You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@kafka.apache.org by Chris Baumgartner <ch...@fujifilm.com> on 2021/06/17 14:55:36 UTC
Enabling TLS causes AEADBadTagException
Hello,
I am working on Java code that sends data to Kafka. I am trying to
configure TLS. I think I have created all of the keys and certs correctly.
When I attempt to send a message to Kafka, I get the stacktrace below. I am
stumped as to what is causing this.
Has anyone else seen this before? I'm running Kafka 2.7.1 with
Corretto 11.0.8.10.1.
Thanks.
org.apache.kafka.common.errors.SslAuthenticationException: Failed to
process post-handshake messages
Caused by: javax.net.ssl.SSLException: Tag mismatch!
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:129)
at
java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:321)
at
java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:264)
at
java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:259)
at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:129)
at java.base/sun.security.ssl.SSLEngineImpl.decode(SSLEngineImpl.java:672)
at
java.base/sun.security.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:627)
at java.base/sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:443)
at java.base/sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:422)
at java.base/javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:634)
at
org.apache.kafka.common.network.SslTransportLayer.read(SslTransportLayer.java:567)
at
org.apache.kafka.common.network.NetworkReceive.readFrom(NetworkReceive.java:95)
at
org.apache.kafka.common.network.KafkaChannel.receive(KafkaChannel.java:447)
at org.apache.kafka.common.network.KafkaChannel.read(KafkaChannel.java:397)
at org.apache.kafka.common.network.Selector.attemptRead(Selector.java:674)
at
org.apache.kafka.common.network.Selector.pollSelectionKeys(Selector.java:576)
at org.apache.kafka.common.network.Selector.poll(Selector.java:481)
at org.apache.kafka.clients.NetworkClient.poll(NetworkClient.java:561)
at
org.apache.kafka.clients.NetworkClientUtils.awaitReady(NetworkClientUtils.java:74)
at
org.apache.kafka.clients.producer.internals.Sender.awaitNodeReady(Sender.java:531)
at
org.apache.kafka.clients.producer.internals.Sender.maybeSendAndPollTransactionalRequest(Sender.java:452)
at
org.apache.kafka.clients.producer.internals.Sender.runOnce(Sender.java:313)
at org.apache.kafka.clients.producer.internals.Sender.run(Sender.java:240)
at java.base/java.lang.Thread.run(Thread.java:834)
Caused by: javax.crypto.AEADBadTagException: Tag mismatch!
at
java.base/com.sun.crypto.provider.GaloisCounterMode.decryptFinal(GaloisCounterMode.java:580)
at
java.base/com.sun.crypto.provider.CipherCore.finalNoPadding(CipherCore.java:1049)
at java.base/com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:985)
at
java.base/com.sun.crypto.provider.AESCipher.engineDoFinal(AESCipher.java:491)
at java.base/javax.crypto.CipherSpi.bufferCrypt(CipherSpi.java:779)
at java.base/javax.crypto.CipherSpi.engineDoFinal(CipherSpi.java:730)
at java.base/javax.crypto.Cipher.doFinal(Cipher.java:2497)
at
java.base/sun.security.ssl.SSLCipher$T13GcmReadCipherGenerator$GcmReadCipher.decrypt(SSLCipher.java:1887)
at
java.base/sun.security.ssl.SSLEngineInputRecord.decodeInputRecord(SSLEngineInputRecord.java:240)
at
java.base/sun.security.ssl.SSLEngineInputRecord.decode(SSLEngineInputRecord.java:197)
at
java.base/sun.security.ssl.SSLEngineInputRecord.decode(SSLEngineInputRecord.java:160)
at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:108)
... 19 more
--
Chris Baumgartner
Java Software Developer
FUJIFILM Medical Systems U.S.A., Inc.
TeraMedica Division
10400 Innovation Drive, Suite 200
Milwaukee, WI 53226
Office: (414) 908-7724
www.teramedica.com
*Helping provide healthcare experiences that enhance the quality of life. *
--
NOTICE: This message, including any attachments, is only for the use of
the intended recipient(s) and may contain confidential, sensitive and/or
privileged information, or information otherwise prohibited from
dissemination or disclosure by law or regulation, including applicable
export regulations. If the reader of this message is not the intended
recipient, you are hereby notified that any use, disclosure, copying,
dissemination or distribution of this message or any of its attachments is
strictly prohibited. If you received this message in error, please contact
the sender immediately by reply email and destroy this message, including
all attachments, and any copies thereof.