Stacktrace when trying to run a distributed database with SSL

[dashawn888]

OrientDB Version, operating system, or hardware.

• v2.2.12

Operating System

• Linux
  uname -a
  Linux ubuntu 4.4.0-42-generic Support for ENUM on class schema [moved] #62-Ubuntu SMP Fri Oct 7 23:11:45 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux

Java

java -version
java version "1.8.0_111"
Java(TM) SE Runtime Environment (build 1.8.0_111-b14)
Java HotSpot(TM) 64-Bit Server VM (build 25.111-b14, mixed mode)

Expected behavior and actual behavior

It appears to drop the connection after a negotiation and doesn't communicate over SSL or default.

Thanks for the help

Steps to reproduce the problem

Run through the keygen process at
http://orientdb.com/docs/2.0/orientdb.wiki/Using-SSL-with-OrientDB.html

Add

To your orientdb-server.config.xml
under the

line.

Do the same for the second server. Transfer the keys over to the second server and run both of them

./bin/dserver.sh

Trace

Members [2] {
Member [192.168.171.136]:2435
Member [192.168.171.135]:2435 this
}
[ClusterService]
2016-11-04 10:54:11:850 INFO [192.168.171.135]:2435 [orientdb] [3.6.5] Address[192.168.171.135]:2435 is STARTED [LifecycleService]
2016-11-04 10:54:11:851 INFO Starting distributed server 'test2' (hzID=83b34a90-c80e-4a6a-bbec-2b030d3ef72c)... [OHazelcastPlugin]
2016-11-04 10:54:11:945 WARNI [test2] Servers in cluster: [test2, test] [OHazelcastPlugin][test2] Error on starting distributed plugin
com.orientechnologies.orient.enterprise.channel.binary.ONetworkProtocolException: Cannot read protocol version from remote server /192.168.171.136:2434: java.net.SocketTimeoutException: Read timed out
at com.orientechnologies.orient.client.binary.OChannelBinaryClientAbstract.(OChannelBinaryClientAbstract.java:87)
at com.orientechnologies.orient.client.binary.OChannelBinarySynchClient.(OChannelBinarySynchClient.java:32)
at com.orientechnologies.orient.server.distributed.ORemoteServerChannel.connect(ORemoteServerChannel.java:104)
at com.orientechnologies.orient.server.distributed.ORemoteServerChannel.(ORemoteServerChannel.java:72)
at com.orientechnologies.orient.server.distributed.ORemoteServerController.(ORemoteServerController.java:50)
at com.orientechnologies.orient.server.hazelcast.OHazelcastPlugin.getRemoteServer(OHazelcastPlugin.java:535)
at com.orientechnologies.orient.server.hazelcast.OHazelcastPlugin.startup(OHazelcastPlugin.java:207)
at com.orientechnologies.orient.server.OServer.registerPlugins(OServer.java:1239)
at com.orientechnologies.orient.server.OServer.activate(OServer.java:397)
at com.orientechnologies.orient.server.OServerMain$1.run(OServerMain.java:46)
com.orientechnologies.orient.server.distributed.ODistributedStartupException: Error on starting distributed plugin
at com.orientechnologies.orient.server.hazelcast.OHazelcastPlugin.startup(OHazelcastPlugin.java:247)
at com.orientechnologies.orient.server.OServer.registerPlugins(OServer.java:1239)
at com.orientechnologies.orient.server.OServer.activate(OServer.java:397)
at com.orientechnologies.orient.server.OServerMain$1.run(OServerMain.java:46)
Caused by: com.orientechnologies.orient.enterprise.channel.binary.ONetworkProtocolException: Cannot read protocol version from remote server /192.168.171.136:2434: java.net.SocketTimeoutException: Read timed out
at com.orientechnologies.orient.client.binary.OChannelBinaryClientAbstract.(OChannelBinaryClientAbstract.java:87)
at com.orientechnologies.orient.client.binary.OChannelBinarySynchClient.(OChannelBinarySynchClient.java:32)
at com.orientechnologies.orient.server.distributed.ORemoteServerChannel.connect(ORemoteServerChannel.java:104)
at com.orientechnologies.orient.server.distributed.ORemoteServerChannel.(ORemoteServerChannel.java:72)
at com.orientechnologies.orient.server.distributed.ORemoteServerController.(ORemoteServerController.java:50)
at com.orientechnologies.orient.server.hazelcast.OHazelcastPlugin.getRemoteServer(OHazelcastPlugin.java:535)
at com.orientechnologies.orient.server.hazelcast.OHazelcastPlugin.startup(OHazelcastPlugin.java:207)
... 3 more
Error on client connection
javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:992)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:747)
at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:123)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82)
at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140)
at java.io.DataOutputStream.flush(DataOutputStream.java:123)
at com.orientechnologies.orient.enterprise.channel.binary.OChannelBinary.flush(OChannelBinary.java:324)
at com.orientechnologies.orient.server.network.protocol.binary.ONetworkProtocolBinary.config(ONetworkProtocolBinary.java:152)
at com.orientechnologies.orient.server.network.OServerNetworkListener.run(OServerNetworkListener.java:216)
Caused by: java.io.EOFException: SSL peer shut down incorrectly
at sun.security.ssl.InputRecord.read(InputRecord.java:505)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:973)
... 9 more

[tglman]

hi @dashawn888,

Just to double check, in case of distributed each node behave as server and client, so you need to configure in the <properties> of the orientdb-server-config.xml all the client configurations : http://orientdb.com/docs/2.0/orientdb.wiki/Using-SSL-with-OrientDB.html#configuring-client have you done this step?

Bye

[dashawn888]

Ok. It looks like when I ran this on both services it worked.

Thanks for the help.

./bin/dserver.sh -Dclient.ssl.enabled=true
-Djavax.net.ssl.keyStore=/opt/orientdb-community-2.2.12/config/cert/orientdb.ks
-Djavax.net.ssl.keyStorePassword=changeme
-Djavax.net.ssl.trustStore=/opt/orientdb-community-2.2.12/config/cert/orientdb-console.ts
-Djavax.net.ssl.trustStorePassword=changeme

• Shawn

On Mon, Nov 7, 2016 at 7:55 AM, tglman notifications@github.com wrote:

hi @dashawn888 https://github.com/dashawn888,

Just to double check, in case of distributed each node behave as server
and client, so you need to configure in the of the
orientdb-server-config.xml all the client configurations :
http://orientdb.com/docs/2.0/orientdb.wiki/Using-SSL-with-
OrientDB.html#configuring-client have you done this step?

Bye

—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
#6880 (comment),
or mute the thread
https://github.com/notifications/unsubscribe-auth/ABE8dEH4tsjE2HBXiLDevM3_c9ZT0uzxks5q7x_bgaJpZM4KpszX
.

[tglman]

ok @dashawn888 can we close this ?

[dashawn888]

Yes. Go ahead.

On Fri, Nov 11, 2016 at 12:08 PM, tglman notifications@github.com wrote:

ok @dashawn888 https://github.com/dashawn888 can we close this ?

—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
#6880 (comment),
or mute the thread
https://github.com/notifications/unsubscribe-auth/ABE8dGg97MeOi-SjGivPxzocQBV4JMQcks5q9KEMgaJpZM4KpszX
.