SpringBoot connection kafka ssl newspaper CertificateException: No subject alternative names present abnormal solve

Others 2019-10-09 14:09:10 views: null

When a newer version SpringBoot, corresponding kafka-client version is newer, if using more than 2.x kafka-client, and it is configured Kafka SSL connections, may report the following exception:

javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack?

.....

org.apache.kafka.common.errors.SslAuthenticationException: SSL handshake failed
Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem

.....

Caused by: java.security.cert.CertificateException: No subject alternative names present

.....

2019-10-09 10:12:55.683 DEBUG 23524 --- [           main] o.s.kafka.core.KafkaTemplate             : Failed to send: ProducerRecord

.....

 

The reason is because the host name of the new version kafka-client calibration certificate will, hostname verification can be configured to ignore.

The main configuration code is as follows:

1 spring:
2   kafka:
3     properties:
4       ssl:
5         endpoint:
6           identification:
7             algorithm: ''

 

Attached SpringBoot connected kafka complete the ssl certificate configured as follows:

 1 ########## kafka ##########
 2 spring:
 3   kafka:
 4     producer:
 5       batch-size: 16384
 6       retries: 1
 7       buffer-memory: 33554432
 8       bootstrap-servers: 192.168.1.100:9092
 9       value-serializer: org.apache.kafka.common.serialization.StringSerializer
10       key-serializer: org.apache.kafka.common.serialization.StringSerializer
11     consumer:
12       group-id: test-group-001
13       auto-offset-reset: earliest
14       auto-commit-interval: 100
15       bootstrap-servers: 192.168.1.100:9092
16       value-deserializer: org.apache.kafka.common.serialization.StringDeserializer
17       key-deserializer: org.apache.kafka.common.serialization.StringDeserializer
18       enable-auto-commit: true
19     ssl:
20       protocol: SSL
21       trust-store-type: JKS
22       trust-store-location: file:D:/source-files/kafka/kafkatest.client.truststore.test.jks
23       trust-store-password: 123456
24       key-store-type: JKS
25       key-store-location: file:D:/source-files/kafka/kafkatest.client.keystore.test.jks
26       key-store-password: 123456
27       key-password: 123456
28     properties:
29       ssl:
30         endpoint:
31           identification:
32             algorithm: ''
33       security:
34         protocol: SSL

 

problem solved.

 

Guess you like

Origin www.cnblogs.com/moonciki/p/11640883.html
Recommended
NetBSD bans submission of code generated by AI
Ranking
Talk dubbo of LRUCache
Chapter 1 Learning Summary
Introduction to Virtualization
pytorch 调用lstm
Six modules
[8086] The natural number of 1 to 36 into a 6x6 two-dimensional array of line-sequentially, and then print out the lower left half of the triangular array
mybatis mapper mapping file $ # {} {} understanding and
C language input and output buffer
c language floating-point input and output
andorid P version compatible, refer to Huawei
Daily
More
2024-05-18(31)
2024-05-17(6)
2024-05-16(23)
2024-05-15(5)
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)

Code World

© 2018 codetd.com