Hi Jacob, Did you check logs for zookeeper server? I would suggest adding -Djavax.net.debug=ssl to JVM arguments for both zookeeper server and zkCli. This will give you an idea if connection fails during SSL handshake.
-- On 8/11/16, 12:54 PM, "jsmullin" <[email protected]> wrote: >Hi there, I've been struggling for some time to get SSL working with my >3.5.1 >version of Zookeeper. My end goal is to secure my communication between >zookeeper and mesos, I am trying a simple technique of adding everything >detailed in the SSL dedicated user guide to my zkEnv.sh. I then run my >server feeding it everything such as secureClientPort = 2281 etc in the >zoo.cfg. I then run my bin/zkCli.sh -server localhost:2281 and seem to be >running into issues there, the logs spit out, >2016-08-11 19:40:20,602 [myid:] - INFO >[main-SendThread(localhost:2281):ClientCnxnSocketNetty$ZKClientPipelineFac >tory@363] >- SSL handler added for channel: null >2016-08-11 19:40:20,608 [myid:] - INFO [New I/O worker >#2:ClientCnxn$SendThread@980] - Socket connection established, initiating >session, client: /0:0:0:0:0:0:0:1:60824, server: >localhost/0:0:0:0:0:0:0:1:2281 >2016-08-11 19:40:20,608 [myid:] - INFO [New I/O worker >#2:ClientCnxnSocketNetty$1@146] - channel is connected: [id: 0x053cfca8, >/0:0:0:0:0:0:0:1:60824 => localhost/0:0:0:0:0:0:0:1:2281] >2016-08-11 19:40:35,610 [myid:] - INFO >[main-SendThread(localhost:2281):ClientCnxn$SendThread@1251] - Client >session timed out, have not heard from server in 15002ms for sessionid >0x0, >closing socket connection and attempting reconnect >2016-08-11 19:40:35,611 [myid:] - INFO [New I/O worker >#2:ClientCnxnSocketNetty$ZKClientHandler@377] - channel is disconnected: >[id: 0x053cfca8, /0:0:0:0:0:0:0:1:60824 :> localhost/0:0:0:0:0:0:0:1:2281] >2016-08-11 19:40:35,611 [myid:] - INFO [New I/O worker >#2:ClientCnxnSocketNetty@201] - channel is told closing >2016-08-11 19:40:35,612 [myid:] - WARN [New I/O worker >#2:ClientCnxnSocketNetty$ZKClientHandler@432] - Exception caught: [id: >0x053cfca8, /0:0:0:0:0:0:0:1:60824 :> localhost/0:0:0:0:0:0:0:1:2281] >EXCEPTION: java.nio.channels.ClosedChannelException >java.nio.channels.ClosedChannelException > at >org.jboss.netty.handler.ssl.SslHandler$6.run(SslHandler.java:1580) > at >org.jboss.netty.channel.socket.ChannelRunnableWrapper.run(ChannelRunnableW >rapper.java:40) > at >org.jboss.netty.channel.socket.nio.AbstractNioWorker.executeInIoThread(Abs >tractNioWorker.java:71) > at >org.jboss.netty.channel.socket.nio.NioWorker.executeInIoThread(NioWorker.j >ava:36) > at >org.jboss.netty.channel.socket.nio.AbstractNioWorker.executeInIoThread(Abs >tractNioWorker.java:57) > at >org.jboss.netty.channel.socket.nio.NioWorker.executeInIoThread(NioWorker.j >ava:36) > at >org.jboss.netty.channel.socket.nio.AbstractNioChannelSink.execute(Abstract >NioChannelSink.java:34) > at >org.jboss.netty.handler.ssl.SslHandler.channelClosed(SslHandler.java:1566) > at >org.jboss.netty.channel.Channels.fireChannelClosed(Channels.java:468) > at >org.jboss.netty.channel.socket.nio.AbstractNioWorker.close(AbstractNioWork >er.java:376) > at >org.jboss.netty.channel.socket.nio.NioClientSocketPipelineSink.eventSunk(N >ioClientSocketPipelineSink.java:58) > at org.jboss.netty.channel.Channels.close(Channels.java:828) > at >org.jboss.netty.handler.ssl.SslHandler$ClosingChannelFutureListener.operat >ionComplete(SslHandler.java:1485) > at >org.jboss.netty.channel.DefaultChannelFuture.notifyListener(DefaultChannel >Future.java:427) > at >org.jboss.netty.channel.DefaultChannelFuture.notifyListeners(DefaultChanne >lFuture.java:418) > at >org.jboss.netty.channel.DefaultChannelFuture.setSuccess(DefaultChannelFutu >re.java:362) > at >org.jboss.netty.channel.socket.nio.AbstractNioWorker.write0(AbstractNioWor >ker.java:221) > at >org.jboss.netty.channel.socket.nio.AbstractNioWorker.writeFromTaskLoop(Abs >tractNioWorker.java:152) > at >org.jboss.netty.channel.socket.nio.AbstractNioChannel$WriteTask.run(Abstra >ctNioChannel.java:335) > at >org.jboss.netty.channel.socket.nio.AbstractNioSelector.processTaskQueue(Ab >stractNioSelector.java:366) > at >org.jboss.netty.channel.socket.nio.AbstractNioSelector.run(AbstractNioSele >ctor.java:290) > at >org.jboss.netty.channel.socket.nio.AbstractNioWorker.run(AbstractNioWorker >.java:90) > at >org.jboss.netty.channel.socket.nio.NioWorker.run(NioWorker.java:178) > at >java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java: >1142) > at >java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java >:617) > at java.lang.Thread.run(Thread.java:745) >Any help or guidance to my long term goal would be very appreciated as the >info about zookeeper and enabling SSL is slim to none. I can post my >configs >etc, anything you need! > > > >-- >View this message in context: >http://zookeeper-user.578899.n2.nabble.com/SSL-between-java-client-and-zoo >keeper-tp7582421p7582558.html >Sent from the zookeeper-user mailing list archive at Nabble.com.
