Thanks Franke, but yes for all these questions I did configured it properly, I made sure to include
<Set name="KeyStoreType"><Property name="solr.jetty.keystore.type" default="JKS"/></Set> <Set name="TrustStoreType"><Property name="solr.jetty.truststore.type" default="JKS"/></Set> in the jetty-ssl.xml along with the path keystore and truststore. Also I have made sure that trusstore exists on all nodes and also I am using the same file for both keystore and truststore as below <Set name="KeyStorePath"><Property name="solr.jetty.keystore" default="./etc/solr-keystore.jks"/></Set> <Set name="KeyStorePassword"><Property name="solr.jetty.keystore.password" default="xxxx"/></Set> <Set name="TrustStorePath"><Property name="solr.jetty.truststore" default="./etc/solr-keystore.jks"/></Set> <Set name="TrustStorePassword"><Property name="solr.jetty.truststore.password" default="xxxx"/></Set> also urlScheme for ZK is set to https Also the main error that I posted is the one that I am seeing as a return response where as the below one is what I see from solr logs 2020-06-02 22:32:04.472 ERROR (qtp984876512-93) [c:default s:shard1 r:core_node3 x:default_shard1_replica_n1] o.a.s.s.HttpSolrCall null:org.apache.solr.update.processor.Distr$ at org.apache.solr.update.processor.DistributedZkUpdateProcessor.doDistribFinish(DistributedZkUpdateProcessor.java:1189) at org.apache.solr.update.processor.DistributedUpdateProcessor.finish(DistributedUpdateProcessor.java:1096) at org.apache.solr.update.processor.LogUpdateProcessorFactory$LogUpdateProcessor.finish(LogUpdateProcessorFactory.java:182) at org.apache.solr.update.processor.UpdateRequestProcessor.finish(UpdateRequestProcessor.java:80) at org.apache.solr.update.processor.UpdateRequestProcessor.finish(UpdateRequestProcessor.java:80) at org.apache.solr.update.processor.UpdateRequestProcessor.finish(UpdateRequestProcessor.java:80) at org.apache.solr.update.processor.UpdateRequestProcessor.finish(UpdateRequestProcessor.java:80) at org.apache.solr.update.processor.UpdateRequestProcessor.finish(UpdateRequestProcessor.java:80) at org.apache.solr.update.processor.UpdateRequestProcessor.finish(UpdateRequestProcessor.java:80) at org.apache.solr.update.processor.UpdateRequestProcessor.finish(UpdateRequestProcessor.java:80) at org.apache.solr.update.processor.UpdateRequestProcessor.finish(UpdateRequestProcessor.java:80) at org.apache.solr.handler.ContentStreamHandlerBase.handleRequestBody(ContentStreamHandlerBase.java:78) at org.apache.solr.handler.RequestHandlerBase.handleRequest(RequestHandlerBase.java:211) at org.apache.solr.core.SolrCore.execute(SolrCore.java:2596) at org.apache.solr.servlet.HttpSolrCall.execute(HttpSolrCall.java:799) at org.apache.solr.servlet.HttpSolrCall.call(HttpSolrCall.java:578) at org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:419) at org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:351) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1602) at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:540) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:146) at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:548) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132) at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:257) One strange observation is that when I hit update api on the leader node its working without any error, and now immediately if I hit non-leader its working fine (only once or twice), but if I keep on trying to hit this node again and again its then throwing the above error and once the error started happening , its consistent again. Please let me know if you need more information or if I am missing something else Thanks, On Tue, Jun 2, 2020 at 4:59 PM Jörn Franke <jornfra...@gmail.com> wrote: > Have you looked in the logfiles? > > Keystore Type correctly defined on all nodes? > > Have you configured the truststore on all nodes correctly? > > Have you set clusterprop urlScheme to htttps in ZK? > > > https://lucene.apache.org/solr/guide/7_5/enabling-ssl.html#configure-zookeeper > > > > > Am 02.06.2020 um 18:57 schrieb yaswanth kumar <yaswanth...@gmail.com>: > > > > team, can someone help me on the above topic? > > > >> On Mon, Jun 1, 2020 at 10:00 PM yaswanth kumar <yaswanth...@gmail.com> > >> wrote: > >> > >> Trying to setup solr 8.4.1 + open jdk 11 on centos , enabled the ssl > >> configurations with all the certs in place, but the issue what I am > seeing > >> is when trying to hit /update api on non-leader solr node , its > throwing an > >> error > >> > >> configured 2 solr nodes with 1 zookeeper. > >> > >> metadata":[ > >> > >> > "error-class","org.apache.solr.update.processor.DistributedUpdateProcessor$DistributedUpdatesAsyncException", > >> > >> > "root-error-class","org.apache.solr.update.processor.DistributedUpdateProcessor$DistributedUpdatesAsyncException"], > >> "msg":"Async exception during distributed update: > >> javax.crypto.BadPaddingException: RSA private key operation failed", > >> > "trace":"org.apache.solr.update.processor.DistributedUpdateProcessor$DistributedUpdatesAsyncException: > >> Async exception during distributed update: > >> javax.crypto.BadPaddingException: RSA private key operation failed\n\tat > >> > org.apache.solr.update.processor.DistributedZkUpdateProcessor.doDistribFinish(DistributedZkUpdateProcessor.java:1189)\n\tat > >> > org.apache.solr.update.processor.DistributedUpdateProcessor.finish(DistributedUpdateProcessor.java:1096)\n\tat > >> > org.apache.solr.update.processor.LogUpdateProcessorFactory$LogUpdateProcessor.finish(LogUpdateProcessorFactory.java:182)\n\tat > >> > org.apache.solr.update.processor.UpdateRequestProcessor.finish(UpdateRequestProcessor.java:80)\n\tat > >> org.apache.solr.update.processor.UpdateRequestProcessor.finish........ > >> > >> Strangely this is happening when we try to hit a non-leader node, > hitting > >> leader node its working fine without any issue and getting the data > indexed. > >> > >> Not able to track down where the exact issue is happening. > >> > >> Thanks, > >> > >> -- > >> Thanks & Regards, > >> Yaswanth Kumar Konathala. > >> yaswanth...@gmail.com > >> > > > > > > -- > > Thanks & Regards, > > Yaswanth Kumar Konathala. > > yaswanth...@gmail.com > -- Thanks & Regards, Yaswanth Kumar Konathala. yaswanth...@gmail.com