Re: Connection to SSL enabled solr9 is failing

Tue, 24 Jan 2023 07:42:48 -0800 

Hi,

You can try using CloudLegacySolrClient as a start, which is exactly like in 
8.x. But you'll need to figure out SSL with Http2SolrClient sooner or later 
since it is deprecated.

Jan

> 24. jan. 2023 kl. 12:43 skrev Keerthi Turakapalli 
> <tkeer...@opentext.com.INVALID>:
> 
> Hi,
> 
> In solr8.11.2 we were using the below code where the HttpClient object is 
> created with SSLContextFactory to connect to ssl enabled solr.
> 
> Code Snippet using solr 8.11.2:
> 
> 
> builder = new 
> CloudSolrClient.Builder(Collections.singletonList(mServerDetails.getZookeeperUrl()),
>  Optional.empty())
>                    .withHttpClient(getSecureClient())
> 
> reutrn builder.build();
> 
> private CloseableHttpClient getSecureClient() {
>    CloseableHttpClient cHttpClient = null;
>    try {
>        TrustStrategy acceptingTrustStrategy = (cert, authType) -> true;
>        SSLContext sslContext = SSLContexts.custom().loadTrustMaterial(null, 
> acceptingTrustStrategy).build();
>        SSLConnectionSocketFactory sslConnectionSocketFactory = new 
> SSLConnectionSocketFactory(sslContext, new DefaultHostnameVerifier());
>        Registry<ConnectionSocketFactory> socketFactoryRegistry = 
> RegistryBuilder.<ConnectionSocketFactory>create().
>                register(SCHEMA_HTTPS, sslConnectionSocketFactory).build();
>        BasicHttpClientConnectionManager connectionManager = new 
> BasicHttpClientConnectionManager(socketFactoryRegistry);
>        cHttpClient = 
> HttpClients.custom().setSSLSocketFactory(sslConnectionSocketFactory).setConnectionManager(connectionManager).build();
>    } catch(NoSuchAlgorithmException | KeyStoreException | 
> KeyManagementException ex)
>    {
>        mLogger.atError().log("Processing httpclient failed.: {}", ex);
>    }
>    return cHttpClient;
> }
> 
> However, withHttpClient() in solr9.1.0 got updated and it is only accepting 
> Http2SolrClient instead of HttpClient.
> Following the documentation here:
> https://solr.apache.org/guide/solr/latest/deployment-guide/solrj.html
> 
> We tried to connect to ssl enabled solr using,
> 
> This code leads to an NPE:
> 
> 
> List<String> list = new ArrayList<>();
> list.add(mServerDetails.getZookeeperUrl());
> CloudHttp2SolrClient.Builder newBuilder = new 
> CloudHttp2SolrClient.Builder(list, Optional.empty());
> return newBuilder.build();
> 
> This code is throwing below "Missing SSLContextFactory" error. Please find 
> the stacktrace,
> =====================================================
> 
> DEBUG | 2023-01-24 14:31:50 | [Thread-175] impl.SolrServiceImpl 
> (SolrServiceImpl.java:474) - Zookeeper Protocol: HTTPS,  enableSSLFlag: true
> ERROR | 2023-01-24 14:31:50 | [Thread-175] impl.SolrServiceImpl 
> (SolrServiceImpl.java:218) - Failed to get the cluster status from the server.
> org.apache.solr.client.solrj.SolrServerException: 
> java.lang.NullPointerException: Missing SslContextFactory
>       at 
> org.apache.solr.client.solrj.impl.LBSolrClient.doRequest(LBSolrClient.java:445)
>  ~[?:?]
>       at 
> org.apache.solr.client.solrj.impl.LBSolrClient.request(LBSolrClient.java:371) 
> ~[?:?]
>       at 
> org.apache.solr.client.solrj.impl.CloudSolrClient.sendRequest(CloudSolrClient.java:1174)
>  ~[?:?]
>       at 
> org.apache.solr.client.solrj.impl.CloudSolrClient.requestWithRetryOnStaleState(CloudSolrClient.java:880)
>  ~[?:?]
>       at 
> org.apache.solr.client.solrj.impl.CloudSolrClient.request(CloudSolrClient.java:807)
>  ~[?:?]
>       at 
> org.apache.solr.client.solrj.SolrRequest.process(SolrRequest.java:234) ~[?:?]
>       at 
> org.apache.solr.client.solrj.SolrRequest.process(SolrRequest.java:249) ~[?:?]
>      
>       at com.zerog.ia.installer.actions.CustomAction.installSelf(Unknown 
> Source) ~[installer.zip:?]
>       at com.zerog.ia.installer.util.GenericInstallPanel$2.run(Unknown 
> Source) ~[installer.zip:?]
> 
> Caused by: java.lang.NullPointerException: Missing SslContextFactory
>       at java.util.Objects.requireNonNull(Objects.java:246) ~[?:?]
>       at 
> org.eclipse.jetty.io.ssl.SslClientConnectionFactory.<init>(SslClientConnectionFactory.java:57)
>  ~[?:?]
>       at 
> org.eclipse.jetty.client.HttpClient.newSslClientConnectionFactory(HttpClient.java:1208)
>  ~[?:?]
>       at 
> org.eclipse.jetty.client.HttpClient.newSslClientConnectionFactory(HttpClient.java:1214)
>  ~[?:?]
>       at 
> org.eclipse.jetty.client.HttpDestination.newSslClientConnectionFactory(HttpDestination.java:148)
>  ~[?:?]
>       at 
> org.eclipse.jetty.client.HttpDestination.newSslClientConnectionFactory(HttpDestination.java:154)
>  ~[?:?]
>       at 
> org.eclipse.jetty.client.HttpDestination.<init>(HttpDestination.java:94) 
> ~[?:?]
>       at 
> org.eclipse.jetty.client.MultiplexHttpDestination.<init>(MultiplexHttpDestination.java:25)
>  ~[?:?]
>       at 
> org.eclipse.jetty.http2.client.http.HttpDestinationOverHTTP2.<init>(HttpDestinationOverHTTP2.java:32)
>  ~[?:?]
>       at 
> org.eclipse.jetty.http2.client.http.HttpClientTransportOverHTTP2.newHttpDestination(HttpClientTransportOverHTTP2.java:128)
>  ~[?:?]
>       at 
> org.eclipse.jetty.client.HttpClient.lambda$resolveDestination$0(HttpClient.java:575)
>  ~[?:?]
>       at 
> java.util.concurrent.ConcurrentHashMap.computeIfAbsent(ConcurrentHashMap.java:1705)
>  ~[?:?]
>       at 
> org.eclipse.jetty.client.HttpClient.resolveDestination(HttpClient.java:573) 
> ~[?:?]
>       at 
> org.eclipse.jetty.client.HttpClient.resolveDestination(HttpClient.java:551) 
> ~[?:?]
>       at org.eclipse.jetty.client.HttpClient.send(HttpClient.java:599) ~[?:?]
>       at org.eclipse.jetty.client.HttpRequest.sendAsync(HttpRequest.java:780) 
> ~[?:?]
>       at org.eclipse.jetty.client.HttpRequest.send(HttpRequest.java:767) 
> ~[?:?]
>       at 
> org.apache.solr.client.solrj.impl.Http2SolrClient.request(Http2SolrClient.java:455)
>  ~[?:?]
>       at 
> org.apache.solr.client.solrj.impl.LBSolrClient.doRequest(LBSolrClient.java:405)
>  ~[?:?]
> ============================================
> 
> Here it is expecting SSLContextFactory while connecting to solr with the 
> zookeeper host. We also tried to use the method "withSSLConfig(sslConfig)" in 
> Http2SolrClient class. But the usage is something like
> 
> <
>    new Http2SolrClient.Builder().build;
> 
>   public Builder withSSLConfig(SSLConfig sslConfig) {
>      this.sslConfig = sslConfig;
>      return this;
>    }
>> 
> 
> Here withSSLConfig() method requiring SSLConfig object containing parameters 
> like authClient, keystore, keystorePassword, trustore, truststorePassword. If 
> this method is to be used, where and what values are expected here? However, 
> to call this method in Builder() by default it is assigning defaultSSLConf. 
> What does this do?
> 
> Could you please let us know how to Build a CloudSlrClient object with 
> SSLConfig that can connect to SSL enabled solr9 machine with zookeeper URL?
> Or is it mandated to pass solr URL's?
> 
> Thanks & Regards,
> ​Keerthi Turakapalli
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@solr.apache.org
For additional commands, e-mail: dev-h...@solr.apache.org

Reply via email to