1. 首頁
  2. 問答
  3. org.apache.thrift.transport.TTransportException:javax.net.ssl.SSLException:無法識別的SSL消息,明文連接?

org.apache.thrift.transport.TTransportException:javax.net.ssl.SSLException:無法識別的SSL消息,明文連接?

2014-01-15 54 views
5

我試圖在Datastax dse 3.2.3中啓用節點到節點和客戶端到節點的ssl加密。首先,我嘗試啓用節點到節點它工作正常,並開始無任何錯誤,然後我在cassandra.yaml文件中添加了客戶端到節點的加密選項,然後它開始向我投擲錯誤org.apache.thrift.transport.TTransportException:javax.net.ssl.SSLException:無法識別的SSL消息,明文連接?

ERROR [Thrift:1] 2014-01-15 16:22:22,628 TNegotiatingServerTransport.java (line 524) Failed to open server transport. 
org.apache.thrift.transport.TTransportException: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection? 
    at org.apache.thrift.transport.TIOStreamTransport.read(TIOStreamTransport.java:129) 
    at com.datastax.bdp.transport.server.TPreviewableTransport.readUntilEof(TPreviewableTransport.java:79) 
    at com.datastax.bdp.transport.server.TPreviewableTransport.preview(TPreviewableTransport.java:55) 
    at com.datastax.bdp.transport.server.TNegotiatingServerTransport.open(TNegotiatingServerTransport.java:189) 
    at com.datastax.bdp.transport.server.TNegotiatingServerTransport$Factory.getTransport(TNegotiatingServerTransport.java:517) 
    at com.datastax.bdp.transport.server.TNegotiatingServerTransport$Factory.getTransport(TNegotiatingServerTransport.java:408) 
    at org.apache.cassandra.thrift.CustomTThreadPoolServer$WorkerProcess.run(CustomTThreadPoolServer.java:193) 
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) 
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) 
    at java.lang.Thread.run(Thread.java:724) 
Caused by: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection? 
    at sun.security.ssl.InputRecord.handleUnknownRecord(InputRecord.java:671) 
    at sun.security.ssl.InputRecord.read(InputRecord.java:504) 
    at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:927) 
    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312) 
    at sun.security.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:882) 
    at sun.security.ssl.AppInputStream.read(AppInputStream.java:102) 
    at java.io.BufferedInputStream.fill(BufferedInputStream.java:235) 
    at java.io.BufferedInputStream.read1(BufferedInputStream.java:275) 
    at java.io.BufferedInputStream.read(BufferedInputStream.java:334) 
    at org.apache.thrift.transport.TIOStreamTransport.read(TIOStreamTransport.java:127) 
    ... 9 more 
DEBUG [WRITE-/x.x.x.x] 2014-01-15 16:22:27,586 OutboundTcpConnection.java (line 294) attempting to connect to /x.x.x.x 
DEBUG [WRITE-/x.x.x.x] 2014-01-15 16:22:28,508 OutboundTcpConnection.java (line 294) attempting to connect to /x.x.x.x 
ERROR [Thrift:2] 2014-01-15 16:22:32,926 TNegotiatingServerTransport.java (line 524) Failed to open server transport. 
org.apache.thrift.transport.TTransportException: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection? 
    at org.apache.thrift.transport.TIOStreamTransport.read(TIOStreamTransport.java:129) 
    at com.datastax.bdp.transport.server.TPreviewableTransport.readUntilEof(TPreviewableTransport.java:79) 
    at com.datastax.bdp.transport.server.TPreviewableTransport.preview(TPreviewableTransport.java:55) 
    at com.datastax.bdp.transport.server.TNegotiatingServerTransport.open(TNegotiatingServerTransport.java:189) 
    at com.datastax.bdp.transport.server.TNegotiatingServerTransport$Factory.getTransport(TNegotiatingServerTransport.java:517) 
    at com.datastax.bdp.transport.server.TNegotiatingServerTransport$Factory.getTransport(TNegotiatingServerTransport.java:408) 
    at org.apache.cassandra.thrift.CustomTThreadPoolServer$WorkerProcess.run(CustomTThreadPoolServer.java:193) 
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) 
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) 
    at java.lang.Thread.run(Thread.java:724) 
Caused by: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection? 
    at sun.security.ssl.InputRecord.handleUnknownRecord(InputRecord.java:671) 
    at sun.security.ssl.InputRecord.read(InputRecord.java:504) 
    at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:927) 
    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312) 
    at sun.security.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:882) 
    at sun.security.ssl.AppInputStream.read(AppInputStream.java:102) 
    at java.io.BufferedInputStream.fill(BufferedInputStream.java:235) 
    at java.io.BufferedInputStream.read1(BufferedInputStream.java:275) 
    at java.io.BufferedInputStream.read(BufferedInputStream.java:334) 
    at org.apache.thrift.transport.TIOStreamTransport.read(TIOStreamTransport.java:127) 
    ... 9 more

我的cassandra.yaml文件看起來像這樣。

server_encryption_options: 
    internode_encryption: all 
    keystore: /path/to/.keystore 
    keystore_password: xxxxx 
    truststore: /path/to/.truststore 
    truststore_password: xxxxx 



client_encryption_options: 
    enabled: true 
    keystore: /path/to/.keystore 
    keystore_password: xxxxx 
    truststore: /path/to/.truststore 
    truststore_password: xxxxx 
    protocol: ssl 
    store_type: JKS 
    cipher_suites: [TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA]

來源

2014-01-15 Rock

回答

3

此錯誤表示您有客戶端試圖打開未加密的連接。

來源

2014-01-17 08:59:36 beobal

+0

它是一個全新的羣集,集羣中沒有正在進行的寫入或讀取操作。 – Rock

+0

東西必須嘗試連接,由stacktrace證明節點消息不使用節儉 – beobal

+0

我認爲這個問題是與cqlsh相關http://stackoverflow.com/questions/21489774/cqlsh-with-client-到節點的SSL加密 – Rock

相關問題

 相關問題