You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@solr.apache.org by Keerthi Turakapalli <tk...@opentext.com.INVALID> on 2023/02/02 03:45:24 UTC
Re: [EXTERNAL] - Re: Connection to SSL enabled solr9 is failing
Hi,
I need a subscription to ask solr related queries to the dev team. Please do the needful.
Thanks & Regards,
Keerthi Turakapalli
________________________________
From: Jan Høydahl <ja...@cominvent.com>
Sent: 01 February 2023 15:53
To: dev@solr.apache.org <de...@solr.apache.org>
Cc: Keerthi Turakapalli <tk...@opentext.com>
Subject: Re: [EXTERNAL] - Re: Connection to SSL enabled solr9 is failing
CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe. If you feel that the email is suspicious, please report it using PhishAlarm.
Yes, to communicate on this list (or ideally you should use the users@solr.apache.org list), you first need to subscribe.
Normally replies go only to the list. Sometimes there can be a reply-all, but I only used that this time because I suspected that you were not subscribed.
See https://solr.apache.org/community.html#mailing-lists-chat for the subscribe procedure. I recommend filing questions to the 'users' list.
My previous reply can be seen in the archives, which are also linked from the page above.
Jan
1. feb. 2023 kl. 05:57 skrev Keerthi Turakapalli <tk...@opentext.com>:
Hi Jan,
The last time I sent a mail to "dev@solr.apache.org<ma...@solr.apache.org>", I received a mail from David Smiley without subscribing to any list. Can you please reply with the solution to this email?
If it is mandatory to subscribe to any list, please let me know the process.
Thanks & Regards,
Keerthi Turakapalli
________________________________
From: Jan Høydahl <ja...@cominvent.com>>
Sent: 31 January 2023 21:56
To: dev@solr.apache.org<ma...@solr.apache.org> <de...@solr.apache.org>>
Cc: Keerthi Turakapalli <tk...@opentext.com>>
Subject: [EXTERNAL] - Re: Connection to SSL enabled solr9 is failing
CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe. If you feel that the email is suspicious, please report it using PhishAlarm.
I did reply to your email on Jan 24th. If you subscribe to the list you will see the answer.
Jan Høydahl
> 31. jan. 2023 kl. 16:06 skrev Keerthi Turakapalli <tk...@opentext.com.invalid>:
>
> FYI
> Can you please respond to this mail?
>
> Thanks & Regards,
> Keerthi Turakapalli
>
> ________________________________
> From: Keerthi Turakapalli
> Sent: 24 January 2023 17:13
> To: dev@solr.apache.org <de...@solr.apache.org>
> Cc: Sangisetti Ramana <sr...@opentext.com>; Santosh Kumar Siliveru <ss...@opentext.com>; Dhoka Pramod <dp...@opentext.com>
> Subject: Connection to SSL enabled solr9 is failing
>
> Hi,
>
> In solr8.11.2 we were using the below code where the HttpClient object is created with SSLContextFactory to connect to ssl enabled solr.
>
> Code Snippet using solr 8.11.2:
>
>
> builder = new CloudSolrClient.Builder(Collections.singletonList(mServerDetails.getZookeeperUrl()), Optional.empty())
> .withHttpClient(getSecureClient())
>
> reutrn builder.build();
>
> private CloseableHttpClient getSecureClient() {
> CloseableHttpClient cHttpClient = null;
> try {
> TrustStrategy acceptingTrustStrategy = (cert, authType) -> true;
> SSLContext sslContext = SSLContexts.custom().loadTrustMaterial(null, acceptingTrustStrategy).build();
> SSLConnectionSocketFactory sslConnectionSocketFactory = new SSLConnectionSocketFactory(sslContext, new DefaultHostnameVerifier());
> Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create().
> register(SCHEMA_HTTPS, sslConnectionSocketFactory).build();
> BasicHttpClientConnectionManager connectionManager = new BasicHttpClientConnectionManager(socketFactoryRegistry);
> cHttpClient = HttpClients.custom().setSSLSocketFactory(sslConnectionSocketFactory).setConnectionManager(connectionManager).build();
> } catch(NoSuchAlgorithmException | KeyStoreException | KeyManagementException ex)
> {
> mLogger.atError().log("Processing httpclient failed.: {}", ex);
> }
> return cHttpClient;
> }
>
> However, withHttpClient() in solr9.1.0 got updated and it is only accepting Http2SolrClient instead of HttpClient.
> Following the documentation here:
> https://urldefense.com/v3/__https://solr.apache.org/guide/solr/latest/deployment-guide/solrj.html__;!!Obbck6kTJA!eykdZGgOz94z4G0X4QLnsirk3BgvVuaEYvz3Teqh7SbcqB4xooNFmoSIwz050T0G_wrqpgISWPDEZnIZtkw$
>
> We tried to connect to ssl enabled solr using,
>
> This code leads to an NPE:
>
>
> List<String> list = new ArrayList<>();
> list.add(mServerDetails.getZookeeperUrl());
> CloudHttp2SolrClient.Builder newBuilder = new CloudHttp2SolrClient.Builder(list, Optional.empty());
> return newBuilder.build();
>
> This code is throwing below "Missing SSLContextFactory" error. Please find the stacktrace,
> =====================================================
>
> DEBUG | 2023-01-24 14:31:50 | [Thread-175] impl.SolrServiceImpl (SolrServiceImpl.java:474) - Zookeeper Protocol: HTTPS, enableSSLFlag: true
> ERROR | 2023-01-24 14:31:50 | [Thread-175] impl.SolrServiceImpl (SolrServiceImpl.java:218) - Failed to get the cluster status from the server.
> org.apache.solr.client.solrj.SolrServerException: java.lang.NullPointerException: Missing SslContextFactory
> at org.apache.solr.client.solrj.impl.LBSolrClient.doRequest(LBSolrClient.java:445) ~[?:?]
> at org.apache.solr.client.solrj.impl.LBSolrClient.request(LBSolrClient.java:371) ~[?:?]
> at org.apache.solr.client.solrj.impl.CloudSolrClient.sendRequest(CloudSolrClient.java:1174) ~[?:?]
> at org.apache.solr.client.solrj.impl.CloudSolrClient.requestWithRetryOnStaleState(CloudSolrClient.java:880) ~[?:?]
> at org.apache.solr.client.solrj.impl.CloudSolrClient.request(CloudSolrClient.java:807) ~[?:?]
> at org.apache.solr.client.solrj.SolrRequest.process(SolrRequest.java:234) ~[?:?]
> at org.apache.solr.client.solrj.SolrRequest.process(SolrRequest.java:249) ~[?:?]
>
> at com.zerog.ia.installer.actions.CustomAction.installSelf(Unknown Source) ~[installer.zip:?]
> at com.zerog.ia.installer.util.GenericInstallPanel$2.run(Unknown Source) ~[installer.zip:?]
>
> Caused by: java.lang.NullPointerException: Missing SslContextFactory
> at java.util.Objects.requireNonNull(Objects.java:246) ~[?:?]
> at org.eclipse.jetty.io.ssl.SslClientConnectionFactory.<init>(SslClientConnectionFactory.java:57) ~[?:?]
> at org.eclipse.jetty.client.HttpClient.newSslClientConnectionFactory(HttpClient.java:1208) ~[?:?]
> at org.eclipse.jetty.client.HttpClient.newSslClientConnectionFactory(HttpClient.java:1214) ~[?:?]
> at org.eclipse.jetty.client.HttpDestination.newSslClientConnectionFactory(HttpDestination.java:148) ~[?:?]
> at org.eclipse.jetty.client.HttpDestination.newSslClientConnectionFactory(HttpDestination.java:154) ~[?:?]
> at org.eclipse.jetty.client.HttpDestination.<init>(HttpDestination.java:94) ~[?:?]
> at org.eclipse.jetty.client.MultiplexHttpDestination.<init>(MultiplexHttpDestination.java:25) ~[?:?]
> at org.eclipse.jetty.http2.client.http.HttpDestinationOverHTTP2.<init>(HttpDestinationOverHTTP2.java:32) ~[?:?]
> at org.eclipse.jetty.http2.client.http.HttpClientTransportOverHTTP2.newHttpDestination(HttpClientTransportOverHTTP2.java:128) ~[?:?]
> at org.eclipse.jetty.client.HttpClient.lambda$resolveDestination$0(HttpClient.java:575) ~[?:?]
> at java.util.concurrent.ConcurrentHashMap.computeIfAbsent(ConcurrentHashMap.java:1705) ~[?:?]
> at org.eclipse.jetty.client.HttpClient.resolveDestination(HttpClient.java:573) ~[?:?]
> at org.eclipse.jetty.client.HttpClient.resolveDestination(HttpClient.java:551) ~[?:?]
> at org.eclipse.jetty.client.HttpClient.send(HttpClient.java:599) ~[?:?]
> at org.eclipse.jetty.client.HttpRequest.sendAsync(HttpRequest.java:780) ~[?:?]
> at org.eclipse.jetty.client.HttpRequest.send(HttpRequest.java:767) ~[?:?]
> at org.apache.solr.client.solrj.impl.Http2SolrClient.request(Http2SolrClient.java:455) ~[?:?]
> at org.apache.solr.client.solrj.impl.LBSolrClient.doRequest(LBSolrClient.java:405) ~[?:?]
> ============================================
>
> Here it is expecting SSLContextFactory while connecting to solr with the zookeeper host. We also tried to use the method "withSSLConfig(sslConfig)" in Http2SolrClient class. But the usage is something like
>
> <
> new Http2SolrClient.Builder().build;
>
> public Builder withSSLConfig(SSLConfig sslConfig) {
> this.sslConfig = sslConfig;
> return this;
> }
>>
>
> Here withSSLConfig() method requiring SSLConfig object containing parameters like authClient, keystore, keystorePassword, trustore, truststorePassword. If this method is to be used, where and what values are expected here? However, to call this method in Builder() by default it is assigning defaultSSLConf. What does this do?
>
> Could you please let us know how to Build a CloudSlrClient object with SSLConfig that can connect to SSL enabled solr9 machine with zookeeper URL?
> Or is it mandated to pass solr URL's?
>
> Thanks & Regards,
> Keerthi Turakapalli
>
Re: [EXTERNAL] - Re: Connection to SSL enabled solr9 is failing
Posted by Keerthi Turakapalli <tk...@opentext.com.INVALID>.
Hi,
We used legacyCloudSOlrClient and still seeing issues. We want a proper fix for this SSL connection as CloudLegacySolrClient is deprecated.
Please let us know other ways to fix the SSL connection issue.
Thanks & Regards,
Keerthi Turakapalli
________________________________
From: Jan Høydahl <ja...@cominvent.com>
Sent: 02 February 2023 14:52
To: dev@solr.apache.org <de...@solr.apache.org>
Subject: Re: [EXTERNAL] - Re: Connection to SSL enabled solr9 is failing
CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe. If you feel that the email is suspicious, please report it using PhishAlarm.
Welcome to the list Keerthi!
I'll repeat my first reply here :)
You can try using CloudLegacySolrClient as a start, which is exactly like in 8.x. But you'll need to figure out SSL with Http2SolrClient sooner or later since it is deprecated.
Jan
> 2. feb. 2023 kl. 05:40 skrev Keerthi Turakapalli <tk...@opentext.com.INVALID>:
>
> Hi,
> I have subscribed to the dev list, can you please reply to my below-mentioned query in this thread?
>
> Thanks & Regards,
> Keerthi Turakapalli
>
> ________________________________
> From: Keerthi Turakapalli <tk...@opentext.com>
> Sent: 02 February 2023 09:15
> To: dev-subscribe@solr.apache.org <de...@solr.apache.org>; users@solr.apache.org <us...@solr.apache.org>
> Cc: Jan Høydahl <ja...@cominvent.com>; Sangisetti Ramana <sr...@opentext.com>
> Subject: Re: [EXTERNAL] - Re: Connection to SSL enabled solr9 is failing
>
> Hi,
> I need a subscription to ask solr related queries to the dev team. Please do the needful.
>
>
> Thanks & Regards,
> Keerthi Turakapalli
>
> ________________________________
> From: Jan Høydahl <ja...@cominvent.com>
> Sent: 01 February 2023 15:53
> To: dev@solr.apache.org <de...@solr.apache.org>
> Cc: Keerthi Turakapalli <tk...@opentext.com>
> Subject: Re: [EXTERNAL] - Re: Connection to SSL enabled solr9 is failing
>
> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe. If you feel that the email is suspicious, please report it using PhishAlarm.
>
> Yes, to communicate on this list (or ideally you should use the users@solr.apache.org list), you first need to subscribe.
> Normally replies go only to the list. Sometimes there can be a reply-all, but I only used that this time because I suspected that you were not subscribed.
>
> See https://urldefense.com/v3/__https://solr.apache.org/community.html*mailing-lists-chat__;Iw!!Obbck6kTJA!ZoGMjMoeEeOgV6OmqgeSHHn-d_f3PvNnTyWWz2K2VyqtOm926MywbhJE3w3hdfENDWC_llvaoQCqSCYFmw8$ for the subscribe procedure. I recommend filing questions to the 'users' list.
>
> My previous reply can be seen in the archives, which are also linked from the page above.
>
> Jan
>
> 1. feb. 2023 kl. 05:57 skrev Keerthi Turakapalli <tk...@opentext.com>:
>
> Hi Jan,
> The last time I sent a mail to "dev@solr.apache.org<ma...@solr.apache.org>", I received a mail from David Smiley without subscribing to any list. Can you please reply with the solution to this email?
> If it is mandatory to subscribe to any list, please let me know the process.
>
> Thanks & Regards,
> Keerthi Turakapalli
>
> ________________________________
> From: Jan Høydahl <ja...@cominvent.com>>
> Sent: 31 January 2023 21:56
> To: dev@solr.apache.org<ma...@solr.apache.org> <de...@solr.apache.org>>
> Cc: Keerthi Turakapalli <tk...@opentext.com>>
> Subject: [EXTERNAL] - Re: Connection to SSL enabled solr9 is failing
>
> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe. If you feel that the email is suspicious, please report it using PhishAlarm.
>
>
> I did reply to your email on Jan 24th. If you subscribe to the list you will see the answer.
>
> Jan Høydahl
>
>> 31. jan. 2023 kl. 16:06 skrev Keerthi Turakapalli <tk...@opentext.com.invalid>:
>>
>> FYI
>> Can you please respond to this mail?
>>
>> Thanks & Regards,
>> Keerthi Turakapalli
>>
>> ________________________________
>> From: Keerthi Turakapalli
>> Sent: 24 January 2023 17:13
>> To: dev@solr.apache.org <de...@solr.apache.org>
>> Cc: Sangisetti Ramana <sr...@opentext.com>; Santosh Kumar Siliveru <ss...@opentext.com>; Dhoka Pramod <dp...@opentext.com>
>> Subject: Connection to SSL enabled solr9 is failing
>>
>> Hi,
>>
>> In solr8.11.2 we were using the below code where the HttpClient object is created with SSLContextFactory to connect to ssl enabled solr.
>>
>> Code Snippet using solr 8.11.2:
>>
>>
>> builder = new CloudSolrClient.Builder(Collections.singletonList(mServerDetails.getZookeeperUrl()), Optional.empty())
>> .withHttpClient(getSecureClient())
>>
>> reutrn builder.build();
>>
>> private CloseableHttpClient getSecureClient() {
>> CloseableHttpClient cHttpClient = null;
>> try {
>> TrustStrategy acceptingTrustStrategy = (cert, authType) -> true;
>> SSLContext sslContext = SSLContexts.custom().loadTrustMaterial(null, acceptingTrustStrategy).build();
>> SSLConnectionSocketFactory sslConnectionSocketFactory = new SSLConnectionSocketFactory(sslContext, new DefaultHostnameVerifier());
>> Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create().
>> register(SCHEMA_HTTPS, sslConnectionSocketFactory).build();
>> BasicHttpClientConnectionManager connectionManager = new BasicHttpClientConnectionManager(socketFactoryRegistry);
>> cHttpClient = HttpClients.custom().setSSLSocketFactory(sslConnectionSocketFactory).setConnectionManager(connectionManager).build();
>> } catch(NoSuchAlgorithmException | KeyStoreException | KeyManagementException ex)
>> {
>> mLogger.atError().log("Processing httpclient failed.: {}", ex);
>> }
>> return cHttpClient;
>> }
>>
>> However, withHttpClient() in solr9.1.0 got updated and it is only accepting Http2SolrClient instead of HttpClient.
>> Following the documentation here:
>> https://urldefense.com/v3/__https://solr.apache.org/guide/solr/latest/deployment-guide/solrj.html__;!!Obbck6kTJA!eykdZGgOz94z4G0X4QLnsirk3BgvVuaEYvz3Teqh7SbcqB4xooNFmoSIwz050T0G_wrqpgISWPDEZnIZtkw$
>>
>> We tried to connect to ssl enabled solr using,
>>
>> This code leads to an NPE:
>>
>>
>> List<String> list = new ArrayList<>();
>> list.add(mServerDetails.getZookeeperUrl());
>> CloudHttp2SolrClient.Builder newBuilder = new CloudHttp2SolrClient.Builder(list, Optional.empty());
>> return newBuilder.build();
>>
>> This code is throwing below "Missing SSLContextFactory" error. Please find the stacktrace,
>> =====================================================
>>
>> DEBUG | 2023-01-24 14:31:50 | [Thread-175] impl.SolrServiceImpl (SolrServiceImpl.java:474) - Zookeeper Protocol: HTTPS, enableSSLFlag: true
>> ERROR | 2023-01-24 14:31:50 | [Thread-175] impl.SolrServiceImpl (SolrServiceImpl.java:218) - Failed to get the cluster status from the server.
>> org.apache.solr.client.solrj.SolrServerException: java.lang.NullPointerException: Missing SslContextFactory
>> at org.apache.solr.client.solrj.impl.LBSolrClient.doRequest(LBSolrClient.java:445) ~[?:?]
>> at org.apache.solr.client.solrj.impl.LBSolrClient.request(LBSolrClient.java:371) ~[?:?]
>> at org.apache.solr.client.solrj.impl.CloudSolrClient.sendRequest(CloudSolrClient.java:1174) ~[?:?]
>> at org.apache.solr.client.solrj.impl.CloudSolrClient.requestWithRetryOnStaleState(CloudSolrClient.java:880) ~[?:?]
>> at org.apache.solr.client.solrj.impl.CloudSolrClient.request(CloudSolrClient.java:807) ~[?:?]
>> at org.apache.solr.client.solrj.SolrRequest.process(SolrRequest.java:234) ~[?:?]
>> at org.apache.solr.client.solrj.SolrRequest.process(SolrRequest.java:249) ~[?:?]
>>
>> at com.zerog.ia.installer.actions.CustomAction.installSelf(Unknown Source) ~[installer.zip:?]
>> at com.zerog.ia.installer.util.GenericInstallPanel$2.run(Unknown Source) ~[installer.zip:?]
>>
>> Caused by: java.lang.NullPointerException: Missing SslContextFactory
>> at java.util.Objects.requireNonNull(Objects.java:246) ~[?:?]
>> at org.eclipse.jetty.io.ssl.SslClientConnectionFactory.<init>(SslClientConnectionFactory.java:57) ~[?:?]
>> at org.eclipse.jetty.client.HttpClient.newSslClientConnectionFactory(HttpClient.java:1208) ~[?:?]
>> at org.eclipse.jetty.client.HttpClient.newSslClientConnectionFactory(HttpClient.java:1214) ~[?:?]
>> at org.eclipse.jetty.client.HttpDestination.newSslClientConnectionFactory(HttpDestination.java:148) ~[?:?]
>> at org.eclipse.jetty.client.HttpDestination.newSslClientConnectionFactory(HttpDestination.java:154) ~[?:?]
>> at org.eclipse.jetty.client.HttpDestination.<init>(HttpDestination.java:94) ~[?:?]
>> at org.eclipse.jetty.client.MultiplexHttpDestination.<init>(MultiplexHttpDestination.java:25) ~[?:?]
>> at org.eclipse.jetty.http2.client.http.HttpDestinationOverHTTP2.<init>(HttpDestinationOverHTTP2.java:32) ~[?:?]
>> at org.eclipse.jetty.http2.client.http.HttpClientTransportOverHTTP2.newHttpDestination(HttpClientTransportOverHTTP2.java:128) ~[?:?]
>> at org.eclipse.jetty.client.HttpClient.lambda$resolveDestination$0(HttpClient.java:575) ~[?:?]
>> at java.util.concurrent.ConcurrentHashMap.computeIfAbsent(ConcurrentHashMap.java:1705) ~[?:?]
>> at org.eclipse.jetty.client.HttpClient.resolveDestination(HttpClient.java:573) ~[?:?]
>> at org.eclipse.jetty.client.HttpClient.resolveDestination(HttpClient.java:551) ~[?:?]
>> at org.eclipse.jetty.client.HttpClient.send(HttpClient.java:599) ~[?:?]
>> at org.eclipse.jetty.client.HttpRequest.sendAsync(HttpRequest.java:780) ~[?:?]
>> at org.eclipse.jetty.client.HttpRequest.send(HttpRequest.java:767) ~[?:?]
>> at org.apache.solr.client.solrj.impl.Http2SolrClient.request(Http2SolrClient.java:455) ~[?:?]
>> at org.apache.solr.client.solrj.impl.LBSolrClient.doRequest(LBSolrClient.java:405) ~[?:?]
>> ============================================
>>
>> Here it is expecting SSLContextFactory while connecting to solr with the zookeeper host. We also tried to use the method "withSSLConfig(sslConfig)" in Http2SolrClient class. But the usage is something like
>>
>> <
>> new Http2SolrClient.Builder().build;
>>
>> public Builder withSSLConfig(SSLConfig sslConfig) {
>> this.sslConfig = sslConfig;
>> return this;
>> }
>>>
>>
>> Here withSSLConfig() method requiring SSLConfig object containing parameters like authClient, keystore, keystorePassword, trustore, truststorePassword. If this method is to be used, where and what values are expected here? However, to call this method in Builder() by default it is assigning defaultSSLConf. What does this do?
>>
>> Could you please let us know how to Build a CloudSlrClient object with SSLConfig that can connect to SSL enabled solr9 machine with zookeeper URL?
>> Or is it mandated to pass solr URL's?
>>
>> Thanks & Regards,
>> Keerthi Turakapalli
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@solr.apache.org
For additional commands, e-mail: dev-help@solr.apache.org
Re: [EXTERNAL] - Re: Connection to SSL enabled solr9 is failing
Posted by Jan Høydahl <ja...@cominvent.com>.
Welcome to the list Keerthi!
I'll repeat my first reply here :)
You can try using CloudLegacySolrClient as a start, which is exactly like in 8.x. But you'll need to figure out SSL with Http2SolrClient sooner or later since it is deprecated.
Jan
> 2. feb. 2023 kl. 05:40 skrev Keerthi Turakapalli <tk...@opentext.com.INVALID>:
>
> Hi,
> I have subscribed to the dev list, can you please reply to my below-mentioned query in this thread?
>
> Thanks & Regards,
> Keerthi Turakapalli
>
> ________________________________
> From: Keerthi Turakapalli <tk...@opentext.com>
> Sent: 02 February 2023 09:15
> To: dev-subscribe@solr.apache.org <de...@solr.apache.org>; users@solr.apache.org <us...@solr.apache.org>
> Cc: Jan Høydahl <ja...@cominvent.com>; Sangisetti Ramana <sr...@opentext.com>
> Subject: Re: [EXTERNAL] - Re: Connection to SSL enabled solr9 is failing
>
> Hi,
> I need a subscription to ask solr related queries to the dev team. Please do the needful.
>
>
> Thanks & Regards,
> Keerthi Turakapalli
>
> ________________________________
> From: Jan Høydahl <ja...@cominvent.com>
> Sent: 01 February 2023 15:53
> To: dev@solr.apache.org <de...@solr.apache.org>
> Cc: Keerthi Turakapalli <tk...@opentext.com>
> Subject: Re: [EXTERNAL] - Re: Connection to SSL enabled solr9 is failing
>
> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe. If you feel that the email is suspicious, please report it using PhishAlarm.
>
> Yes, to communicate on this list (or ideally you should use the users@solr.apache.org list), you first need to subscribe.
> Normally replies go only to the list. Sometimes there can be a reply-all, but I only used that this time because I suspected that you were not subscribed.
>
> See https://solr.apache.org/community.html#mailing-lists-chat for the subscribe procedure. I recommend filing questions to the 'users' list.
>
> My previous reply can be seen in the archives, which are also linked from the page above.
>
> Jan
>
> 1. feb. 2023 kl. 05:57 skrev Keerthi Turakapalli <tk...@opentext.com>:
>
> Hi Jan,
> The last time I sent a mail to "dev@solr.apache.org<ma...@solr.apache.org>", I received a mail from David Smiley without subscribing to any list. Can you please reply with the solution to this email?
> If it is mandatory to subscribe to any list, please let me know the process.
>
> Thanks & Regards,
> Keerthi Turakapalli
>
> ________________________________
> From: Jan Høydahl <ja...@cominvent.com>>
> Sent: 31 January 2023 21:56
> To: dev@solr.apache.org<ma...@solr.apache.org> <de...@solr.apache.org>>
> Cc: Keerthi Turakapalli <tk...@opentext.com>>
> Subject: [EXTERNAL] - Re: Connection to SSL enabled solr9 is failing
>
> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe. If you feel that the email is suspicious, please report it using PhishAlarm.
>
>
> I did reply to your email on Jan 24th. If you subscribe to the list you will see the answer.
>
> Jan Høydahl
>
>> 31. jan. 2023 kl. 16:06 skrev Keerthi Turakapalli <tk...@opentext.com.invalid>:
>>
>> FYI
>> Can you please respond to this mail?
>>
>> Thanks & Regards,
>> Keerthi Turakapalli
>>
>> ________________________________
>> From: Keerthi Turakapalli
>> Sent: 24 January 2023 17:13
>> To: dev@solr.apache.org <de...@solr.apache.org>
>> Cc: Sangisetti Ramana <sr...@opentext.com>; Santosh Kumar Siliveru <ss...@opentext.com>; Dhoka Pramod <dp...@opentext.com>
>> Subject: Connection to SSL enabled solr9 is failing
>>
>> Hi,
>>
>> In solr8.11.2 we were using the below code where the HttpClient object is created with SSLContextFactory to connect to ssl enabled solr.
>>
>> Code Snippet using solr 8.11.2:
>>
>>
>> builder = new CloudSolrClient.Builder(Collections.singletonList(mServerDetails.getZookeeperUrl()), Optional.empty())
>> .withHttpClient(getSecureClient())
>>
>> reutrn builder.build();
>>
>> private CloseableHttpClient getSecureClient() {
>> CloseableHttpClient cHttpClient = null;
>> try {
>> TrustStrategy acceptingTrustStrategy = (cert, authType) -> true;
>> SSLContext sslContext = SSLContexts.custom().loadTrustMaterial(null, acceptingTrustStrategy).build();
>> SSLConnectionSocketFactory sslConnectionSocketFactory = new SSLConnectionSocketFactory(sslContext, new DefaultHostnameVerifier());
>> Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create().
>> register(SCHEMA_HTTPS, sslConnectionSocketFactory).build();
>> BasicHttpClientConnectionManager connectionManager = new BasicHttpClientConnectionManager(socketFactoryRegistry);
>> cHttpClient = HttpClients.custom().setSSLSocketFactory(sslConnectionSocketFactory).setConnectionManager(connectionManager).build();
>> } catch(NoSuchAlgorithmException | KeyStoreException | KeyManagementException ex)
>> {
>> mLogger.atError().log("Processing httpclient failed.: {}", ex);
>> }
>> return cHttpClient;
>> }
>>
>> However, withHttpClient() in solr9.1.0 got updated and it is only accepting Http2SolrClient instead of HttpClient.
>> Following the documentation here:
>> https://urldefense.com/v3/__https://solr.apache.org/guide/solr/latest/deployment-guide/solrj.html__;!!Obbck6kTJA!eykdZGgOz94z4G0X4QLnsirk3BgvVuaEYvz3Teqh7SbcqB4xooNFmoSIwz050T0G_wrqpgISWPDEZnIZtkw$
>>
>> We tried to connect to ssl enabled solr using,
>>
>> This code leads to an NPE:
>>
>>
>> List<String> list = new ArrayList<>();
>> list.add(mServerDetails.getZookeeperUrl());
>> CloudHttp2SolrClient.Builder newBuilder = new CloudHttp2SolrClient.Builder(list, Optional.empty());
>> return newBuilder.build();
>>
>> This code is throwing below "Missing SSLContextFactory" error. Please find the stacktrace,
>> =====================================================
>>
>> DEBUG | 2023-01-24 14:31:50 | [Thread-175] impl.SolrServiceImpl (SolrServiceImpl.java:474) - Zookeeper Protocol: HTTPS, enableSSLFlag: true
>> ERROR | 2023-01-24 14:31:50 | [Thread-175] impl.SolrServiceImpl (SolrServiceImpl.java:218) - Failed to get the cluster status from the server.
>> org.apache.solr.client.solrj.SolrServerException: java.lang.NullPointerException: Missing SslContextFactory
>> at org.apache.solr.client.solrj.impl.LBSolrClient.doRequest(LBSolrClient.java:445) ~[?:?]
>> at org.apache.solr.client.solrj.impl.LBSolrClient.request(LBSolrClient.java:371) ~[?:?]
>> at org.apache.solr.client.solrj.impl.CloudSolrClient.sendRequest(CloudSolrClient.java:1174) ~[?:?]
>> at org.apache.solr.client.solrj.impl.CloudSolrClient.requestWithRetryOnStaleState(CloudSolrClient.java:880) ~[?:?]
>> at org.apache.solr.client.solrj.impl.CloudSolrClient.request(CloudSolrClient.java:807) ~[?:?]
>> at org.apache.solr.client.solrj.SolrRequest.process(SolrRequest.java:234) ~[?:?]
>> at org.apache.solr.client.solrj.SolrRequest.process(SolrRequest.java:249) ~[?:?]
>>
>> at com.zerog.ia.installer.actions.CustomAction.installSelf(Unknown Source) ~[installer.zip:?]
>> at com.zerog.ia.installer.util.GenericInstallPanel$2.run(Unknown Source) ~[installer.zip:?]
>>
>> Caused by: java.lang.NullPointerException: Missing SslContextFactory
>> at java.util.Objects.requireNonNull(Objects.java:246) ~[?:?]
>> at org.eclipse.jetty.io.ssl.SslClientConnectionFactory.<init>(SslClientConnectionFactory.java:57) ~[?:?]
>> at org.eclipse.jetty.client.HttpClient.newSslClientConnectionFactory(HttpClient.java:1208) ~[?:?]
>> at org.eclipse.jetty.client.HttpClient.newSslClientConnectionFactory(HttpClient.java:1214) ~[?:?]
>> at org.eclipse.jetty.client.HttpDestination.newSslClientConnectionFactory(HttpDestination.java:148) ~[?:?]
>> at org.eclipse.jetty.client.HttpDestination.newSslClientConnectionFactory(HttpDestination.java:154) ~[?:?]
>> at org.eclipse.jetty.client.HttpDestination.<init>(HttpDestination.java:94) ~[?:?]
>> at org.eclipse.jetty.client.MultiplexHttpDestination.<init>(MultiplexHttpDestination.java:25) ~[?:?]
>> at org.eclipse.jetty.http2.client.http.HttpDestinationOverHTTP2.<init>(HttpDestinationOverHTTP2.java:32) ~[?:?]
>> at org.eclipse.jetty.http2.client.http.HttpClientTransportOverHTTP2.newHttpDestination(HttpClientTransportOverHTTP2.java:128) ~[?:?]
>> at org.eclipse.jetty.client.HttpClient.lambda$resolveDestination$0(HttpClient.java:575) ~[?:?]
>> at java.util.concurrent.ConcurrentHashMap.computeIfAbsent(ConcurrentHashMap.java:1705) ~[?:?]
>> at org.eclipse.jetty.client.HttpClient.resolveDestination(HttpClient.java:573) ~[?:?]
>> at org.eclipse.jetty.client.HttpClient.resolveDestination(HttpClient.java:551) ~[?:?]
>> at org.eclipse.jetty.client.HttpClient.send(HttpClient.java:599) ~[?:?]
>> at org.eclipse.jetty.client.HttpRequest.sendAsync(HttpRequest.java:780) ~[?:?]
>> at org.eclipse.jetty.client.HttpRequest.send(HttpRequest.java:767) ~[?:?]
>> at org.apache.solr.client.solrj.impl.Http2SolrClient.request(Http2SolrClient.java:455) ~[?:?]
>> at org.apache.solr.client.solrj.impl.LBSolrClient.doRequest(LBSolrClient.java:405) ~[?:?]
>> ============================================
>>
>> Here it is expecting SSLContextFactory while connecting to solr with the zookeeper host. We also tried to use the method "withSSLConfig(sslConfig)" in Http2SolrClient class. But the usage is something like
>>
>> <
>> new Http2SolrClient.Builder().build;
>>
>> public Builder withSSLConfig(SSLConfig sslConfig) {
>> this.sslConfig = sslConfig;
>> return this;
>> }
>>>
>>
>> Here withSSLConfig() method requiring SSLConfig object containing parameters like authClient, keystore, keystorePassword, trustore, truststorePassword. If this method is to be used, where and what values are expected here? However, to call this method in Builder() by default it is assigning defaultSSLConf. What does this do?
>>
>> Could you please let us know how to Build a CloudSlrClient object with SSLConfig that can connect to SSL enabled solr9 machine with zookeeper URL?
>> Or is it mandated to pass solr URL's?
>>
>> Thanks & Regards,
>> Keerthi Turakapalli
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@solr.apache.org
For additional commands, e-mail: dev-help@solr.apache.org
Re: [EXTERNAL] - Re: Connection to SSL enabled solr9 is failing
Posted by Keerthi Turakapalli <tk...@opentext.com.INVALID>.
Hi,
I have subscribed to the dev list, can you please reply to my below-mentioned query in this thread?
Thanks & Regards,
Keerthi Turakapalli
________________________________
From: Keerthi Turakapalli <tk...@opentext.com>
Sent: 02 February 2023 09:15
To: dev-subscribe@solr.apache.org <de...@solr.apache.org>; users@solr.apache.org <us...@solr.apache.org>
Cc: Jan Høydahl <ja...@cominvent.com>; Sangisetti Ramana <sr...@opentext.com>
Subject: Re: [EXTERNAL] - Re: Connection to SSL enabled solr9 is failing
Hi,
I need a subscription to ask solr related queries to the dev team. Please do the needful.
Thanks & Regards,
Keerthi Turakapalli
________________________________
From: Jan Høydahl <ja...@cominvent.com>
Sent: 01 February 2023 15:53
To: dev@solr.apache.org <de...@solr.apache.org>
Cc: Keerthi Turakapalli <tk...@opentext.com>
Subject: Re: [EXTERNAL] - Re: Connection to SSL enabled solr9 is failing
CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe. If you feel that the email is suspicious, please report it using PhishAlarm.
Yes, to communicate on this list (or ideally you should use the users@solr.apache.org list), you first need to subscribe.
Normally replies go only to the list. Sometimes there can be a reply-all, but I only used that this time because I suspected that you were not subscribed.
See https://solr.apache.org/community.html#mailing-lists-chat for the subscribe procedure. I recommend filing questions to the 'users' list.
My previous reply can be seen in the archives, which are also linked from the page above.
Jan
1. feb. 2023 kl. 05:57 skrev Keerthi Turakapalli <tk...@opentext.com>:
Hi Jan,
The last time I sent a mail to "dev@solr.apache.org<ma...@solr.apache.org>", I received a mail from David Smiley without subscribing to any list. Can you please reply with the solution to this email?
If it is mandatory to subscribe to any list, please let me know the process.
Thanks & Regards,
Keerthi Turakapalli
________________________________
From: Jan Høydahl <ja...@cominvent.com>>
Sent: 31 January 2023 21:56
To: dev@solr.apache.org<ma...@solr.apache.org> <de...@solr.apache.org>>
Cc: Keerthi Turakapalli <tk...@opentext.com>>
Subject: [EXTERNAL] - Re: Connection to SSL enabled solr9 is failing
CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe. If you feel that the email is suspicious, please report it using PhishAlarm.
I did reply to your email on Jan 24th. If you subscribe to the list you will see the answer.
Jan Høydahl
> 31. jan. 2023 kl. 16:06 skrev Keerthi Turakapalli <tk...@opentext.com.invalid>:
>
> FYI
> Can you please respond to this mail?
>
> Thanks & Regards,
> Keerthi Turakapalli
>
> ________________________________
> From: Keerthi Turakapalli
> Sent: 24 January 2023 17:13
> To: dev@solr.apache.org <de...@solr.apache.org>
> Cc: Sangisetti Ramana <sr...@opentext.com>; Santosh Kumar Siliveru <ss...@opentext.com>; Dhoka Pramod <dp...@opentext.com>
> Subject: Connection to SSL enabled solr9 is failing
>
> Hi,
>
> In solr8.11.2 we were using the below code where the HttpClient object is created with SSLContextFactory to connect to ssl enabled solr.
>
> Code Snippet using solr 8.11.2:
>
>
> builder = new CloudSolrClient.Builder(Collections.singletonList(mServerDetails.getZookeeperUrl()), Optional.empty())
> .withHttpClient(getSecureClient())
>
> reutrn builder.build();
>
> private CloseableHttpClient getSecureClient() {
> CloseableHttpClient cHttpClient = null;
> try {
> TrustStrategy acceptingTrustStrategy = (cert, authType) -> true;
> SSLContext sslContext = SSLContexts.custom().loadTrustMaterial(null, acceptingTrustStrategy).build();
> SSLConnectionSocketFactory sslConnectionSocketFactory = new SSLConnectionSocketFactory(sslContext, new DefaultHostnameVerifier());
> Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create().
> register(SCHEMA_HTTPS, sslConnectionSocketFactory).build();
> BasicHttpClientConnectionManager connectionManager = new BasicHttpClientConnectionManager(socketFactoryRegistry);
> cHttpClient = HttpClients.custom().setSSLSocketFactory(sslConnectionSocketFactory).setConnectionManager(connectionManager).build();
> } catch(NoSuchAlgorithmException | KeyStoreException | KeyManagementException ex)
> {
> mLogger.atError().log("Processing httpclient failed.: {}", ex);
> }
> return cHttpClient;
> }
>
> However, withHttpClient() in solr9.1.0 got updated and it is only accepting Http2SolrClient instead of HttpClient.
> Following the documentation here:
> https://urldefense.com/v3/__https://solr.apache.org/guide/solr/latest/deployment-guide/solrj.html__;!!Obbck6kTJA!eykdZGgOz94z4G0X4QLnsirk3BgvVuaEYvz3Teqh7SbcqB4xooNFmoSIwz050T0G_wrqpgISWPDEZnIZtkw$
>
> We tried to connect to ssl enabled solr using,
>
> This code leads to an NPE:
>
>
> List<String> list = new ArrayList<>();
> list.add(mServerDetails.getZookeeperUrl());
> CloudHttp2SolrClient.Builder newBuilder = new CloudHttp2SolrClient.Builder(list, Optional.empty());
> return newBuilder.build();
>
> This code is throwing below "Missing SSLContextFactory" error. Please find the stacktrace,
> =====================================================
>
> DEBUG | 2023-01-24 14:31:50 | [Thread-175] impl.SolrServiceImpl (SolrServiceImpl.java:474) - Zookeeper Protocol: HTTPS, enableSSLFlag: true
> ERROR | 2023-01-24 14:31:50 | [Thread-175] impl.SolrServiceImpl (SolrServiceImpl.java:218) - Failed to get the cluster status from the server.
> org.apache.solr.client.solrj.SolrServerException: java.lang.NullPointerException: Missing SslContextFactory
> at org.apache.solr.client.solrj.impl.LBSolrClient.doRequest(LBSolrClient.java:445) ~[?:?]
> at org.apache.solr.client.solrj.impl.LBSolrClient.request(LBSolrClient.java:371) ~[?:?]
> at org.apache.solr.client.solrj.impl.CloudSolrClient.sendRequest(CloudSolrClient.java:1174) ~[?:?]
> at org.apache.solr.client.solrj.impl.CloudSolrClient.requestWithRetryOnStaleState(CloudSolrClient.java:880) ~[?:?]
> at org.apache.solr.client.solrj.impl.CloudSolrClient.request(CloudSolrClient.java:807) ~[?:?]
> at org.apache.solr.client.solrj.SolrRequest.process(SolrRequest.java:234) ~[?:?]
> at org.apache.solr.client.solrj.SolrRequest.process(SolrRequest.java:249) ~[?:?]
>
> at com.zerog.ia.installer.actions.CustomAction.installSelf(Unknown Source) ~[installer.zip:?]
> at com.zerog.ia.installer.util.GenericInstallPanel$2.run(Unknown Source) ~[installer.zip:?]
>
> Caused by: java.lang.NullPointerException: Missing SslContextFactory
> at java.util.Objects.requireNonNull(Objects.java:246) ~[?:?]
> at org.eclipse.jetty.io.ssl.SslClientConnectionFactory.<init>(SslClientConnectionFactory.java:57) ~[?:?]
> at org.eclipse.jetty.client.HttpClient.newSslClientConnectionFactory(HttpClient.java:1208) ~[?:?]
> at org.eclipse.jetty.client.HttpClient.newSslClientConnectionFactory(HttpClient.java:1214) ~[?:?]
> at org.eclipse.jetty.client.HttpDestination.newSslClientConnectionFactory(HttpDestination.java:148) ~[?:?]
> at org.eclipse.jetty.client.HttpDestination.newSslClientConnectionFactory(HttpDestination.java:154) ~[?:?]
> at org.eclipse.jetty.client.HttpDestination.<init>(HttpDestination.java:94) ~[?:?]
> at org.eclipse.jetty.client.MultiplexHttpDestination.<init>(MultiplexHttpDestination.java:25) ~[?:?]
> at org.eclipse.jetty.http2.client.http.HttpDestinationOverHTTP2.<init>(HttpDestinationOverHTTP2.java:32) ~[?:?]
> at org.eclipse.jetty.http2.client.http.HttpClientTransportOverHTTP2.newHttpDestination(HttpClientTransportOverHTTP2.java:128) ~[?:?]
> at org.eclipse.jetty.client.HttpClient.lambda$resolveDestination$0(HttpClient.java:575) ~[?:?]
> at java.util.concurrent.ConcurrentHashMap.computeIfAbsent(ConcurrentHashMap.java:1705) ~[?:?]
> at org.eclipse.jetty.client.HttpClient.resolveDestination(HttpClient.java:573) ~[?:?]
> at org.eclipse.jetty.client.HttpClient.resolveDestination(HttpClient.java:551) ~[?:?]
> at org.eclipse.jetty.client.HttpClient.send(HttpClient.java:599) ~[?:?]
> at org.eclipse.jetty.client.HttpRequest.sendAsync(HttpRequest.java:780) ~[?:?]
> at org.eclipse.jetty.client.HttpRequest.send(HttpRequest.java:767) ~[?:?]
> at org.apache.solr.client.solrj.impl.Http2SolrClient.request(Http2SolrClient.java:455) ~[?:?]
> at org.apache.solr.client.solrj.impl.LBSolrClient.doRequest(LBSolrClient.java:405) ~[?:?]
> ============================================
>
> Here it is expecting SSLContextFactory while connecting to solr with the zookeeper host. We also tried to use the method "withSSLConfig(sslConfig)" in Http2SolrClient class. But the usage is something like
>
> <
> new Http2SolrClient.Builder().build;
>
> public Builder withSSLConfig(SSLConfig sslConfig) {
> this.sslConfig = sslConfig;
> return this;
> }
>>
>
> Here withSSLConfig() method requiring SSLConfig object containing parameters like authClient, keystore, keystorePassword, trustore, truststorePassword. If this method is to be used, where and what values are expected here? However, to call this method in Builder() by default it is assigning defaultSSLConf. What does this do?
>
> Could you please let us know how to Build a CloudSlrClient object with SSLConfig that can connect to SSL enabled solr9 machine with zookeeper URL?
> Or is it mandated to pass solr URL's?
>
> Thanks & Regards,
> Keerthi Turakapalli
>