[jira] [Created] (ZOOKEEPER-4861) TLS compatibility issue

Mon, 16 Sep 2024 06:48:16 -0700 

Jerry Chung created ZOOKEEPER-4861:
--------------------------------------

             Summary: TLS compatibility issue
                 Key: ZOOKEEPER-4861
                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-4861
             Project: ZooKeeper
          Issue Type: Bug
          Components: server
    Affects Versions: 3.9.2, 3.9.1, 3.9.0
            Reporter: Jerry Chung


TLS is not established after the following warning message:

{{2024-09-06 20:55:34,307 [myid:] - WARN  
[epollEventLoopGroup-4-1:o.a.z.s.NettyServerCnxnFactory$CnxnChannelHandler@302] 
- Exception }}
{{caught }}
{{{}io.netty.handler.codec.DecoderException: 
javax.net.ssl.SSLHandshakeException: The client supported protocol versions 
[TLSv1.2] are n{}}}{{{}ot accepted by server preferences [TLS13] {}}}
{{       at 
io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:499)
 }}
{{       at 
io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:290)
 }}
{{       at 
io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:444)
 }}
{{       at 
io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420)
 }}
{{       at 
io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:412)
 }}
{{       at 
io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1410)
 }}
{{       at 
io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:440)
 }}
{{       at 
io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420)}}

During the startup, zookeeper logs:

{{2024-09-06 20:54:49,778 [myid:] - INFO  [main:o.a.z.c.X509Util@110] - Default 
TLS protocol is TLSv1.3, supported TLS protocols are [ }}
{{TLSv1.3, TLSv1.2, TLSv1.1, TLSv1, SSLv3, SSLv2Hello] }}

 

This was noticed on the following environment:
 * Zookeeper Client (3.9.0) - Zookeeper Server (3.9.1): When Zookeeper server 
is running with Java 21. Client java version does not matter. This works with 
Java 17.
 * Zookeeper Client (3.9.1) - Zookeeper Server (3.9.2): It happens for Java 17 
and Java 21



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to