SpringBoot 连接kafka ssl 报 CertificateException: No subject alternative names present 异常解决
2019-10-09 11:54
3763 查看
当使用较新版本SpringBoot时,对应的 kafka-client 版本也比较新,如果使用了 2.x 以上的 kafka-client ,并且配置了 kafka ssl 连接方式时,可能会报如下异常:
javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack? ..... org.apache.kafka.common.errors.SslAuthenticationException: SSL handshake failed Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem ..... Caused by: java.security.cert.CertificateException: No subject alternative names present ..... 2019-10-09 10:12:55.683 DEBUG 23524 --- [ main] o.s.kafka.core.KafkaTemplate : Failed to send: ProducerRecord .....
该原因是因为新版本 kafka-client 会校验证书的主机名,配置忽略主机名校验即可。
配置方法主要代码如下:
spring: kafka: properties: ssl: endpoint: identification: algorithm: ''
另附SpringBoot 使用 ssl 证书连接 kafka 完整配置如下:
########## kafka ########## spring: kafka: producer: batch-size: 16384 retries: 1 buffer-memory: 33554432 bootstrap-servers: 192.168.1.100:9092 value-serializer: org.apache.kafka.common.serialization.StringSerializer key-serializer: org.apache.kafka.common.serialization.StringSerializer consumer: group-id: test-group-001 auto-offset-reset: earliest auto-commit-interval: 100 bootstrap-servers: 192.168.1.100:9092 value-deserializer: org.apache.kafka.common.serialization.StringDeserializer key-deserializer: org.apache.kafka.common.serialization.StringDeserializer enable-auto-commit: true ssl: protocol: SSL trust-store-type: JKS trust-store-location: file:D:/source-files/kafka/kafkatest.client.truststore.test.jks trust-store-password: 123456 key-store-type: JKS key-store-location: file:D:/source-files/kafka/kafkatest.client.keystore.test.jks key-store-password: 123456 key-password: 123456 properties: ssl: endpoint: identification: algorithm: '' security: protocol: SSL
问题解决。
相关文章推荐
- “No subject alternative names present” 异常解决
- Spring Boot忽略https证书:No subject alternative names present
- “No subject alternative names present” 异常解决
- Getting error "No subject alternative names" when doing secure URL connection(针对处理https连接的安全异常)(转:http://www.coderanch.com/t/134
- No subject alternative names present和 PKIX path building failed... 的解决
- 用idea整合springboot与mybatis,并解决数据库连接的异常
- java.security.cert.CertificateException: No subject alternative names present
- 【java细节】Java代码忽略https证书:No subject alternative names present
- 关于springboot项目连接数据库No operations allowed after connection closed的解决
- Caused by: java.security.cert.CertificateException: No subject alternative names present
- Spring Boot 2.1.x 连接 ElasticSearch Connection refused: no further information 异常处理
- SpringBoot+Mybatis+MySQL,调用存储过程报错解决办法:No enum constant org.apache.ibatis.type.JdbcType.Integer
- Android SDK 更新时连接出现“https://dl-ssl.google.com refused”异常解决办法
- 《Springboot极简教程》问题解决:Springboot启动报错 Whitelabel Error Page: This application has no explicit mapping for
- SpringBoot @Transactional 中捕获异常并回滚解决方法
- IDEA建Boot项目无法连接https://start.spring.iona解决
- Spring Boot 406(type=Not Acceptable, status=406)异常解决办法
- springboot springmvc抛出全局异常的解决方法
- springboot解决utf8mb4类型连接
- 解决NoSuchMethodError with Spring MutableValues异常问题