You are viewing a plain text version of this content. The canonical link for it is here.
Posted to solr-user@lucene.apache.org by Zheng Lin Edwin Yeo <ed...@gmail.com> on 2020/05/24 03:11:13 UTC
Solr 8.5.1 startup error - lengthTag=109, too big.
Hi,
I'm trying to upgrade from Solr 8.2.1 to Solr 8.5.1, with Solr SSL
Authentication and Authorization.
However, I get the following error when I enable SSL. The Solr itself can
start up if there is no SSL. The main error that I see is this
java.io.IOException: DerInputStream.getLength(): lengthTag=109, too big.
What could be the reason that causes this?
INFO - 2020-05-24 10:38:20.080;
org.apache.solr.util.configuration.SSLConfigurations; Setting
javax.net.ssl.keyStorePassword
INFO - 2020-05-24 10:38:20.081;
org.apache.solr.util.configuration.SSLConfigurations; Setting
javax.net.ssl.trustStorePassword
Waiting up to 120 to see Solr running on port 8983
java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.eclipse.jetty.start.Main.invokeMain(Main.java:218)
at org.eclipse.jetty.start.Main.start(Main.java:491)
at org.eclipse.jetty.start.Main.main(Main.java:77)d
Caused by: java.security.PrivilegedActionException: java.io.IOException:
DerInputStream.getLength(): lengthTag=109, too big.
at java.security.AccessController.doPrivileged(Native Method)
at
org.eclipse.jetty.xml.XmlConfiguration.main(XmlConfiguration.java:1837)
... 7 more
Caused by: java.io.IOException: DerInputStream.getLength(): lengthTag=109,
too big.
at sun.security.util.DerInputStream.getLength(Unknown Source)
at sun.security.util.DerValue.init(Unknown Source)
at sun.security.util.DerValue.<init>(Unknown Source)
at sun.security.util.DerValue.<init>(Unknown Source)
at sun.security.pkcs12.PKCS12KeyStore.engineLoad(Unknown Source)
at java.security.KeyStore.load(Unknown Source)
at
org.eclipse.jetty.util.security.CertificateUtils.getKeyStore(CertificateUtils.java:54)
at
org.eclipse.jetty.util.ssl.SslContextFactory.loadKeyStore(SslContextFactory.java:1188)
at
org.eclipse.jetty.util.ssl.SslContextFactory.load(SslContextFactory.java:323)
at
org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:245)
at
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72)
at
org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:169)
at
org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117)
at
org.eclipse.jetty.server.SslConnectionFactory.doStart(SslConnectionFactory.java:92)
at
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72)
at
org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:169)
at
org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117)
at
org.eclipse.jetty.server.AbstractConnector.doStart(AbstractConnector.java:320)
at
org.eclipse.jetty.server.AbstractNetworkConnector.doStart(AbstractNetworkConnector.java:81)
at
org.eclipse.jetty.server.ServerConnector.doStart(ServerConnector.java:231)
at
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72)
at org.eclipse.jetty.server.Server.doStart(Server.java:385)
at
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72)
at
org.eclipse.jetty.xml.XmlConfiguration.lambda$main$0(XmlConfiguration.java:1888)
... 9 more
java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.eclipse.jetty.start.Main.invokeMain(Main.java:218)
at org.eclipse.jetty.start.Main.start(Main.java:491)
at org.eclipse.jetty.start.Main.main(Main.java:77)
Caused by: java.security.PrivilegedActionException: java.io.IOException:
DerInputStream.getLength(): lengthTag=109, too big.
at java.security.AccessController.doPrivileged(Native Method)
at
org.eclipse.jetty.xml.XmlConfiguration.main(XmlConfiguration.java:1837)
... 7 more
Caused by: java.io.IOException: DerInputStream.getLength(): lengthTag=109,
too big.
at sun.security.util.DerInputStream.getLength(Unknown Source)
at sun.security.util.DerValue.init(Unknown Source)
at sun.security.util.DerValue.<init>(Unknown Source)
at sun.security.util.DerValue.<init>(Unknown Source)
at sun.security.pkcs12.PKCS12KeyStore.engineLoad(Unknown Source)
at java.security.KeyStore.load(Unknown Source)
at
org.eclipse.jetty.util.security.CertificateUtils.getKeyStore(CertificateUtils.java:54)
at
org.eclipse.jetty.util.ssl.SslContextFactory.loadKeyStore(SslContextFactory.java:1188)
at
org.eclipse.jetty.util.ssl.SslContextFactory.load(SslContextFactory.java:323)
at
org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:245)
at
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72)
at
org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:169)
at
org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117)
at
org.eclipse.jetty.server.SslConnectionFactory.doStart(SslConnectionFactory.java:92)
at
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72)
at
org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:169)
at
org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117)
at
org.eclipse.jetty.server.AbstractConnector.doStart(AbstractConnector.java:320)
at
org.eclipse.jetty.server.AbstractNetworkConnector.doStart(AbstractNetworkConnector.java:81)
at
org.eclipse.jetty.server.ServerConnector.doStart(ServerConnector.java:231)
at
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72)
at org.eclipse.jetty.server.Server.doStart(Server.java:385)
at
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72)
at
org.eclipse.jetty.xml.XmlConfiguration.lambda$main$0(XmlConfiguration.java:1888)
... 9 more
Usage: java -jar $JETTY_HOME/start.jar [options] [properties] [configs]
java -jar $JETTY_HOME/start.jar --help # for more information
Regards,
Edwin
Re: Solr 8.5.1 startup error - lengthTag=109, too big.
Posted by Zheng Lin Edwin Yeo <ed...@gmail.com>.
Hi Jan,
Thanks for your reply.
I have found that the issue is due to SOLR_SSL_KEY_STORE_TYPE env default
was set to PKS12, while in my previous version it was JKS.
Regards,
Edwin
On Thu, 28 May 2020 at 21:08, Jan Høydahl <ja...@cominvent.com> wrote:
> I also believe this is due to keystore format confusion.
> How exactly do you generate your keystore, what is the keystore file
> named, and do you specify the SOLR_SSL_KEY_STORE_TYPE env?
>
> Jan
>
> > 28. mai 2020 kl. 04:03 skrev Zheng Lin Edwin Yeo <ed...@gmail.com>:
> >
> > Hi Mike,
> >
> > Thanks for your reply.
> >
> > Yes, I have SSL enabled in 8.2.1 as well. The error is there even it I
> use
> > the same certificate for 8.2.1, which was working fine there.
> > I have also generated the certificate for both 8.2.1 and 8.5.1 by the
> same
> > method.
> >
> > Is there any changes between these 2 versions that would have affected
> > this? (Eg: there are changes in the way we generate the certificate)
> >
> > Regards,
> > Edwin
> >
> > On Wed, 27 May 2020 at 04:23, Mike Drob <md...@apache.org> wrote:
> >
> >> Did you have SSL enabled with 8.2.1?
> >>
> >> The error looks common to certificate handling and not specific to Solr.
> >>
> >> I would verify that you have no extra characters in your certificate
> file
> >> (including line endings) and that the keystore type that you specified
> >> matches the file you are presenting (JKS or PKCS12)
> >>
> >> Mike
> >>
> >> On Sat, May 23, 2020 at 10:11 PM Zheng Lin Edwin Yeo <
> edwinyeozl@gmail.com
> >>>
> >> wrote:
> >>
> >>> Hi,
> >>>
> >>> I'm trying to upgrade from Solr 8.2.1 to Solr 8.5.1, with Solr SSL
> >>> Authentication and Authorization.
> >>>
> >>> However, I get the following error when I enable SSL. The Solr itself
> can
> >>> start up if there is no SSL. The main error that I see is this
> >>>
> >>> java.io.IOException: DerInputStream.getLength(): lengthTag=109, too
> >> big.
> >>>
> >>> What could be the reason that causes this?
> >>>
> >>>
> >>> INFO - 2020-05-24 10:38:20.080;
> >>> org.apache.solr.util.configuration.SSLConfigurations; Setting
> >>> javax.net.ssl.keyStorePassword
> >>> INFO - 2020-05-24 10:38:20.081;
> >>> org.apache.solr.util.configuration.SSLConfigurations; Setting
> >>> javax.net.ssl.trustStorePassword
> >>> Waiting up to 120 to see Solr running on port 8983
> >>> java.lang.reflect.InvocationTargetException
> >>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> >>> at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
> >>> at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown
> >> Source)
> >>> at java.lang.reflect.Method.invoke(Unknown Source)
> >>> at org.eclipse.jetty.start.Main.invokeMain(Main.java:218)
> >>> at org.eclipse.jetty.start.Main.start(Main.java:491)
> >>> at org.eclipse.jetty.start.Main.main(Main.java:77)d
> >>> Caused by: java.security.PrivilegedActionException:
> java.io.IOException:
> >>> DerInputStream.getLength(): lengthTag=109, too big.
> >>> at java.security.AccessController.doPrivileged(Native Method)
> >>> at
> >>> org.eclipse.jetty.xml.XmlConfiguration.main(XmlConfiguration.java:1837)
> >>> ... 7 more
> >>> Caused by: java.io.IOException: DerInputStream.getLength():
> >> lengthTag=109,
> >>> too big.
> >>> at sun.security.util.DerInputStream.getLength(Unknown Source)
> >>> at sun.security.util.DerValue.init(Unknown Source)
> >>> at sun.security.util.DerValue.<init>(Unknown Source)
> >>> at sun.security.util.DerValue.<init>(Unknown Source)
> >>> at sun.security.pkcs12.PKCS12KeyStore.engineLoad(Unknown Source)
> >>> at java.security.KeyStore.load(Unknown Source)
> >>> at
> >>>
> >>>
> >>
> org.eclipse.jetty.util.security.CertificateUtils.getKeyStore(CertificateUtils.java:54)
> >>> at
> >>>
> >>>
> >>
> org.eclipse.jetty.util.ssl.SslContextFactory.loadKeyStore(SslContextFactory.java:1188)
> >>> at
> >>>
> >>>
> >>
> org.eclipse.jetty.util.ssl.SslContextFactory.load(SslContextFactory.java:323)
> >>> at
> >>>
> >>>
> >>
> org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:245)
> >>> at
> >>>
> >>>
> >>
> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72)
> >>> at
> >>>
> >>>
> >>
> org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:169)
> >>> at
> >>>
> >>>
> >>
> org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117)
> >>> at
> >>>
> >>>
> >>
> org.eclipse.jetty.server.SslConnectionFactory.doStart(SslConnectionFactory.java:92)
> >>> at
> >>>
> >>>
> >>
> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72)
> >>> at
> >>>
> >>>
> >>
> org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:169)
> >>> at
> >>>
> >>>
> >>
> org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117)
> >>> at
> >>>
> >>>
> >>
> org.eclipse.jetty.server.AbstractConnector.doStart(AbstractConnector.java:320)
> >>> at
> >>>
> >>>
> >>
> org.eclipse.jetty.server.AbstractNetworkConnector.doStart(AbstractNetworkConnector.java:81)
> >>> at
> >>>
> >>
> org.eclipse.jetty.server.ServerConnector.doStart(ServerConnector.java:231)
> >>> at
> >>>
> >>>
> >>
> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72)
> >>> at org.eclipse.jetty.server.Server.doStart(Server.java:385)
> >>> at
> >>>
> >>>
> >>
> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72)
> >>> at
> >>>
> >>>
> >>
> org.eclipse.jetty.xml.XmlConfiguration.lambda$main$0(XmlConfiguration.java:1888)
> >>> ... 9 more
> >>> java.lang.reflect.InvocationTargetException
> >>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> >>> at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
> >>> at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown
> >> Source)
> >>> at java.lang.reflect.Method.invoke(Unknown Source)
> >>> at org.eclipse.jetty.start.Main.invokeMain(Main.java:218)
> >>> at org.eclipse.jetty.start.Main.start(Main.java:491)
> >>> at org.eclipse.jetty.start.Main.main(Main.java:77)
> >>> Caused by: java.security.PrivilegedActionException:
> java.io.IOException:
> >>> DerInputStream.getLength(): lengthTag=109, too big.
> >>> at java.security.AccessController.doPrivileged(Native Method)
> >>> at
> >>> org.eclipse.jetty.xml.XmlConfiguration.main(XmlConfiguration.java:1837)
> >>> ... 7 more
> >>> Caused by: java.io.IOException: DerInputStream.getLength():
> >> lengthTag=109,
> >>> too big.
> >>> at sun.security.util.DerInputStream.getLength(Unknown Source)
> >>> at sun.security.util.DerValue.init(Unknown Source)
> >>> at sun.security.util.DerValue.<init>(Unknown Source)
> >>> at sun.security.util.DerValue.<init>(Unknown Source)
> >>> at sun.security.pkcs12.PKCS12KeyStore.engineLoad(Unknown Source)
> >>> at java.security.KeyStore.load(Unknown Source)
> >>> at
> >>>
> >>>
> >>
> org.eclipse.jetty.util.security.CertificateUtils.getKeyStore(CertificateUtils.java:54)
> >>> at
> >>>
> >>>
> >>
> org.eclipse.jetty.util.ssl.SslContextFactory.loadKeyStore(SslContextFactory.java:1188)
> >>> at
> >>>
> >>>
> >>
> org.eclipse.jetty.util.ssl.SslContextFactory.load(SslContextFactory.java:323)
> >>> at
> >>>
> >>>
> >>
> org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:245)
> >>> at
> >>>
> >>>
> >>
> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72)
> >>> at
> >>>
> >>>
> >>
> org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:169)
> >>> at
> >>>
> >>>
> >>
> org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117)
> >>> at
> >>>
> >>>
> >>
> org.eclipse.jetty.server.SslConnectionFactory.doStart(SslConnectionFactory.java:92)
> >>> at
> >>>
> >>>
> >>
> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72)
> >>> at
> >>>
> >>>
> >>
> org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:169)
> >>> at
> >>>
> >>>
> >>
> org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117)
> >>> at
> >>>
> >>>
> >>
> org.eclipse.jetty.server.AbstractConnector.doStart(AbstractConnector.java:320)
> >>> at
> >>>
> >>>
> >>
> org.eclipse.jetty.server.AbstractNetworkConnector.doStart(AbstractNetworkConnector.java:81)
> >>> at
> >>>
> >>
> org.eclipse.jetty.server.ServerConnector.doStart(ServerConnector.java:231)
> >>> at
> >>>
> >>>
> >>
> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72)
> >>> at org.eclipse.jetty.server.Server.doStart(Server.java:385)
> >>> at
> >>>
> >>>
> >>
> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72)
> >>> at
> >>>
> >>>
> >>
> org.eclipse.jetty.xml.XmlConfiguration.lambda$main$0(XmlConfiguration.java:1888)
> >>> ... 9 more
> >>>
> >>> Usage: java -jar $JETTY_HOME/start.jar [options] [properties] [configs]
> >>> java -jar $JETTY_HOME/start.jar --help # for more information
> >>>
> >>> Regards,
> >>> Edwin
> >>>
> >>
>
>
Re: Solr 8.5.1 startup error - lengthTag=109, too big.
Posted by Jan Høydahl <ja...@cominvent.com>.
I also believe this is due to keystore format confusion.
How exactly do you generate your keystore, what is the keystore file named, and do you specify the SOLR_SSL_KEY_STORE_TYPE env?
Jan
> 28. mai 2020 kl. 04:03 skrev Zheng Lin Edwin Yeo <ed...@gmail.com>:
>
> Hi Mike,
>
> Thanks for your reply.
>
> Yes, I have SSL enabled in 8.2.1 as well. The error is there even it I use
> the same certificate for 8.2.1, which was working fine there.
> I have also generated the certificate for both 8.2.1 and 8.5.1 by the same
> method.
>
> Is there any changes between these 2 versions that would have affected
> this? (Eg: there are changes in the way we generate the certificate)
>
> Regards,
> Edwin
>
> On Wed, 27 May 2020 at 04:23, Mike Drob <md...@apache.org> wrote:
>
>> Did you have SSL enabled with 8.2.1?
>>
>> The error looks common to certificate handling and not specific to Solr.
>>
>> I would verify that you have no extra characters in your certificate file
>> (including line endings) and that the keystore type that you specified
>> matches the file you are presenting (JKS or PKCS12)
>>
>> Mike
>>
>> On Sat, May 23, 2020 at 10:11 PM Zheng Lin Edwin Yeo <edwinyeozl@gmail.com
>>>
>> wrote:
>>
>>> Hi,
>>>
>>> I'm trying to upgrade from Solr 8.2.1 to Solr 8.5.1, with Solr SSL
>>> Authentication and Authorization.
>>>
>>> However, I get the following error when I enable SSL. The Solr itself can
>>> start up if there is no SSL. The main error that I see is this
>>>
>>> java.io.IOException: DerInputStream.getLength(): lengthTag=109, too
>> big.
>>>
>>> What could be the reason that causes this?
>>>
>>>
>>> INFO - 2020-05-24 10:38:20.080;
>>> org.apache.solr.util.configuration.SSLConfigurations; Setting
>>> javax.net.ssl.keyStorePassword
>>> INFO - 2020-05-24 10:38:20.081;
>>> org.apache.solr.util.configuration.SSLConfigurations; Setting
>>> javax.net.ssl.trustStorePassword
>>> Waiting up to 120 to see Solr running on port 8983
>>> java.lang.reflect.InvocationTargetException
>>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>>> at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
>>> at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown
>> Source)
>>> at java.lang.reflect.Method.invoke(Unknown Source)
>>> at org.eclipse.jetty.start.Main.invokeMain(Main.java:218)
>>> at org.eclipse.jetty.start.Main.start(Main.java:491)
>>> at org.eclipse.jetty.start.Main.main(Main.java:77)d
>>> Caused by: java.security.PrivilegedActionException: java.io.IOException:
>>> DerInputStream.getLength(): lengthTag=109, too big.
>>> at java.security.AccessController.doPrivileged(Native Method)
>>> at
>>> org.eclipse.jetty.xml.XmlConfiguration.main(XmlConfiguration.java:1837)
>>> ... 7 more
>>> Caused by: java.io.IOException: DerInputStream.getLength():
>> lengthTag=109,
>>> too big.
>>> at sun.security.util.DerInputStream.getLength(Unknown Source)
>>> at sun.security.util.DerValue.init(Unknown Source)
>>> at sun.security.util.DerValue.<init>(Unknown Source)
>>> at sun.security.util.DerValue.<init>(Unknown Source)
>>> at sun.security.pkcs12.PKCS12KeyStore.engineLoad(Unknown Source)
>>> at java.security.KeyStore.load(Unknown Source)
>>> at
>>>
>>>
>> org.eclipse.jetty.util.security.CertificateUtils.getKeyStore(CertificateUtils.java:54)
>>> at
>>>
>>>
>> org.eclipse.jetty.util.ssl.SslContextFactory.loadKeyStore(SslContextFactory.java:1188)
>>> at
>>>
>>>
>> org.eclipse.jetty.util.ssl.SslContextFactory.load(SslContextFactory.java:323)
>>> at
>>>
>>>
>> org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:245)
>>> at
>>>
>>>
>> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72)
>>> at
>>>
>>>
>> org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:169)
>>> at
>>>
>>>
>> org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117)
>>> at
>>>
>>>
>> org.eclipse.jetty.server.SslConnectionFactory.doStart(SslConnectionFactory.java:92)
>>> at
>>>
>>>
>> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72)
>>> at
>>>
>>>
>> org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:169)
>>> at
>>>
>>>
>> org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117)
>>> at
>>>
>>>
>> org.eclipse.jetty.server.AbstractConnector.doStart(AbstractConnector.java:320)
>>> at
>>>
>>>
>> org.eclipse.jetty.server.AbstractNetworkConnector.doStart(AbstractNetworkConnector.java:81)
>>> at
>>>
>> org.eclipse.jetty.server.ServerConnector.doStart(ServerConnector.java:231)
>>> at
>>>
>>>
>> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72)
>>> at org.eclipse.jetty.server.Server.doStart(Server.java:385)
>>> at
>>>
>>>
>> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72)
>>> at
>>>
>>>
>> org.eclipse.jetty.xml.XmlConfiguration.lambda$main$0(XmlConfiguration.java:1888)
>>> ... 9 more
>>> java.lang.reflect.InvocationTargetException
>>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>>> at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
>>> at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown
>> Source)
>>> at java.lang.reflect.Method.invoke(Unknown Source)
>>> at org.eclipse.jetty.start.Main.invokeMain(Main.java:218)
>>> at org.eclipse.jetty.start.Main.start(Main.java:491)
>>> at org.eclipse.jetty.start.Main.main(Main.java:77)
>>> Caused by: java.security.PrivilegedActionException: java.io.IOException:
>>> DerInputStream.getLength(): lengthTag=109, too big.
>>> at java.security.AccessController.doPrivileged(Native Method)
>>> at
>>> org.eclipse.jetty.xml.XmlConfiguration.main(XmlConfiguration.java:1837)
>>> ... 7 more
>>> Caused by: java.io.IOException: DerInputStream.getLength():
>> lengthTag=109,
>>> too big.
>>> at sun.security.util.DerInputStream.getLength(Unknown Source)
>>> at sun.security.util.DerValue.init(Unknown Source)
>>> at sun.security.util.DerValue.<init>(Unknown Source)
>>> at sun.security.util.DerValue.<init>(Unknown Source)
>>> at sun.security.pkcs12.PKCS12KeyStore.engineLoad(Unknown Source)
>>> at java.security.KeyStore.load(Unknown Source)
>>> at
>>>
>>>
>> org.eclipse.jetty.util.security.CertificateUtils.getKeyStore(CertificateUtils.java:54)
>>> at
>>>
>>>
>> org.eclipse.jetty.util.ssl.SslContextFactory.loadKeyStore(SslContextFactory.java:1188)
>>> at
>>>
>>>
>> org.eclipse.jetty.util.ssl.SslContextFactory.load(SslContextFactory.java:323)
>>> at
>>>
>>>
>> org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:245)
>>> at
>>>
>>>
>> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72)
>>> at
>>>
>>>
>> org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:169)
>>> at
>>>
>>>
>> org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117)
>>> at
>>>
>>>
>> org.eclipse.jetty.server.SslConnectionFactory.doStart(SslConnectionFactory.java:92)
>>> at
>>>
>>>
>> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72)
>>> at
>>>
>>>
>> org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:169)
>>> at
>>>
>>>
>> org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117)
>>> at
>>>
>>>
>> org.eclipse.jetty.server.AbstractConnector.doStart(AbstractConnector.java:320)
>>> at
>>>
>>>
>> org.eclipse.jetty.server.AbstractNetworkConnector.doStart(AbstractNetworkConnector.java:81)
>>> at
>>>
>> org.eclipse.jetty.server.ServerConnector.doStart(ServerConnector.java:231)
>>> at
>>>
>>>
>> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72)
>>> at org.eclipse.jetty.server.Server.doStart(Server.java:385)
>>> at
>>>
>>>
>> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72)
>>> at
>>>
>>>
>> org.eclipse.jetty.xml.XmlConfiguration.lambda$main$0(XmlConfiguration.java:1888)
>>> ... 9 more
>>>
>>> Usage: java -jar $JETTY_HOME/start.jar [options] [properties] [configs]
>>> java -jar $JETTY_HOME/start.jar --help # for more information
>>>
>>> Regards,
>>> Edwin
>>>
>>
Re: Solr 8.5.1 startup error - lengthTag=109, too big.
Posted by Zheng Lin Edwin Yeo <ed...@gmail.com>.
Hi Mike,
Thanks for your reply.
Yes, I have SSL enabled in 8.2.1 as well. The error is there even it I use
the same certificate for 8.2.1, which was working fine there.
I have also generated the certificate for both 8.2.1 and 8.5.1 by the same
method.
Is there any changes between these 2 versions that would have affected
this? (Eg: there are changes in the way we generate the certificate)
Regards,
Edwin
On Wed, 27 May 2020 at 04:23, Mike Drob <md...@apache.org> wrote:
> Did you have SSL enabled with 8.2.1?
>
> The error looks common to certificate handling and not specific to Solr.
>
> I would verify that you have no extra characters in your certificate file
> (including line endings) and that the keystore type that you specified
> matches the file you are presenting (JKS or PKCS12)
>
> Mike
>
> On Sat, May 23, 2020 at 10:11 PM Zheng Lin Edwin Yeo <edwinyeozl@gmail.com
> >
> wrote:
>
> > Hi,
> >
> > I'm trying to upgrade from Solr 8.2.1 to Solr 8.5.1, with Solr SSL
> > Authentication and Authorization.
> >
> > However, I get the following error when I enable SSL. The Solr itself can
> > start up if there is no SSL. The main error that I see is this
> >
> > java.io.IOException: DerInputStream.getLength(): lengthTag=109, too
> big.
> >
> > What could be the reason that causes this?
> >
> >
> > INFO - 2020-05-24 10:38:20.080;
> > org.apache.solr.util.configuration.SSLConfigurations; Setting
> > javax.net.ssl.keyStorePassword
> > INFO - 2020-05-24 10:38:20.081;
> > org.apache.solr.util.configuration.SSLConfigurations; Setting
> > javax.net.ssl.trustStorePassword
> > Waiting up to 120 to see Solr running on port 8983
> > java.lang.reflect.InvocationTargetException
> > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> > at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
> > at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown
> Source)
> > at java.lang.reflect.Method.invoke(Unknown Source)
> > at org.eclipse.jetty.start.Main.invokeMain(Main.java:218)
> > at org.eclipse.jetty.start.Main.start(Main.java:491)
> > at org.eclipse.jetty.start.Main.main(Main.java:77)d
> > Caused by: java.security.PrivilegedActionException: java.io.IOException:
> > DerInputStream.getLength(): lengthTag=109, too big.
> > at java.security.AccessController.doPrivileged(Native Method)
> > at
> > org.eclipse.jetty.xml.XmlConfiguration.main(XmlConfiguration.java:1837)
> > ... 7 more
> > Caused by: java.io.IOException: DerInputStream.getLength():
> lengthTag=109,
> > too big.
> > at sun.security.util.DerInputStream.getLength(Unknown Source)
> > at sun.security.util.DerValue.init(Unknown Source)
> > at sun.security.util.DerValue.<init>(Unknown Source)
> > at sun.security.util.DerValue.<init>(Unknown Source)
> > at sun.security.pkcs12.PKCS12KeyStore.engineLoad(Unknown Source)
> > at java.security.KeyStore.load(Unknown Source)
> > at
> >
> >
> org.eclipse.jetty.util.security.CertificateUtils.getKeyStore(CertificateUtils.java:54)
> > at
> >
> >
> org.eclipse.jetty.util.ssl.SslContextFactory.loadKeyStore(SslContextFactory.java:1188)
> > at
> >
> >
> org.eclipse.jetty.util.ssl.SslContextFactory.load(SslContextFactory.java:323)
> > at
> >
> >
> org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:245)
> > at
> >
> >
> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72)
> > at
> >
> >
> org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:169)
> > at
> >
> >
> org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117)
> > at
> >
> >
> org.eclipse.jetty.server.SslConnectionFactory.doStart(SslConnectionFactory.java:92)
> > at
> >
> >
> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72)
> > at
> >
> >
> org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:169)
> > at
> >
> >
> org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117)
> > at
> >
> >
> org.eclipse.jetty.server.AbstractConnector.doStart(AbstractConnector.java:320)
> > at
> >
> >
> org.eclipse.jetty.server.AbstractNetworkConnector.doStart(AbstractNetworkConnector.java:81)
> > at
> >
> org.eclipse.jetty.server.ServerConnector.doStart(ServerConnector.java:231)
> > at
> >
> >
> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72)
> > at org.eclipse.jetty.server.Server.doStart(Server.java:385)
> > at
> >
> >
> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72)
> > at
> >
> >
> org.eclipse.jetty.xml.XmlConfiguration.lambda$main$0(XmlConfiguration.java:1888)
> > ... 9 more
> > java.lang.reflect.InvocationTargetException
> > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> > at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
> > at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown
> Source)
> > at java.lang.reflect.Method.invoke(Unknown Source)
> > at org.eclipse.jetty.start.Main.invokeMain(Main.java:218)
> > at org.eclipse.jetty.start.Main.start(Main.java:491)
> > at org.eclipse.jetty.start.Main.main(Main.java:77)
> > Caused by: java.security.PrivilegedActionException: java.io.IOException:
> > DerInputStream.getLength(): lengthTag=109, too big.
> > at java.security.AccessController.doPrivileged(Native Method)
> > at
> > org.eclipse.jetty.xml.XmlConfiguration.main(XmlConfiguration.java:1837)
> > ... 7 more
> > Caused by: java.io.IOException: DerInputStream.getLength():
> lengthTag=109,
> > too big.
> > at sun.security.util.DerInputStream.getLength(Unknown Source)
> > at sun.security.util.DerValue.init(Unknown Source)
> > at sun.security.util.DerValue.<init>(Unknown Source)
> > at sun.security.util.DerValue.<init>(Unknown Source)
> > at sun.security.pkcs12.PKCS12KeyStore.engineLoad(Unknown Source)
> > at java.security.KeyStore.load(Unknown Source)
> > at
> >
> >
> org.eclipse.jetty.util.security.CertificateUtils.getKeyStore(CertificateUtils.java:54)
> > at
> >
> >
> org.eclipse.jetty.util.ssl.SslContextFactory.loadKeyStore(SslContextFactory.java:1188)
> > at
> >
> >
> org.eclipse.jetty.util.ssl.SslContextFactory.load(SslContextFactory.java:323)
> > at
> >
> >
> org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:245)
> > at
> >
> >
> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72)
> > at
> >
> >
> org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:169)
> > at
> >
> >
> org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117)
> > at
> >
> >
> org.eclipse.jetty.server.SslConnectionFactory.doStart(SslConnectionFactory.java:92)
> > at
> >
> >
> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72)
> > at
> >
> >
> org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:169)
> > at
> >
> >
> org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117)
> > at
> >
> >
> org.eclipse.jetty.server.AbstractConnector.doStart(AbstractConnector.java:320)
> > at
> >
> >
> org.eclipse.jetty.server.AbstractNetworkConnector.doStart(AbstractNetworkConnector.java:81)
> > at
> >
> org.eclipse.jetty.server.ServerConnector.doStart(ServerConnector.java:231)
> > at
> >
> >
> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72)
> > at org.eclipse.jetty.server.Server.doStart(Server.java:385)
> > at
> >
> >
> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72)
> > at
> >
> >
> org.eclipse.jetty.xml.XmlConfiguration.lambda$main$0(XmlConfiguration.java:1888)
> > ... 9 more
> >
> > Usage: java -jar $JETTY_HOME/start.jar [options] [properties] [configs]
> > java -jar $JETTY_HOME/start.jar --help # for more information
> >
> > Regards,
> > Edwin
> >
>
Re: Solr 8.5.1 startup error - lengthTag=109, too big.
Posted by Mike Drob <md...@apache.org>.
Did you have SSL enabled with 8.2.1?
The error looks common to certificate handling and not specific to Solr.
I would verify that you have no extra characters in your certificate file
(including line endings) and that the keystore type that you specified
matches the file you are presenting (JKS or PKCS12)
Mike
On Sat, May 23, 2020 at 10:11 PM Zheng Lin Edwin Yeo <ed...@gmail.com>
wrote:
> Hi,
>
> I'm trying to upgrade from Solr 8.2.1 to Solr 8.5.1, with Solr SSL
> Authentication and Authorization.
>
> However, I get the following error when I enable SSL. The Solr itself can
> start up if there is no SSL. The main error that I see is this
>
> java.io.IOException: DerInputStream.getLength(): lengthTag=109, too big.
>
> What could be the reason that causes this?
>
>
> INFO - 2020-05-24 10:38:20.080;
> org.apache.solr.util.configuration.SSLConfigurations; Setting
> javax.net.ssl.keyStorePassword
> INFO - 2020-05-24 10:38:20.081;
> org.apache.solr.util.configuration.SSLConfigurations; Setting
> javax.net.ssl.trustStorePassword
> Waiting up to 120 to see Solr running on port 8983
> java.lang.reflect.InvocationTargetException
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
> at java.lang.reflect.Method.invoke(Unknown Source)
> at org.eclipse.jetty.start.Main.invokeMain(Main.java:218)
> at org.eclipse.jetty.start.Main.start(Main.java:491)
> at org.eclipse.jetty.start.Main.main(Main.java:77)d
> Caused by: java.security.PrivilegedActionException: java.io.IOException:
> DerInputStream.getLength(): lengthTag=109, too big.
> at java.security.AccessController.doPrivileged(Native Method)
> at
> org.eclipse.jetty.xml.XmlConfiguration.main(XmlConfiguration.java:1837)
> ... 7 more
> Caused by: java.io.IOException: DerInputStream.getLength(): lengthTag=109,
> too big.
> at sun.security.util.DerInputStream.getLength(Unknown Source)
> at sun.security.util.DerValue.init(Unknown Source)
> at sun.security.util.DerValue.<init>(Unknown Source)
> at sun.security.util.DerValue.<init>(Unknown Source)
> at sun.security.pkcs12.PKCS12KeyStore.engineLoad(Unknown Source)
> at java.security.KeyStore.load(Unknown Source)
> at
>
> org.eclipse.jetty.util.security.CertificateUtils.getKeyStore(CertificateUtils.java:54)
> at
>
> org.eclipse.jetty.util.ssl.SslContextFactory.loadKeyStore(SslContextFactory.java:1188)
> at
>
> org.eclipse.jetty.util.ssl.SslContextFactory.load(SslContextFactory.java:323)
> at
>
> org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:245)
> at
>
> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72)
> at
>
> org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:169)
> at
>
> org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117)
> at
>
> org.eclipse.jetty.server.SslConnectionFactory.doStart(SslConnectionFactory.java:92)
> at
>
> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72)
> at
>
> org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:169)
> at
>
> org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117)
> at
>
> org.eclipse.jetty.server.AbstractConnector.doStart(AbstractConnector.java:320)
> at
>
> org.eclipse.jetty.server.AbstractNetworkConnector.doStart(AbstractNetworkConnector.java:81)
> at
> org.eclipse.jetty.server.ServerConnector.doStart(ServerConnector.java:231)
> at
>
> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72)
> at org.eclipse.jetty.server.Server.doStart(Server.java:385)
> at
>
> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72)
> at
>
> org.eclipse.jetty.xml.XmlConfiguration.lambda$main$0(XmlConfiguration.java:1888)
> ... 9 more
> java.lang.reflect.InvocationTargetException
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
> at java.lang.reflect.Method.invoke(Unknown Source)
> at org.eclipse.jetty.start.Main.invokeMain(Main.java:218)
> at org.eclipse.jetty.start.Main.start(Main.java:491)
> at org.eclipse.jetty.start.Main.main(Main.java:77)
> Caused by: java.security.PrivilegedActionException: java.io.IOException:
> DerInputStream.getLength(): lengthTag=109, too big.
> at java.security.AccessController.doPrivileged(Native Method)
> at
> org.eclipse.jetty.xml.XmlConfiguration.main(XmlConfiguration.java:1837)
> ... 7 more
> Caused by: java.io.IOException: DerInputStream.getLength(): lengthTag=109,
> too big.
> at sun.security.util.DerInputStream.getLength(Unknown Source)
> at sun.security.util.DerValue.init(Unknown Source)
> at sun.security.util.DerValue.<init>(Unknown Source)
> at sun.security.util.DerValue.<init>(Unknown Source)
> at sun.security.pkcs12.PKCS12KeyStore.engineLoad(Unknown Source)
> at java.security.KeyStore.load(Unknown Source)
> at
>
> org.eclipse.jetty.util.security.CertificateUtils.getKeyStore(CertificateUtils.java:54)
> at
>
> org.eclipse.jetty.util.ssl.SslContextFactory.loadKeyStore(SslContextFactory.java:1188)
> at
>
> org.eclipse.jetty.util.ssl.SslContextFactory.load(SslContextFactory.java:323)
> at
>
> org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:245)
> at
>
> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72)
> at
>
> org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:169)
> at
>
> org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117)
> at
>
> org.eclipse.jetty.server.SslConnectionFactory.doStart(SslConnectionFactory.java:92)
> at
>
> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72)
> at
>
> org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:169)
> at
>
> org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117)
> at
>
> org.eclipse.jetty.server.AbstractConnector.doStart(AbstractConnector.java:320)
> at
>
> org.eclipse.jetty.server.AbstractNetworkConnector.doStart(AbstractNetworkConnector.java:81)
> at
> org.eclipse.jetty.server.ServerConnector.doStart(ServerConnector.java:231)
> at
>
> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72)
> at org.eclipse.jetty.server.Server.doStart(Server.java:385)
> at
>
> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72)
> at
>
> org.eclipse.jetty.xml.XmlConfiguration.lambda$main$0(XmlConfiguration.java:1888)
> ... 9 more
>
> Usage: java -jar $JETTY_HOME/start.jar [options] [properties] [configs]
> java -jar $JETTY_HOME/start.jar --help # for more information
>
> Regards,
> Edwin
>