Cassandra 3.11 cqlsh doesn't work with latest JDK

[Maxim Parkachov <la...@gmail.com>]

Hi everyone,

I have Apache Cassandra 3.11.6 with SSL encryption, CentOS Linux release
7.9, python 2.7.5. JDK and python are coming from operating system.

I have updated today operating system and with that I've got new JDK

$ java -version
openjdk version "1.8.0_292"
OpenJDK Runtime Environment (build 1.8.0_292-b10)
OpenJDK 64-Bit Server VM (build 25.292-b10, mixed mode)

Now when I try to connect to my local instance of Cassandra with cqlsh I'm
getting error:

$ cqlsh --ssl -u cassandra -p cassandra
Connection error: ('Unable to connect to any servers', {'127.0.0.1':
error(1, u"Tried connecting to [('127.0.0.1', 9142)]. Last error: [SSL:
WRONG_VERSION_NUMBER] wrong version number (_ssl.c:618)")})

Apparently, latest release of JDK *_292 disabled TLS1.0 and TLS1.1.

Is this known issue ? Is there is something I could do to quickly remedy
the situation ?

Thanks in advance,
Maxim.

Re: Cassandra 3.11 cqlsh doesn't work with latest JDK

[Maxim Parkachov <la...@gmail.com>]

Hi Sean,

thanks for the quick answer. I have applied your suggestion and tested on
several environments, everything is working fine.
Other communication protected by SSL such as server-to-server and
client-to-server is working without problems as well.

Regards,
Maxim.

On Fri, Apr 30, 2021 at 3:18 PM Durity, Sean R <SE...@homedepot.com>
wrote:

> Try adding this into the SSL section of your cqlshrc file:
>
> version = SSLv23
>
>
>
> Sean Durity
>

RE: Cassandra 3.11 cqlsh doesn't work with latest JDK

["Durity, Sean R" <SE...@homedepot.com>]

Try adding this into the SSL section of your cqlshrc file:
version = SSLv23


Sean Durity

From: Maxim Parkachov <la...@gmail.com>
Sent: Friday, April 30, 2021 8:57 AM
To: user@cassandra.apache.org; dev@cassandra.apache.org
Subject: [EXTERNAL] Cassandra 3.11 cqlsh doesn't work with latest JDK

Hi everyone,

I have Apache Cassandra 3.11.6 with SSL encryption, CentOS Linux release 7.9, python 2.7.5. JDK and python are coming from operating system.

I have updated today operating system and with that I've got new JDK

$ java -version
openjdk version "1.8.0_292"
OpenJDK Runtime Environment (build 1.8.0_292-b10)
OpenJDK 64-Bit Server VM (build 25.292-b10, mixed mode)

Now when I try to connect to my local instance of Cassandra with cqlsh I'm getting error:

$ cqlsh --ssl -u cassandra -p cassandra
Connection error: ('Unable to connect to any servers', {'127.0.0.1': error(1, u"Tried connecting to [('127.0.0.1', 9142)]. Last error: [SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:618)")})

Apparently, latest release of JDK *_292 disabled TLS1.0 and TLS1.1.

Is this known issue ? Is there is something I could do to quickly remedy the situation ?

Thanks in advance,
Maxim.


________________________________

The information in this Internet Email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this Email by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. When addressed to our clients any opinions or advice contained in this Email are subject to the terms and conditions expressed in any applicable governing The Home Depot terms of business or client engagement letter. The Home Depot disclaims all responsibility and liability for the accuracy and content of this attachment and for any damages or losses arising from any inaccuracies, errors, viruses, e.g., worms, trojan horses, etc., or other items of a destructive nature, which may be contained in this attachment and shall not be liable for direct, indirect, consequential or special damages in connection with this e-mail message or its attachment.