[jira] [Commented] (SOLR-16023) Solr obtain zookeeper ruok via ssl cause error

Sat, 19 Feb 2022 14:27:06 -0800 


    [ 
https://issues.apache.org/jira/browse/SOLR-16023?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17495058#comment-17495058
 ] 

Yordan Borisov commented on SOLR-16023:
---------------------------------------

Thanks [~janhoy] for the fast answer.

It is not clear again what are the required steps related making Solr Zookeeper 
status page to work properly with SSL enabled.

Could you please clarify for visibility.

> Solr obtain zookeeper ruok via ssl cause error
> ----------------------------------------------
>
>                 Key: SOLR-16023
>                 URL: https://issues.apache.org/jira/browse/SOLR-16023
>             Project: Solr
>          Issue Type: Bug
>      Security Level: Public(Default Security Level. Issues are Public) 
>    Affects Versions: 8.11.1
>            Reporter: Yordan Borisov
>            Priority: Major
>
> Enabling ssl in Solr and Zookeeper which is listening only on secure port 
> (e.g. 2283) cause
> an empty response from Zookeeper because of the following error
> {code:java}
> Caused by: io.netty.handler.ssl.NotSslRecordException: not an SSL/TLS record: 
>  72756f6b0a {code}
> The current implementation in Solr is working with Socket where it should be 
> SslSocket in order to create ssl layer before sending the request.
> I believe the problem comes from : 
> org.apache.solr.handler.admin.ZookeeperStatusHandler#getZkRawResponse where 
> the communication between Solr and ZooKeeper happens by using this code :
> {code:java}
> Socket socket = new Socket(host, port);
> ......
> {code}
> and it is a plain text, but the ZooKeeper listens only on *secureClientPort* 
> (e.g. 2281) where the *clientPort* is not defined.
>  
> What is the expected behaviour here? Can Solr and ZooKeeper communicate only 
> via SSL?
> I validated that secureClientPort works with the following command:
> {code:bash}
> ~$ echo srvr | ncat --ssl localhost 2281
> Zookeeper version: 3.6.3--6401e4ad2087061bc6b9f80dec2d69f2e3c8660a, built on 
> 04/08/2021 16:35 GMT
> Latency min/avg/max: 0/0.0/0
> Received: 1
> Sent: 0
> Connections: 1
> Outstanding: 0
> Zxid: 0x2000001f3
> Mode: follower
> Node count: 87
> {code}
> Java version: OpenJDK Runtime Environment (build 
> 1.8.0_312-8u312-b07-0ubuntu1~20.04-b07)
> Solr version 8.11.1
> Zookeeper version: 3.6.3



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to