Thanks for reporting back, Vaibhav. -Flavio
> On 17 Jun 2016, at 22:04, Vaibhav Devekar <[email protected]> wrote: > > Never mind, I figured that out. Quite silly of me. I did not realize that > CLIENT_JVMFLAGS was meant not just for zkCli but also for java clients! > > I was providing the keystore and trustore values via the java.net.ssl > arguments. Having these separate JVM arguments does make sense. One may > want the SSL to be limited to zookeeper connections only. > > > --- > Vaibhav Devekar > > > > On Fri, Jun 17, 2016 at 1:14 PM, Devekar, Vaibhav < > [email protected]> wrote: > >> I¹m using 3.5.1-alpha. I did forget to update the version for the java >> library. Thank you for pointing that out. However, I still get the same >> error after using the latest. >> Is the zookeeper API supposed to work out of the box? The only thing I did >> was add keystore and trustore values as JVM arguments to tomcat. I also >> configured them in tomcat¹s server.xml >> >> >> -- >> Vaibhav Devekar >> Dotcom-Search | Seattle Dev Lab >> >> >> >> >> On 6/17/16, 1:39 AM, "Flavio Junqueira" <[email protected]> wrote: >> >>> Hi there, >>> >>> Which version of the client are you using? This is available only on the >>> 3.5 branch and trunk. >>> >>> -Flavio >>> >>>> On 17 Jun 2016, at 00:29, Vaibhav Devekar <[email protected]> >>>> wrote: >>>> >>>> Re-sending since I probably wasn't subscribed before. >>>> >>>> --- >>>> Vaibhav Devekar >>>> >>>> >>>> >>>> On Thu, Jun 16, 2016 at 4:23 PM, Vaibhav Devekar >>>> <[email protected]> >>>> wrote: >>>> >>>>> Hi all, >>>>> >>>>> I'm using zookeeper for dynamic config management among spring apps >>>>> hosted >>>>> on many servers. I'm trying to employ SSL for communication between >>>>> these >>>>> java app and zookeeper since these properties can be sensitive >>>>> information >>>>> such as database passwords. >>>>> >>>>> Based on this guide - >>>>> >>>>> >> https://cwiki.apache.org/confluence/display/ZOOKEEPER/ZooKeeper+SSL+User >>>>> +Guide, >>>>> I was able to test out SSL for zkCli and zookeeper. I was also able to >>>>> verify that two java web apps can do 2-way SSL with each other. I'm now >>>>> trying to do the same with a java client(spring webapp) and zookeeper. >>>>> However, it hasn't worked so far. The zookeeper log says: >>>>> >>>>> 2016-06-16 14:42:56,379 [myid:] - WARN [New I/O worker >>>>> #21:NettyServerCnxnFactory$CnxnChannelHandler@141] - Exception caught >>>>> [id: 0x265bca3f, /fe80:0:0:0:0:0:0:1%1:61137 => >>>>> /fe80:0:0:0:0:0:0:1%1:2281] >>>>> EXCEPTION: org.jboss.netty.handler.ssl.NotSslRecordException: not an >>>>> SSL/TLS record: >>>>> >>>>> 0000002d0000000000000000000000000000ea6000000000000000000000001000000000 >>>>> 00000000000000000000000000 >>>>> org.jboss.netty.handler.ssl.NotSslRecordException: not an SSL/TLS >>>>> record: >>>>> >>>>> 0000002d0000000000000000000000000000ea6000000000000000000000001000000000 >>>>> 00000000000000000000000000 >>>>> >>>>> >>>>> Any pointers would be great. Does java API for zookeeper even support >>>>> SSL? >>>>> >>>>> Code example: https://github.com/devekar/sslDemo >>>>> >>>>> Thank you. >>>>> >>>>> --- >>>>> Vaibhav Devekar >>>>> >>>>> >>>>> >>> >> >>
