You are viewing a plain text version of this content. The canonical link for it is here.

Posted to jira@kafka.apache.org by "Levani Kokhreidze (Jira)" <ji...@apache.org> on 2020/08/08 12:05:00 UTC

[jira] [Updated] (KAFKA-10375) Restore consumer fails with SSL handshake fail exception

     [ https://issues.apache.org/jira/browse/KAFKA-10375?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Levani Kokhreidze updated KAFKA-10375:
--------------------------------------
    Attachment:     (was: stacktrace.txt)

> Restore consumer fails with SSL handshake fail exception
> --------------------------------------------------------
>
>                 Key: KAFKA-10375
>                 URL: https://issues.apache.org/jira/browse/KAFKA-10375
>             Project: Kafka
>          Issue Type: Bug
>          Components: streams
>    Affects Versions: 2.6.0
>            Reporter: Levani Kokhreidze
>            Priority: Major
>
> After upgrading to 2.6, we started getting "SSL handshake fail" exceptions. Curios thing is that it seems to affect only restore consumers. For mTLS, we use dynamic certificates that are being reloaded automatically every X minutes.
> We didn't have any issues with it, up until upgrading 2.6 and other stream processing jobs running Kafka 2.4 don't have similar problems.
> After restarting the Kafka Streams instance, issue goes away.
>  
> From the stacktrace, it's visible that problem is:
> {code:java}
> Aug 07 10:36:12.478 | Caused by: java.security.cert.CertificateExpiredException: NotAfter: Fri Aug 07 07:45:16 GMT 2020 
> {code}
> Seems like somehow restore consumer gets stuck with old certificate and it's not refreshed.
>  
>  



--
This message was sent by Atlassian Jira
(v8.3.4#803005)