[
https://issues.apache.org/jira/browse/GEODE-8144?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17112519#comment-17112519
]
ASF GitHub Bot commented on GEODE-8144:
---------------------------------------
Bill commented on pull request #5131:
URL: https://github.com/apache/geode/pull/5131#issuecomment-631650854
Bruce's idea yesterday, of eliminating the numeric IP referencing the local
locator (up) in locator launcher seems like a good one. Jake thought that the
`--bind-address` arg to `gfsh locator start` should do the trick: if that's a
name (not an IP number) it should be passed right through as the way to reach
the local locator.
I spent a little time experimenting with that this morning to try and find
exactly where that reference to the local locator was being generated, and how
to fix it. Here's a test I've been experimenting with (added to
`LocatorLauncherIntegrationTest`):
```
@Test
public void symbolicBindAddressUsedToStartLocator() throws Exception {
// given: a new builder
Builder builder = new Builder();
// when: parsing a symbolic (not-an-IP-number) bind address
builder.parseArguments("start", "--bind-address", "foo");
assertThat(builder.getBindAddress()).isEqualTo(InetAddress.getByName("foo"));
final LocatorLauncher launcher = builder.build();
final Properties dsps = launcher.getDistributedSystemProperties();
// fails: properties has only one property: "name"="foo" ugh
//assertThat(dsps).containsKey(BIND_ADDRESS);
final DistributionConfigImpl distributionConfig = new
DistributionConfigImpl(dsps);
// then: no numeric bind addy's in start command args
// fails: no start locator!
//assertThat(distributionConfig.getStartLocator()).isEqualTo("foo");
// fails: no locators at all
assertThat(distributionConfig.getLocators()).isEqualTo("foo");
}
```
It'll take some more chasing to find it.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
> endpoint identification in servers is not working
> -------------------------------------------------
>
> Key: GEODE-8144
> URL: https://issues.apache.org/jira/browse/GEODE-8144
> Project: Geode
> Issue Type: Bug
> Components: membership, messaging
> Reporter: Bruce J Schuchardt
> Priority: Major
>
> *update 5/20/2020*: this needs to be ported to 1.13 so it's picked up ASAP by
> TGF for VMs.
> If you enable endpoint identification in a server the server will not start.
> It will log exceptions like this:
>
> {noformat}
> javax.net.ssl.SSLHandshakeException: General SSLEngine problem
> at sun.security.ssl.Handshaker.checkThrown(Handshaker.java:1566)
> at
> sun.security.ssl.SSLEngineImpl.checkTaskThrown(SSLEngineImpl.java:545)
> at
> sun.security.ssl.SSLEngineImpl.writeAppRecord(SSLEngineImpl.java:1217)
> at sun.security.ssl.SSLEngineImpl.wrap(SSLEngineImpl.java:1185)
> at javax.net.ssl.SSLEngine.wrap(SSLEngine.java:471)
> at
> org.apache.geode.internal.net.NioSslEngine.handshake(NioSslEngine.java:158)
> at
> org.apache.geode.internal.net.SocketCreator.handshakeSSLSocketChannel(SocketCreator.java:597)
> at
> org.apache.geode.internal.tcp.Connection.createIoFilter(Connection.java:1731)
> at org.apache.geode.internal.tcp.Connection.<init>(Connection.java:1167)
> at
> org.apache.geode.internal.tcp.Connection.createSender(Connection.java:1004)
> at
> org.apache.geode.internal.tcp.ConnectionTable.handleNewPendingConnection(ConnectionTable.java:288)
> at
> org.apache.geode.internal.tcp.ConnectionTable.getSharedConnection(ConnectionTable.java:392)
> at
> org.apache.geode.internal.tcp.ConnectionTable.get(ConnectionTable.java:571)
> at
> org.apache.geode.internal.tcp.TCPConduit.getConnection(TCPConduit.java:800)
> at
> org.apache.geode.distributed.internal.direct.DirectChannel.getConnections(DirectChannel.java:451)
> at
> org.apache.geode.distributed.internal.direct.DirectChannel.sendToMany(DirectChannel.java:268)
> at
> org.apache.geode.distributed.internal.direct.DirectChannel.sendToOne(DirectChannel.java:182)
> at
> org.apache.geode.distributed.internal.direct.DirectChannel.send(DirectChannel.java:510)
> at
> org.apache.geode.distributed.internal.DistributionImpl.directChannelSend(DistributionImpl.java:346)
> at
> org.apache.geode.distributed.internal.DistributionImpl.send(DistributionImpl.java:291)
> at
> org.apache.geode.distributed.internal.ClusterDistributionManager.sendViaMembershipManager(ClusterDistributionManager.java:2058)
> at
> org.apache.geode.distributed.internal.ClusterDistributionManager.sendOutgoing(ClusterDistributionManager.java:1986)
> at
> org.apache.geode.distributed.internal.StartupOperation.sendStartupMessage(StartupOperation.java:74)
> at
> org.apache.geode.distributed.internal.ClusterDistributionManager.sendStartupMessage(ClusterDistributionManager.java:1623)
> at
> org.apache.geode.distributed.internal.ClusterDistributionManager.create(ClusterDistributionManager.java:361)
> at
> org.apache.geode.distributed.internal.InternalDistributedSystem.initialize(InternalDistributedSystem.java:779)
> at
> org.apache.geode.distributed.internal.InternalDistributedSystem.access$200(InternalDistributedSystem.java:135)
> at
> org.apache.geode.distributed.internal.InternalDistributedSystem$Builder.build(InternalDistributedSystem.java:3033)
> at
> org.apache.geode.distributed.internal.InternalDistributedSystem.connectInternal(InternalDistributedSystem.java:290)
> at
> org.apache.geode.distributed.internal.InternalDistributedSystem.connectInternal(InternalDistributedSystem.java:216)
> at
> org.apache.geode.distributed.DistributedSystem.connect(DistributedSystem.java:159)
> at src.EntryConsumer.initialize(EntryConsumer.java:69)
> at src.EntryConsumer.main(EntryConsumer.java:340)
> Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem
> at sun.security.ssl.Alerts.getSSLException(Alerts.java:198)
> at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1729)
> at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:333)
> at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:325)
> at
> sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1688)
> at
> sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:226)
> at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1082)
> at sun.security.ssl.Handshaker$1.run(Handshaker.java:1015)
> at sun.security.ssl.Handshaker$1.run(Handshaker.java:1012)
> at java.security.AccessController.doPrivileged(Native Method)
> at sun.security.ssl.Handshaker$DelegatedTask.run(Handshaker.java:1504)
> at
> org.apache.geode.internal.net.NioSslEngine.handleBlockingTasks(NioSslEngine.java:225)
> at
> org.apache.geode.internal.net.NioSslEngine.handshake(NioSslEngine.java:185)
> ... 27 more
> Caused by: java.security.cert.CertificateException: No subject alternative
> names matching IP address 10.118.26.62 found
> at sun.security.util.HostnameChecker.matchIP(HostnameChecker.java:168)
> at sun.security.util.HostnameChecker.match(HostnameChecker.java:94)
> at
> sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:462)
> at
> sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:442)
> at
> sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:261)
> at
> sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:144)
> at
> sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1675)
> ... 35 more
> {noformat}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
