You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@lucene.apache.org by "Jan Høydahl (Jira)" <ji...@apache.org> on 2019/12/17 15:21:00 UTC
[jira] [Created] (SOLR-14106) SSL with SOLR_SSL_NEED_CLIENT_AUTH
not working since v8.2.0
Jan Høydahl created SOLR-14106:
----------------------------------
Summary: SSL with SOLR_SSL_NEED_CLIENT_AUTH not working since v8.2.0
Key: SOLR-14106
URL: https://issues.apache.org/jira/browse/SOLR-14106
Project: Solr
Issue Type: Bug
Security Level: Public (Default Security Level. Issues are Public)
Affects Versions: 8.3.1, 8.2
Reporter: Jan Høydahl
For a client we use SSL certificate authentication with Solr through the {{SOLR_SSL_NEED_CLIENT_AUTH=true}} setting. The client must then prove through a local pem file that it has the correct client certificate.
This works well until Solr 8.1.1, but fails with Solr 8.2 and also 8.3.1. There has been a Jetty upgrade from from jetty-9.4.14 to jetty-9.4.19 and I see some deprecation warnings in the log of 8.3.1:
{noformat}
o.e.j.x.XmlConfiguration Deprecated method public void org.eclipse.jetty.util.ssl.SslContextFactory.setWantClientAuth(boolean) in file:///opt/solr-8.3.1/server/etc/jetty-ssl.xml
{noformat}
I have made a simple reproduction script using Docker to reproduce first the 8.1.1 behaviour that succeeds, then 8.3.1 which fails:
{code}
wget https://www.dropbox.com/s/fkjcez1i5anh42i/tls.tgz
tar -xvzf tls.tgz
cd tls
./repro.sh
{code}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@lucene.apache.org
For additional commands, e-mail: issues-help@lucene.apache.org