[
https://issues.apache.org/jira/browse/FLINK-34491?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17819860#comment-17819860
]
Dhruv Patel commented on FLINK-34491:
-------------------------------------
Following issue has been observed in after enabling SSL in flink. Since after
migration flink uses tls1.3 as default
|Change |Description | |
|SSL / TLS v1.3|the handshake between the flink components now uses TLS v1.3
with Cipher:
TLS_AES_256_GCM_SHA384
which is causing SSL handshake failures.
{code:java}
SSL3 alert read:fatal:handshake failure
SSL_connect:error in error
409B7454F87F0000:error:0A000410:SSL routines:ssl3_read_bytes:sslv3 alert
handshake failure:ssl/record/rec_layer_s3.c:1586:SSL alert number 40
–
Server Temp Key: ECDH, prime256v1, 256 bits
—
SSL handshake has read 470 bytes and written 730 bytes
Verification: OK
—
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
This TLS version forbids renegotiation.| {code}| |
> Move from experimental support to production support for Java 17
> ----------------------------------------------------------------
>
> Key: FLINK-34491
> URL: https://issues.apache.org/jira/browse/FLINK-34491
> Project: Flink
> Issue Type: New Feature
> Affects Versions: 1.18.1
> Reporter: Dhruv Patel
> Priority: Major
>
> This task is to move away from experimental support for Java 17 to production
> support so that teams running Flink in production can migrate to Java 17
> successfully
>
> *Blocker for this task:*
> Savepoint migration is not supported with Java 17 and Flink 1.18.1 as
> mentioned in this ticket https://issues.apache.org/jira/browse/FLINK-33707
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
