Closed Tacode closed 3 days ago
按照官方文档对Jraft集群开启SSL,启动服务连接失败 其中的server代码配置:
Jraft
SSL
server
System.setProperty("bolt.server.ssl.enable", "true"); System.setProperty("bolt.server.ssl.clientAuth", "true"); System.setProperty("bolt.server.ssl.keystore", "E:\\opensource\\sofa-jraft\\crt\\bolt.pfx"); System.setProperty("bolt.server.ssl.keystore.password", "sfbolt"); System.setProperty("bolt.server.ssl.keystore.type", "pkcs12"); System.setProperty("bolt.server.ssl.kmf.algorithm", "SunX509"); System.setProperty("bolt.client.ssl.enable", "true"); System.setProperty("bolt.client.ssl.keystore", "E:\\opensource\\sofa-jraft\\crt\\cbolt.pfx"); System.setProperty("bolt.client.ssl.keystore.password", "sfbolt"); System.setProperty("bolt.client.ssl.keystore.type", "pkcs12"); System.setProperty("bolt.client.ssl.tmf.algorithm", "SunX509"); final PlacementDriverOptions pdOpts = PlacementDriverOptionsConfigured.newConfigured().withFake(true).config(); final StoreEngineOptions storeOpts = StoreEngineOptionsConfigured.newConfigured() // .withStorageType(StorageType.RocksDB) .withRocksDBOptions(RocksDBOptionsConfigured.newConfigured().withDbPath(Configs.DB_PATH).config()) .withRaftDataPath(Configs.RAFT_DATA_PATH) .withServerAddress(new Endpoint("127.0.0.1", 8181)) .config(); final RheaKVStoreOptions opts = RheaKVStoreOptionsConfigured.newConfigured() // .withClusterName(Configs.CLUSTER_NAME) // .withUseParallelCompress(true) // .withInitialServerList(Configs.ALL_NODE_ADDRESSES) .withStoreEngineOptions(storeOpts) // .withPlacementDriverOptions(pdOpts) // .config(); System.out.println(opts); final Node node = new Node(opts); node.start(); Runtime.getRuntime().addShutdownHook(new Thread(node::stop)); System.out.println("server1 start OK");
失败日志:
2024-07-03 11:30:28 [JRaft-ElectionTimer-<rhea_example--1/127.0.0.1:8182>0] WARN NodeImpl:2700 - Node <rhea_example--1/127.0.0.1:8182> channel init failed, address=127.0.0.1:8181. 2024-07-03 11:30:28 [Bolt-conn-event-executor-12-thread-1] INFO ClientServiceConnectionEventProcessor:50 - Peer 127.0.0.1:8181 is connected 2024-07-03 11:30:28 [Bolt-conn-event-executor-12-thread-1] INFO ClientServiceConnectionEventProcessor:50 - Peer 127.0.0.1:8181 is connected 2024-07-03 11:30:29 [Bolt-conn-event-executor-10-thread-1] INFO RpcRequestProcessor:514 - Connection disconnected: 127.0.0.1:14842 2024-07-03 11:30:29 [JRaft-ElectionTimer-<rhea_example--1/127.0.0.1:8182>0] INFO NodeImpl:2668 - Node <rhea_example--1/127.0.0.1:8182> term 0 start preVote. 2024-07-03 11:30:29 [Bolt-conn-event-executor-12-thread-1] INFO ClientServiceConnectionEventProcessor:50 - Peer 127.0.0.1:8183 is connected 2024-07-03 11:30:29 [JRaft-ElectionTimer-<rhea_example--1/127.0.0.1:8182>0] ERROR AbstractClientService:156 - Fail to connect 127.0.0.1:8183, remoting exception: com.alipay.remoting.rpc.exception.InvokeSendFailedException: Rpc invocation send failed! the address is 127.0.0.1:8183. 2024-07-03 11:30:29 [JRaft-ElectionTimer-<rhea_example--1/127.0.0.1:8182>0] WARN NodeImpl:2700 - Node <rhea_example--1/127.0.0.1:8182> channel init failed, address=127.0.0.1:8183. 2024-07-03 11:30:29 [JRaft-ElectionTimer-<rhea_example--1/127.0.0.1:8182>0] ERROR AbstractClientService:156 - Fail to connect 127.0.0.1:8181, remoting exception: com.alipay.remoting.rpc.exception.InvokeSendFailedException: Rpc invocation send failed! the address is 127.0.0.1:8181. 2024-07-03 11:30:29 [JRaft-ElectionTimer-<rhea_example--1/127.0.0.1:8182>0] WARN NodeImpl:2700 - Node <rhea_example--1/127.0.0.1:8182> channel init failed, address=127.0.0.1:8181. 2024-07-03 11:30:29 [Bolt-conn-event-executor-12-thread-1] INFO ClientServiceConnectionEventProcessor:50 - Peer 127.0.0.1:8181 is connected 2024-07-03 11:30:29 [Bolt-conn-event-executor-12-thread-1] INFO ClientServiceConnectionEventProcessor:50 - Peer 127.0.0.1:8183 is connected 2024-07-03 11:30:30 [Bolt-conn-event-executor-10-thread-1] INFO RpcRequestProcessor:514 - Connection disconnected: 127.0.0.1:14848 2024-07-03 11:30:30 [Bolt-conn-event-executor-12-thread-1] INFO ClientServiceConnectionEventProcessor:50 - Peer 127.0.0.1:8181 is connected 2024-07-03 11:30:30 [Bolt-conn-event-executor-10-thread-1] INFO RpcRequestProcessor:514 - Connection disconnected: 127.0.0.1:14850 2024-07-03 11:30:31 [JRaft-ElectionTimer-<rhea_example--1/127.0.0.1:8182>0] INFO NodeImpl:2668 - Node <rhea_example--1/127.0.0.1:8182> term 0 start preVote. 2024-07-03 11:30:31 [Bolt-conn-event-executor-12-thread-1] INFO ClientServiceConnectionEventProcessor:50 - Peer 127.0.0.1:8183 is connected 2024-07-03 11:30:31 [JRaft-ElectionTimer-<rhea_example--1/127.0.0.1:8182>0] ERROR AbstractClientService:156 - Fail to connect 127.0.0.1:8183, remoting exception: com.alipay.remoting.rpc.exception.InvokeSendFailedException: Rpc invocation send failed! the address is 127.0.0.1:8183.
Describe your use scenes (why need this feature)
Describe the advice or solution you'd like
java -version
uname -a
咨询一下如何正确开启SSL认证?
问题已解决,官方文档给出生的证书没有将客户端的证书文件导入服务端keystone,同时配置又开启了双向认证,导致失败,建议官方修改一下文档
Your question
按照官方文档对
Jraft
集群开启SSL
,启动服务连接失败 其中的server
代码配置:失败日志:
Your scenes
Describe your use scenes (why need this feature)
Your advice
Describe the advice or solution you'd like
Environment
java -version
): jdk17uname -a
): windows咨询一下如何正确开启SSL认证?