorithm the signing algorithm, eg "SHA1withRSA"
+ * @param algorithm the signing algorithm, eg "SHA256withRSA"
* @return the signed certificate
* @throws CertificateException
*/
@@ -399,7 +399,7 @@ public class TestSslUtils {
private byte[] subjectAltName;
public CertificateBuilder() {
- this(30, "SHA1withRSA");
+ this(30, "SHA256withRSA");
}
public CertificateBuilder(int days, String algorithm) {
