[jira] [Work started] (HBASE-27782) During SSL handshake error, netty complains that exceptionCaught() was not handled

Duo Zhang (Jira) Thu, 22 Jun 2023 07:11:08 -0700


     [ 
https://issues.apache.org/jira/browse/HBASE-27782?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Work on HBASE-27782 started by Duo Zhang.
-----------------------------------------
> During SSL handshake error, netty complains that exceptionCaught() was not 
> handled
> ----------------------------------------------------------------------------------
>
>                 Key: HBASE-27782
>                 URL: https://issues.apache.org/jira/browse/HBASE-27782
>             Project: HBase
>          Issue Type: Bug
>            Reporter: Bryan Beaudreault
>            Assignee: Duo Zhang
>            Priority: Major
>              Labels: TLS
>
> I was chaos testing the new native TLS, forcing a certificate to expire and 
> fail handshake. The handshake failure properly causes submitted requests to 
> fail, but I see the following "unhandled exception" like message:
> {code:java}
> WARN  o.a.h.t.i.n.c.DefaultChannelPipeline - An exceptionCaught() event was 
> fired, and it reached at the tail of the pipeline. It usually means the last 
> handler in the pipeline did not handle the exception.
> org.apache.hbase.thirdparty.io.netty.handler.codec.DecoderException: 
> javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_expired
>         at 
> org.apache.hbase.thirdparty.io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:499)
>         at 
> org.apache.hbase.thirdparty.io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:290)
>         at 
> org.apache.hbase.thirdparty.io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:444)
>         at 
> org.apache.hbase.thirdparty.io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420)
>         at 
> org.apache.hbase.thirdparty.io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:412)
>         at 
> org.apache.hbase.thirdparty.io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1410)
>         at 
> org.apache.hbase.thirdparty.io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:440)
>         at 
> org.apache.hbase.thirdparty.io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420)
>         at 
> org.apache.hbase.thirdparty.io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:919)
>         at 
> org.apache.hbase.thirdparty.io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:166)
>         at 
> org.apache.hbase.thirdparty.io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:788)
>         at 
> org.apache.hbase.thirdparty.io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:724)
>         at 
> org.apache.hbase.thirdparty.io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:650)
>         at 
> org.apache.hbase.thirdparty.io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:562)
>         at 
> org.apache.hbase.thirdparty.io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:997)
>         at 
> org.apache.hbase.thirdparty.io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74)
>         at 
> org.apache.hbase.thirdparty.io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
>         at java.base/java.lang.Thread.run(Thread.java:833)
> Caused by: javax.net.ssl.SSLHandshakeException: Received fatal alert: 
> certificate_expired
>         at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131)
>         at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117)
>         at 
> java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:358)
>         at 
> java.base/sun.security.ssl.Alert$AlertConsumer.consume(Alert.java:293)
>         at 
> java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:204)
>         at 
> java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:172)
>         at 
> java.base/sun.security.ssl.SSLEngineImpl.decode(SSLEngineImpl.java:736)
>         at 
> java.base/sun.security.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:691)
>         at 
> java.base/sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:506)
>         at 
> java.base/sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:482)
>         at java.base/javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:679)
>         at 
> org.apache.hbase.thirdparty.io.netty.handler.ssl.SslHandler$SslEngineType$3.unwrap(SslHandler.java:296)
>         at 
> org.apache.hbase.thirdparty.io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1343)
>         at 
> org.apache.hbase.thirdparty.io.netty.handler.ssl.SslHandler.decodeJdkCompatible(SslHandler.java:1236)
>         at 
> org.apache.hbase.thirdparty.io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1285)
>         at 
> org.apache.hbase.thirdparty.io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:529)
>         at 
> org.apache.hbase.thirdparty.io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:468)
>         ... 17 common frames omitted{code}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Work started] (HBASE-27782) During SSL handshake error, netty complains that exceptionCaught() was not handled

Reply via email to