Hi Jan,
The last time I sent a mail to "dev@solr.apache.org", I received a mail from
David Smiley without subscribing to any list. Can you please reply with the
solution to this email?
If it is mandatory to subscribe to any list, please let me know the process.
Thanks & Regards,
Keerthi Turakapalli
________________________________
From: Jan Høydahl <jan....@cominvent.com>
Sent: 31 January 2023 21:56
To: dev@solr.apache.org <dev@solr.apache.org>
Cc: Keerthi Turakapalli <tkeer...@opentext.com>
Subject: [EXTERNAL] - Re: Connection to SSL enabled solr9 is failing
CAUTION: This email originated from outside of the organization. Do not click
links or open attachments unless you recognize the sender and know the content
is safe. If you feel that the email is suspicious, please report it using
PhishAlarm.
I did reply to your email on Jan 24th. If you subscribe to the list you will
see the answer.
Jan Høydahl
> 31. jan. 2023 kl. 16:06 skrev Keerthi Turakapalli
> <tkeer...@opentext.com.invalid>:
>
> FYI
> Can you please respond to this mail?
>
> Thanks & Regards,
> Keerthi Turakapalli
>
> ________________________________
> From: Keerthi Turakapalli
> Sent: 24 January 2023 17:13
> To: dev@solr.apache.org <dev@solr.apache.org>
> Cc: Sangisetti Ramana <sram...@opentext.com>; Santosh Kumar Siliveru
> <ssili...@opentext.com>; Dhoka Pramod <dpra...@opentext.com>
> Subject: Connection to SSL enabled solr9 is failing
>
> Hi,
>
> In solr8.11.2 we were using the below code where the HttpClient object is
> created with SSLContextFactory to connect to ssl enabled solr.
>
> Code Snippet using solr 8.11.2:
>
>
> builder = new
> CloudSolrClient.Builder(Collections.singletonList(mServerDetails.getZookeeperUrl()),
> Optional.empty())
> .withHttpClient(getSecureClient())
>
> reutrn builder.build();
>
> private CloseableHttpClient getSecureClient() {
> CloseableHttpClient cHttpClient = null;
> try {
> TrustStrategy acceptingTrustStrategy = (cert, authType) -> true;
> SSLContext sslContext = SSLContexts.custom().loadTrustMaterial(null,
> acceptingTrustStrategy).build();
> SSLConnectionSocketFactory sslConnectionSocketFactory = new
> SSLConnectionSocketFactory(sslContext, new DefaultHostnameVerifier());
> Registry<ConnectionSocketFactory> socketFactoryRegistry =
> RegistryBuilder.<ConnectionSocketFactory>create().
> register(SCHEMA_HTTPS, sslConnectionSocketFactory).build();
> BasicHttpClientConnectionManager connectionManager = new
> BasicHttpClientConnectionManager(socketFactoryRegistry);
> cHttpClient =
> HttpClients.custom().setSSLSocketFactory(sslConnectionSocketFactory).setConnectionManager(connectionManager).build();
> } catch(NoSuchAlgorithmException | KeyStoreException |
> KeyManagementException ex)
> {
> mLogger.atError().log("Processing httpclient failed.: {}", ex);
> }
> return cHttpClient;
> }
>
> However, withHttpClient() in solr9.1.0 got updated and it is only accepting
> Http2SolrClient instead of HttpClient.
> Following the documentation here:
> https://urldefense.com/v3/__https://solr.apache.org/guide/solr/latest/deployment-guide/solrj.html__;!!Obbck6kTJA!eykdZGgOz94z4G0X4QLnsirk3BgvVuaEYvz3Teqh7SbcqB4xooNFmoSIwz050T0G_wrqpgISWPDEZnIZtkw$
>
> We tried to connect to ssl enabled solr using,
>
> This code leads to an NPE:
>
>
> List<String> list = new ArrayList<>();
> list.add(mServerDetails.getZookeeperUrl());
> CloudHttp2SolrClient.Builder newBuilder = new
> CloudHttp2SolrClient.Builder(list, Optional.empty());
> return newBuilder.build();
>
> This code is throwing below "Missing SSLContextFactory" error. Please find
> the stacktrace,
> =====================================================
>
> DEBUG | 2023-01-24 14:31:50 | [Thread-175] impl.SolrServiceImpl
> (SolrServiceImpl.java:474) - Zookeeper Protocol: HTTPS, enableSSLFlag: true
> ERROR | 2023-01-24 14:31:50 | [Thread-175] impl.SolrServiceImpl
> (SolrServiceImpl.java:218) - Failed to get the cluster status from the server.
> org.apache.solr.client.solrj.SolrServerException:
> java.lang.NullPointerException: Missing SslContextFactory
> at
> org.apache.solr.client.solrj.impl.LBSolrClient.doRequest(LBSolrClient.java:445)
> ~[?:?]
> at
> org.apache.solr.client.solrj.impl.LBSolrClient.request(LBSolrClient.java:371)
> ~[?:?]
> at
> org.apache.solr.client.solrj.impl.CloudSolrClient.sendRequest(CloudSolrClient.java:1174)
> ~[?:?]
> at
> org.apache.solr.client.solrj.impl.CloudSolrClient.requestWithRetryOnStaleState(CloudSolrClient.java:880)
> ~[?:?]
> at
> org.apache.solr.client.solrj.impl.CloudSolrClient.request(CloudSolrClient.java:807)
> ~[?:?]
> at
> org.apache.solr.client.solrj.SolrRequest.process(SolrRequest.java:234) ~[?:?]
> at
> org.apache.solr.client.solrj.SolrRequest.process(SolrRequest.java:249) ~[?:?]
>
> at com.zerog.ia.installer.actions.CustomAction.installSelf(Unknown
> Source) ~[installer.zip:?]
> at com.zerog.ia.installer.util.GenericInstallPanel$2.run(Unknown
> Source) ~[installer.zip:?]
>
> Caused by: java.lang.NullPointerException: Missing SslContextFactory
> at java.util.Objects.requireNonNull(Objects.java:246) ~[?:?]
> at
> org.eclipse.jetty.io.ssl.SslClientConnectionFactory.<init>(SslClientConnectionFactory.java:57)
> ~[?:?]
> at
> org.eclipse.jetty.client.HttpClient.newSslClientConnectionFactory(HttpClient.java:1208)
> ~[?:?]
> at
> org.eclipse.jetty.client.HttpClient.newSslClientConnectionFactory(HttpClient.java:1214)
> ~[?:?]
> at
> org.eclipse.jetty.client.HttpDestination.newSslClientConnectionFactory(HttpDestination.java:148)
> ~[?:?]
> at
> org.eclipse.jetty.client.HttpDestination.newSslClientConnectionFactory(HttpDestination.java:154)
> ~[?:?]
> at
> org.eclipse.jetty.client.HttpDestination.<init>(HttpDestination.java:94)
> ~[?:?]
> at
> org.eclipse.jetty.client.MultiplexHttpDestination.<init>(MultiplexHttpDestination.java:25)
> ~[?:?]
> at
> org.eclipse.jetty.http2.client.http.HttpDestinationOverHTTP2.<init>(HttpDestinationOverHTTP2.java:32)
> ~[?:?]
> at
> org.eclipse.jetty.http2.client.http.HttpClientTransportOverHTTP2.newHttpDestination(HttpClientTransportOverHTTP2.java:128)
> ~[?:?]
> at
> org.eclipse.jetty.client.HttpClient.lambda$resolveDestination$0(HttpClient.java:575)
> ~[?:?]
> at
> java.util.concurrent.ConcurrentHashMap.computeIfAbsent(ConcurrentHashMap.java:1705)
> ~[?:?]
> at
> org.eclipse.jetty.client.HttpClient.resolveDestination(HttpClient.java:573)
> ~[?:?]
> at
> org.eclipse.jetty.client.HttpClient.resolveDestination(HttpClient.java:551)
> ~[?:?]
> at org.eclipse.jetty.client.HttpClient.send(HttpClient.java:599) ~[?:?]
> at org.eclipse.jetty.client.HttpRequest.sendAsync(HttpRequest.java:780)
> ~[?:?]
> at org.eclipse.jetty.client.HttpRequest.send(HttpRequest.java:767)
> ~[?:?]
> at
> org.apache.solr.client.solrj.impl.Http2SolrClient.request(Http2SolrClient.java:455)
> ~[?:?]
> at
> org.apache.solr.client.solrj.impl.LBSolrClient.doRequest(LBSolrClient.java:405)
> ~[?:?]
> ============================================
>
> Here it is expecting SSLContextFactory while connecting to solr with the
> zookeeper host. We also tried to use the method "withSSLConfig(sslConfig)" in
> Http2SolrClient class. But the usage is something like
>
> <
> new Http2SolrClient.Builder().build;
>
> public Builder withSSLConfig(SSLConfig sslConfig) {
> this.sslConfig = sslConfig;
> return this;
> }
>>
>
> Here withSSLConfig() method requiring SSLConfig object containing parameters
> like authClient, keystore, keystorePassword, trustore, truststorePassword. If
> this method is to be used, where and what values are expected here? However,
> to call this method in Builder() by default it is assigning defaultSSLConf.
> What does this do?
>
> Could you please let us know how to Build a CloudSlrClient object with
> SSLConfig that can connect to SSL enabled solr9 machine with zookeeper URL?
> Or is it mandated to pass solr URL's?
>
> Thanks & Regards,
> Keerthi Turakapalli
>
