Hi Jan, Thanks for your reply.
I have found that the issue is due to SOLR_SSL_KEY_STORE_TYPE env default was set to PKS12, while in my previous version it was JKS. Regards, Edwin On Thu, 28 May 2020 at 21:08, Jan Høydahl <jan....@cominvent.com> wrote: > I also believe this is due to keystore format confusion. > How exactly do you generate your keystore, what is the keystore file > named, and do you specify the SOLR_SSL_KEY_STORE_TYPE env? > > Jan > > > 28. mai 2020 kl. 04:03 skrev Zheng Lin Edwin Yeo <edwinye...@gmail.com>: > > > > Hi Mike, > > > > Thanks for your reply. > > > > Yes, I have SSL enabled in 8.2.1 as well. The error is there even it I > use > > the same certificate for 8.2.1, which was working fine there. > > I have also generated the certificate for both 8.2.1 and 8.5.1 by the > same > > method. > > > > Is there any changes between these 2 versions that would have affected > > this? (Eg: there are changes in the way we generate the certificate) > > > > Regards, > > Edwin > > > > On Wed, 27 May 2020 at 04:23, Mike Drob <md...@apache.org> wrote: > > > >> Did you have SSL enabled with 8.2.1? > >> > >> The error looks common to certificate handling and not specific to Solr. > >> > >> I would verify that you have no extra characters in your certificate > file > >> (including line endings) and that the keystore type that you specified > >> matches the file you are presenting (JKS or PKCS12) > >> > >> Mike > >> > >> On Sat, May 23, 2020 at 10:11 PM Zheng Lin Edwin Yeo < > edwinye...@gmail.com > >>> > >> wrote: > >> > >>> Hi, > >>> > >>> I'm trying to upgrade from Solr 8.2.1 to Solr 8.5.1, with Solr SSL > >>> Authentication and Authorization. > >>> > >>> However, I get the following error when I enable SSL. The Solr itself > can > >>> start up if there is no SSL. The main error that I see is this > >>> > >>> java.io.IOException: DerInputStream.getLength(): lengthTag=109, too > >> big. > >>> > >>> What could be the reason that causes this? > >>> > >>> > >>> INFO - 2020-05-24 10:38:20.080; > >>> org.apache.solr.util.configuration.SSLConfigurations; Setting > >>> javax.net.ssl.keyStorePassword > >>> INFO - 2020-05-24 10:38:20.081; > >>> org.apache.solr.util.configuration.SSLConfigurations; Setting > >>> javax.net.ssl.trustStorePassword > >>> Waiting up to 120 to see Solr running on port 8983 > >>> java.lang.reflect.InvocationTargetException > >>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > >>> at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) > >>> at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown > >> Source) > >>> at java.lang.reflect.Method.invoke(Unknown Source) > >>> at org.eclipse.jetty.start.Main.invokeMain(Main.java:218) > >>> at org.eclipse.jetty.start.Main.start(Main.java:491) > >>> at org.eclipse.jetty.start.Main.main(Main.java:77)d > >>> Caused by: java.security.PrivilegedActionException: > java.io.IOException: > >>> DerInputStream.getLength(): lengthTag=109, too big. > >>> at java.security.AccessController.doPrivileged(Native Method) > >>> at > >>> org.eclipse.jetty.xml.XmlConfiguration.main(XmlConfiguration.java:1837) > >>> ... 7 more > >>> Caused by: java.io.IOException: DerInputStream.getLength(): > >> lengthTag=109, > >>> too big. > >>> at sun.security.util.DerInputStream.getLength(Unknown Source) > >>> at sun.security.util.DerValue.init(Unknown Source) > >>> at sun.security.util.DerValue.<init>(Unknown Source) > >>> at sun.security.util.DerValue.<init>(Unknown Source) > >>> at sun.security.pkcs12.PKCS12KeyStore.engineLoad(Unknown Source) > >>> at java.security.KeyStore.load(Unknown Source) > >>> at > >>> > >>> > >> > org.eclipse.jetty.util.security.CertificateUtils.getKeyStore(CertificateUtils.java:54) > >>> at > >>> > >>> > >> > org.eclipse.jetty.util.ssl.SslContextFactory.loadKeyStore(SslContextFactory.java:1188) > >>> at > >>> > >>> > >> > org.eclipse.jetty.util.ssl.SslContextFactory.load(SslContextFactory.java:323) > >>> at > >>> > >>> > >> > org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:245) > >>> at > >>> > >>> > >> > org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72) > >>> at > >>> > >>> > >> > org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:169) > >>> at > >>> > >>> > >> > org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117) > >>> at > >>> > >>> > >> > org.eclipse.jetty.server.SslConnectionFactory.doStart(SslConnectionFactory.java:92) > >>> at > >>> > >>> > >> > org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72) > >>> at > >>> > >>> > >> > org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:169) > >>> at > >>> > >>> > >> > org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117) > >>> at > >>> > >>> > >> > org.eclipse.jetty.server.AbstractConnector.doStart(AbstractConnector.java:320) > >>> at > >>> > >>> > >> > org.eclipse.jetty.server.AbstractNetworkConnector.doStart(AbstractNetworkConnector.java:81) > >>> at > >>> > >> > org.eclipse.jetty.server.ServerConnector.doStart(ServerConnector.java:231) > >>> at > >>> > >>> > >> > org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72) > >>> at org.eclipse.jetty.server.Server.doStart(Server.java:385) > >>> at > >>> > >>> > >> > org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72) > >>> at > >>> > >>> > >> > org.eclipse.jetty.xml.XmlConfiguration.lambda$main$0(XmlConfiguration.java:1888) > >>> ... 9 more > >>> java.lang.reflect.InvocationTargetException > >>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > >>> at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) > >>> at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown > >> Source) > >>> at java.lang.reflect.Method.invoke(Unknown Source) > >>> at org.eclipse.jetty.start.Main.invokeMain(Main.java:218) > >>> at org.eclipse.jetty.start.Main.start(Main.java:491) > >>> at org.eclipse.jetty.start.Main.main(Main.java:77) > >>> Caused by: java.security.PrivilegedActionException: > java.io.IOException: > >>> DerInputStream.getLength(): lengthTag=109, too big. > >>> at java.security.AccessController.doPrivileged(Native Method) > >>> at > >>> org.eclipse.jetty.xml.XmlConfiguration.main(XmlConfiguration.java:1837) > >>> ... 7 more > >>> Caused by: java.io.IOException: DerInputStream.getLength(): > >> lengthTag=109, > >>> too big. > >>> at sun.security.util.DerInputStream.getLength(Unknown Source) > >>> at sun.security.util.DerValue.init(Unknown Source) > >>> at sun.security.util.DerValue.<init>(Unknown Source) > >>> at sun.security.util.DerValue.<init>(Unknown Source) > >>> at sun.security.pkcs12.PKCS12KeyStore.engineLoad(Unknown Source) > >>> at java.security.KeyStore.load(Unknown Source) > >>> at > >>> > >>> > >> > org.eclipse.jetty.util.security.CertificateUtils.getKeyStore(CertificateUtils.java:54) > >>> at > >>> > >>> > >> > org.eclipse.jetty.util.ssl.SslContextFactory.loadKeyStore(SslContextFactory.java:1188) > >>> at > >>> > >>> > >> > org.eclipse.jetty.util.ssl.SslContextFactory.load(SslContextFactory.java:323) > >>> at > >>> > >>> > >> > org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:245) > >>> at > >>> > >>> > >> > org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72) > >>> at > >>> > >>> > >> > org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:169) > >>> at > >>> > >>> > >> > org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117) > >>> at > >>> > >>> > >> > org.eclipse.jetty.server.SslConnectionFactory.doStart(SslConnectionFactory.java:92) > >>> at > >>> > >>> > >> > org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72) > >>> at > >>> > >>> > >> > org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:169) > >>> at > >>> > >>> > >> > org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117) > >>> at > >>> > >>> > >> > org.eclipse.jetty.server.AbstractConnector.doStart(AbstractConnector.java:320) > >>> at > >>> > >>> > >> > org.eclipse.jetty.server.AbstractNetworkConnector.doStart(AbstractNetworkConnector.java:81) > >>> at > >>> > >> > org.eclipse.jetty.server.ServerConnector.doStart(ServerConnector.java:231) > >>> at > >>> > >>> > >> > org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72) > >>> at org.eclipse.jetty.server.Server.doStart(Server.java:385) > >>> at > >>> > >>> > >> > org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72) > >>> at > >>> > >>> > >> > org.eclipse.jetty.xml.XmlConfiguration.lambda$main$0(XmlConfiguration.java:1888) > >>> ... 9 more > >>> > >>> Usage: java -jar $JETTY_HOME/start.jar [options] [properties] [configs] > >>> java -jar $JETTY_HOME/start.jar --help # for more information > >>> > >>> Regards, > >>> Edwin > >>> > >> > >
