You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@flink.apache.org by Igal Shilman <ig...@apache.org> on 2021/12/03 15:14:49 UTC
Re: Stateful function endpoint self-signed certificate problem
Hi Deniz,
My apologies for the late reply, I assume that by now you have figured this
out since I've seen your followup question :-)
StateFun uses the trust store configured in the JVM, so if you can install
your certificate there, StateFun should transparently pick it up.
Good luck,
Igal.
On Fri, Nov 26, 2021 at 10:23 AM Deniz Koçak <le...@gmail.com> wrote:
> Hi,
>
> We have been running a simple stateful functions (version 3.0.0) job,
> which simply forwards the incoming messages via Kafka source to an
> HTTPS endpoint on AWS. Our HTTP endpoint is behind a Load Balancer on
> AWS and this Load Balancer is listening on 443 for incoming HTTPS
> traffic. Certificate used by the LB, was created by our organization
> so its a self signed one.
>
> Therefore, whenever stateful function tries to make a call to load
> balancer on ort 443, it gives the exception below
>
> javax.net.ssl.SSLHandshakeException: PKIX path building failed:
> sun.security.provider.certpath.SunCertPathBuilderException: unable to
> find valid certification path to requested target
>
> I wonder how can I solve that problem or at least is it possible to
> ignore the self-signed cert. issue via module configuration?
>
> spec:
> endpoints:
> - endpoint:
> meta:
> kind: http
> spec:
> functions: prebet/*
> urlPathTemplate: https://AWS-LoadBalancer-Internal-Hostname
> call: 10 min
>
> Thanks,
>
Re: Stateful function endpoint self-signed certificate problem
Posted by Deniz Koçak <le...@gmail.com>.
Hi Igal,
Thanks for the response, we sorted it out by deploying the required
certs. to our images.
Thanks,
Deniz
On Fri, Dec 3, 2021 at 3:15 PM Igal Shilman <ig...@apache.org> wrote:
>
> Hi Deniz,
> My apologies for the late reply, I assume that by now you have figured this out since I've seen your followup question :-)
>
> StateFun uses the trust store configured in the JVM, so if you can install your certificate there, StateFun should transparently pick it up.
>
> Good luck,
> Igal.
>
> On Fri, Nov 26, 2021 at 10:23 AM Deniz Koçak <le...@gmail.com> wrote:
>>
>> Hi,
>>
>> We have been running a simple stateful functions (version 3.0.0) job,
>> which simply forwards the incoming messages via Kafka source to an
>> HTTPS endpoint on AWS. Our HTTP endpoint is behind a Load Balancer on
>> AWS and this Load Balancer is listening on 443 for incoming HTTPS
>> traffic. Certificate used by the LB, was created by our organization
>> so its a self signed one.
>>
>> Therefore, whenever stateful function tries to make a call to load
>> balancer on ort 443, it gives the exception below
>>
>> javax.net.ssl.SSLHandshakeException: PKIX path building failed:
>> sun.security.provider.certpath.SunCertPathBuilderException: unable to
>> find valid certification path to requested target
>>
>> I wonder how can I solve that problem or at least is it possible to
>> ignore the self-signed cert. issue via module configuration?
>>
>> spec:
>> endpoints:
>> - endpoint:
>> meta:
>> kind: http
>> spec:
>> functions: prebet/*
>> urlPathTemplate: https://AWS-LoadBalancer-Internal-Hostname
>> call: 10 min
>>
>> Thanks,