[jira] [Commented] (FLINK-9424) BlobClientSslTest does not work in all environments

Fri, 13 Jul 2018 00:27:48 -0700 


    [ 
https://issues.apache.org/jira/browse/FLINK-9424?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16542650#comment-16542650
 ] 

Stephan Ewen commented on FLINK-9424:
-------------------------------------

I am encountering these problems as well. The problem is even harder once akka 
is involved, because you only get "could not connect to" messages and it took 
me very long to trace the problem back to this. I fear this could become a 
roadblock for some users.

I would suggest to do the following:

  - downgrade the default selection of cipher suites again (undo FLINK-9310)
  - mention in the SSL docs that the IETF recommends to set the algorithms to 
what is currently configured.



> BlobClientSslTest does not work in all environments
> ---------------------------------------------------
>
>                 Key: FLINK-9424
>                 URL: https://issues.apache.org/jira/browse/FLINK-9424
>             Project: Flink
>          Issue Type: Test
>          Components: Distributed Coordination, Tests
>    Affects Versions: 1.5.0
>            Reporter: Timo Walther
>            Priority: Major
>
> It seems that the {{BlobClientSslTest}} assumes SSL algorithms that are not 
> present in every environment. Thus, they cause the Flink build to fail. It 
> also affects {{NettyClientServerSslTest}}.
> Environment:
> {code}
> Apache Maven 3.5.3 (3383c37e1f9e9b3bc3df5050c29c8aff9f295297; 
> 2018-02-24T20:49:05+01:00)
> Maven home: /usr/local/Cellar/maven/3.5.3/libexec
> Java version: 1.8.0_102, vendor: Oracle Corporation
> Java home: 
> /Library/Java/JavaVirtualMachines/jdk1.8.0_102.jdk/Contents/Home/jre
> Default locale: en_US, platform encoding: UTF-8
> OS name: "mac os x", version: "10.13.3", arch: "x86_64", family: "mac"
> {code}
> Exception:
> {code}
> java.lang.IllegalArgumentException: Cannot support 
> TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 with currently installed providers
>       at sun.security.ssl.CipherSuiteList.<init>(CipherSuiteList.java:92)
>       at 
> sun.security.ssl.SSLServerSocketImpl.setEnabledCipherSuites(SSLServerSocketImpl.java:200)
>       at 
> org.apache.flink.runtime.net.SSLUtils.setSSLVerAndCipherSuites(SSLUtils.java:84)
>       at org.apache.flink.runtime.blob.BlobServer.<init>(BlobServer.java:207)
>       at 
> org.apache.flink.runtime.blob.BlobClientSslTest.startSSLServer(BlobClientSslTest.java:65)
> {code}



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to