[
https://issues.apache.org/jira/browse/FLINK-33056?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sergey Nuyanzin updated FLINK-33056:
------------------------------------
Attachment: logs-cron_azure-test_cron_azure_core-1694048924.zip
> NettyClientServerSslTest#testValidSslConnection fails on AZP
> ------------------------------------------------------------
>
> Key: FLINK-33056
> URL: https://issues.apache.org/jira/browse/FLINK-33056
> Project: Flink
> Issue Type: Bug
> Components: Runtime / Configuration, Runtime / Coordination
> Affects Versions: 1.19.0
> Reporter: Sergey Nuyanzin
> Priority: Critical
> Attachments: logs-cron_azure-test_cron_azure_core-1694048924.zip
>
>
> This build
> https://dev.azure.com/apache-flink/apache-flink/_build/results?buildId=53020&view=logs&j=77a9d8e1-d610-59b3-fc2a-4766541e0e33&t=125e07e7-8de0-5c6c-a541-a567415af3ef&l=8592
> fails with
> {noformat}
> Test testValidSslConnection[SSL provider =
> JDK](org.apache.flink.runtime.io.network.netty.NettyClientServerSslTest) is
> running.
> --------------------------------------------------------------------------------
> 01:20:31,479 [ main] INFO
> org.apache.flink.runtime.io.network.netty.NettyConfig [] - NettyConfig
> [server address: localhost/127.0.0.1, server port range: 36717, ssl enabled:
> true, memory segment size (bytes): 1024, transport type: AUTO, number of
> server threads: 1 (manual), number of client thr
> eads: 1 (manual), server connect backlog: 0 (use Netty's default), client
> connect timeout (sec): 120, send/receive buffer size (bytes): 0 (use Netty's
> default)]
> 01:20:31,479 [ main] INFO
> org.apache.flink.runtime.io.network.netty.NettyServer [] - Transport
> type 'auto': using EPOLL.
> 01:20:31,475 [Flink Netty Client (42359) Thread 0] WARN
> org.apache.flink.shaded.netty4.io.netty.channel.DefaultChannelPipeline [] -
> An exceptionCaught() event was fired, and it reached at the tail of the
> pipeline. It usually means the last handler in the pipeline did not handle
> the exception.
> org.apache.flink.shaded.netty4.io.netty.handler.codec.DecoderException:
> javax.net.ssl.SSLHandshakeException: server certificate with unknown
> fingerprint: CN=Unknown, OU=Unknown, O=Unknown, L=Unknown, ST=Unknown,
> C=Unknown
> at
> org.apache.flink.shaded.netty4.io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:499)
> ~[flink-shaded-netty-4.1.91.Final-17.0.jar:?]
> at
> org.apache.flink.shaded.netty4.io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:290)
> ~[flink-shaded-netty-4.1.91.Final-17.0.jar:?]
> at
> org.apache.flink.shaded.netty4.io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:444)
> [flink-shaded-netty-4.1.91.Final-17.0.jar:?]
> at
> org.apache.flink.shaded.netty4.io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420)
> [flink-shaded-netty-4.1.91.Final-17.0.jar:?]
> at
> org.apache.flink.shaded.netty4.io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:412)
> [flink-shaded-netty-4.1.91.Final-17.0.jar:?]
> at
> org.apache.flink.shaded.netty4.io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1410)
> [flink-shaded-netty-4.1.91.Final-17.0.jar:?]
> at
> org.apache.flink.shaded.netty4.io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:440)
> [flink-shaded-netty-4.1.91.Final-17.0.jar:?]
> at
> org.apache.flink.shaded.netty4.io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420)
> [flink-shaded-netty-4.1.91.Final-17.0.jar:?]
> at
> org.apache.flink.shaded.netty4.io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:919)
> [flink-shaded-netty-4.1.91.Final-17.0.jar:?]
> at
> org.apache.flink.shaded.netty4.io.netty.channel.epoll.AbstractEpollStreamChannel$EpollStreamUnsafe.epollInReady(AbstractEpollStreamChannel.java:800)
> [flink-shaded-netty-4.1.91.Final-17.0.jar:?]
> at
> org.apache.flink.shaded.netty4.io.netty.channel.epoll.EpollEventLoop.processReady(EpollEventLoop.java:499)
> [flink-shaded-netty-4.1.91.Final-17.0.jar:?]
> at
> org.apache.flink.shaded.netty4.io.netty.channel.epoll.EpollEventLoop.run(EpollEventLoop.java:397)
> [flink-shaded-netty-4.1.91.Final-17.0.jar:?]
> at
> org.apache.flink.shaded.netty4.io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:997)
> [flink-shaded-netty-4.1.91.Final-17.0.jar:?]
> at
> org.apache.flink.shaded.netty4.io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74)
> [flink-shaded-netty-4.1.91.Final-17.0.jar:?]
> at java.lang.Thread.run(Thread.java:748) [?:1.8.0_292]
> Caused by: javax.net.ssl.SSLHandshakeException: server certificate with
> unknown fingerprint: CN=Unknown, OU=Unknown, O=Unknown, L=Unknown,
> ST=Unknown, C=Unknown
> at sun.security.ssl.Alert.createSSLException(Alert.java:131)
> ~[?:1.8.0_292]
> at sun.security.ssl.TransportContext.fatal(TransportContext.java:324)
> ~[?:1.8.0_292]
> at sun.security.ssl.TransportContext.fatal(TransportContext.java:267)
> ~[?:1.8.0_292]
> at sun.security.ssl.TransportContext.fatal(TransportContext.java:262)
> ~[?:1.8.0_292]
> at
> sun.security.ssl.CertificateMessage$T12CertificateConsumer.checkServerCerts(CertificateMessage.java:654)
> ~[?:1.8.0_292]
> at
> sun.security.ssl.CertificateMessage$T12CertificateConsumer.onCertificate(CertificateMessage.java:473)
> ~[?:1.8.0_292]
> at
> sun.security.ssl.CertificateMessage$T12CertificateConsumer.consume(CertificateMessage.java:369)
> ~[?:1.8.0_292]
> at sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:377)
> ~[?:1.8.0_292]
> at
> sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:444)
> ~[?:1.8.0_292]
> at
> sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:968)
> ~[?:1.8.0_292]
> at
> sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:955)
> ~[?:1.8.0_292]
> at java.security.AccessController.doPrivileged(Native Method)
> ~[?:1.8.0_292]
> at
> sun.security.ssl.SSLEngineImpl$DelegatedTask.run(SSLEngineImpl.java:902)
> ~[?:1.8.0_292]
> at
> org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslHandler.runDelegatedTasks(SslHandler.java:1559)
> ~[flink-shaded-netty-4.1.91.Final-17.0.jar:?]
> at
> org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1405)
> ~[flink-shaded-netty-4.1.91.Final-17.0.jar:?]
> at
> org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslHandler.decodeJdkCompatible(SslHandler.java:1246)
> ~[flink-shaded-netty-4.1.91.Final-17.0.jar:?]
> at
> org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1295)
> ~[flink-shaded-netty-4.1.91.Final-17.0.jar:?]
> at
> org.apache.flink.shaded.netty4.io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:529)
> ~[flink-shaded-netty-4.1.91.Final-17.0.jar:?]
> at
> org.apache.flink.shaded.netty4.io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:468)
> ~[flink-shaded-netty-4.1.91.Final-17.0.jar:?]
> ... 14 more
> Caused by: java.security.cert.CertificateException: server certificate with
> unknown fingerprint: CN=Unknown, OU=Unknown, O=Unknown, L=Unknown,
> ST=Unknown, C=Unknown
> at
> org.apache.flink.shaded.netty4.io.netty.handler.ssl.util.FingerprintTrustManagerFactory$1.checkTrusted(FingerprintTrustManagerFactory.java:124)
> ~[flink-shaded-netty-4.1.91.Final-17.0.jar:?]
> at
> org.apache.flink.shaded.netty4.io.netty.handler.ssl.util.FingerprintTrustManagerFactory$1.checkServerTrusted(FingerprintTrustManagerFactory.java:108)
> ~[flink-shaded-netty-4.1.91.Final-17.0.jar:?]
> at
> org.apache.flink.shaded.netty4.io.netty.handler.ssl.util.X509TrustManagerWrapper.checkServerTrusted(X509TrustManagerWrapper.java:69)
> ~[flink-shaded-netty-4.1.91.Final-17.0.jar:?]
> at
> sun.security.ssl.CertificateMessage$T12CertificateConsumer.checkServerCerts(CertificateMessage.java:632)
> ~[?:1.8.0_292]
> at
> sun.security.ssl.CertificateMessage$T12CertificateConsumer.onCertificate(CertificateMessage.java:473)
> ~[?:1.8.0_292]
> at
> sun.security.ssl.CertificateMessage$T12CertificateConsumer.consume(CertificateMessage.java:369)
> ~[?:1.8.0_292]
> at sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:377)
> ~[?:1.8.0_292]
> at
> sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:444)
> ~[?:1.8.0_292]
> at
> sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:968)
> ~[?:1.8.0_292]
> at
> sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:955)
> ~[?:1.8.0_292]
> at java.security.AccessController.doPrivileged(Native Method)
> ~[?:1.8.0_292]
> at
> sun.security.ssl.SSLEngineImpl$DelegatedTask.run(SSLEngineImpl.java:902)
> ~[?:1.8.0_292]
> at
> org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslHandler.runDelegatedTasks(SslHandler.java:1559)
> ~[flink-shaded-netty-4.1.91.Final-17.0.jar:?]
> at
> org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1405)
> ~[flink-shaded-netty-4.1.91.Final-17.0.jar:?]
> at
> org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslHandler.decodeJdkCompatible(SslHandler.java:1246)
> ~[flink-shaded-netty-4.1.91.Final-17.0.jar:?]
> at
> org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1295)
> ~[flink-shaded-netty-4.1.91.Final-17.0.jar:?]
> at
> org.apache.flink.shaded.netty4.io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:529)
> ~[flink-shaded-netty-4.1.91.Final-17.0.jar:?]
> at
> org.apache.flink.shaded.netty4.io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:468)
> ~[flink-shaded-netty-4.1.91.Final-17.0.jar:?]
> ... 14 more
> {noformat}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
