You are viewing a plain text version of this content. The canonical link for it is here.
Posted to solr-user@lucene.apache.org by cyndefromva <cy...@gmail.com> on 2018/09/10 18:47:03 UTC
Unable to enable SSL with self-sign certs
I installed solr 5.4.1 and java 1.8 on its own linux server and used the
install_solr_service.sh file to install and setup solr. At this point I was
able to start the process and access the dashboard from a browser. After
shutting down solr I then attempted to enable SSL via the Enabling SSL
<https://lucene.apache.org/solr/guide/6_6/enabling-ssl.html> page using
self-signed certificates. But I am unable to start the process. Instead I
see the following in the solr.log file:
WARN: (main) AbstractLifeCycle FAILED
SslContextFactory@...(etc/solr-ssl.keystore.jks,) :
java.io.FileNotFoundException: /opt/solr-5.4.1/server (Is a directory)
java.io.FileNotFoundException: /opt/solr-5.4.1/server (Is a directory)
at java.io.FileInputStream.open0(Native Method)
at java.io.FileInputStream.open(FileInputStream.java:195)
...
WARN: (main) AbstractLifeCycle FAILED org.eclipse.jetty.server.Server@...
java.io.FileNotFoundException: /opt/solr-5.4.1/server (Is a directory)
java.io.FileNotFoundException: /opt/solr-5.4.1/server (Is a directory)
at java.io.FileInputStream.open0(Native Method)
at java.io.FileInputStream.open(FileInputStream.java:195)
The above jks is in the etc folder (/opt/solr-5.4.1/server/etc) and the
permissions are 644. The settings in the /etc/default/solr.in.sh file are as
follows:
SOLR_SSL_KEY_STORE=etc/solr-ssl.keystore.jks
SOLR_SSL_KEY_STORE_PASSWORD=...
SOLR_SSL_TRUS_STORE=etc/solr-ssl.keystore.jks
SOLR_SSL_TRUST_STORE_PASSWORD=...
SOLR_SSL_NEED_CLIENT_AUTH=false
SOLR_SSL_WANT_CLIENT_AUTH=false
I also tried the absolute path to the jks file
(/opt/solr-5.4.1/server/etc/solr-ssl.keystore.jks) and with and without
these two additional variables; to no avail:
SOLR_SSL_KEY_STORE_TYPE=JKS
SOLR_SSL_TRUST_STORE_TYPE=JKS
I then changed the permissions to the jks file to 666, with slightly
different but similar results:
WARN: (main) AbstractLifeCycle FAILED
SslContextFactory@...(/opt/solr-5.4.1/server/etc/solr-ssl.keystore.jks,) :
java.io.FileNotFoundException: /opt/solr-5.4.1/server (Is a directory)
java.io.FileNotFoundException: /opt/solr-5.4.1/server (Is a directory)
at java.io.FileInputStream.open0(Native Method)
at java.io.FileInputStream.open(FileInputStream.java:195)
...
WARN: (main) AbstractLifeCycle FAILED
SslConnectionFactory@...{SSL-http/1.1}: java.io.FileNotFoundException:
/opt/solr-5.4.1/server (Is a directory)
java.io.FileNotFoundException: /opt/solr-5.4.1/server (Is a directory)
at java.io.FileInputStream.open0(Native Method)
at java.io.FileInputStream.open(FileInputStream.java:195)
...
WARN: (main) AbstractLifeCycle FAILED
ServerConnector@...{SSL-http/1.1}{0.0.0.0:8982}:
java.io.FileNotFoundException: /opt/solr-5.4.1/server (Is a directory)
java.io.FileNotFoundException: /opt/solr-5.4.1/server (Is a directory)
at java.io.FileInputStream.open0(Native Method)
at java.io.FileInputStream.open(FileInputStream.java:195)
...
WARN: (main) AbstractLifeCycle FAILED org.eclipse.jetty.server.Server@...
java.io.FileNotFoundException: /opt/solr-5.4.1/server (Is a directory)
java.io.FileNotFoundException: /opt/solr-5.4.1/server (Is a directory)
at java.io.FileInputStream.open0(Native Method)
at java.io.FileInputStream.open(FileInputStream.java:195)
Anybody have any clues what I might be missing?
--
Sent from: http://lucene.472066.n3.nabble.com/Solr-User-f472068.html
Re: Unable to enable SSL with self-sign certs
Posted by Chris Hostetter <ho...@fucit.org>.
: WARN: (main) AbstractLifeCycle FAILED org.eclipse.jetty.server.Server@...
: java.io.FileNotFoundException: /opt/solr-5.4.1/server (Is a directory)
: java.io.FileNotFoundException: /opt/solr-5.4.1/server (Is a directory)
: at java.io.FileInputStream.open0(Native Method)
: at java.io.FileInputStream.open(FileInputStream.java:195)
:
: The above jks is in the etc folder (/opt/solr-5.4.1/server/etc) and the
: permissions are 644. The settings in the /etc/default/solr.in.sh file are as
: follows:
What are the owner/group/perms of all the following...
/opt/solr-5.4.1/server/etc/solr-ssl.keystore.jks
/opt/solr-5.4.1/server/etc
/opt/solr-5.4.1/server
/opt/solr-5.4.1
/opt
...because my best guess for why be a read perms issue on "solr-5.4.1"
preventing it from "finding" the server directory inside of it?
-Hoss
http://www.lucidworks.com/
Re: Unable to enable SSL with self-sign certs
Posted by cyndefromva <cy...@gmail.com>.
TRUS_STORE is a typo (I used what was already there, I just uncommented it).
I'm on a different network so I have to type everything by hand. I was
hoping I put enough already , but ugh... probably more typos to come. Here
it is:
2018-09-10 19:17:15.311 WARN: (main) [ ] o.e.j.u.c.AbstractLifeCycle
FAILED
SslContextFactory@...(/opt/solr-5.4.1/server/etc/solr-ssl.keystore.jks,) :
java.io.FileNotFoundException: /opt/solr-5.4.1/server (Is a directory)
java.io.FileNotFoundException: /opt/solr-5.4.1/server (Is a directory)
at java.io.FileInputStream.open0(Native Method)
at java.io.FileInputStream.open(FileInputStream.java:195)
at java.io.FileInputStream.<init>(FileInputStream.java:138)
at
org.eclipse.jetty.util.resource.FileResource.getInputStream(FileResource.java:290)
at
org.eclipse.jetty.util.security.CertificateUtils.getKeyStore(CertificateUtils.java:43)
at
org.eclipse.jetty.util.ssl.SslContextFactory.loadTrustStore(SslContextFactory.java:884)
at
org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:274)
at
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at
org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:132)
at
org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:114)
at
org.eclipse.jetty.server.SslConnectionFactory.doStart(SslConnectionFactory.java:64)
at
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at
org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:132)
at
org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:114)
at
org.eclipse.jetty.server.AbstractConnector.doStart(AbstractConnector.java:256)
at
org.eclipse.jetty.server.AbstractNetworkConnector.doStart(AbstractConnector.java:81)
at
org.eclipse.jetty.server.ServerConnector.doStart(AbstractConnector.java:236)
at
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at org.eclipse.jetty.server.Server.doStart(Server.java:366)
at
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at
org.eclipse.jetty.jetty.xml.XmlConfiguration$1.run(XmlConfiguration.java:1255)
at java.security.AccesController.doPrivileged(Native Method)
at
org.eclipse.jetty.jetty.xml.XmlConfiguration.main(XmlConfiguration.java:1174)
at sun.reflect.NativeMethodAccessImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessImpl.invoke(NativeMethodAccessImpl.java:62)
at
sun.reflect.DelegatingMethodAccessImpl.invoke(DelegatingMethodAccessImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.eclipse.jetty.start.Main.invokeMain(Main.java:321)
at org.eclipse.jetty.start.Main.start(Main.java:817)
at org.eclipse.jetty.start.Main.main(Main.java:112)
2018-09-10 19:17:15.323 WARN: (main) [ ] o.e.j.u.c.AbstractLifeCycle
FAILED
SslConnectionFactory@...{SSL-http/1.1}: java.io.FileNotFoundException:
/opt/solr-5.4.1/server (Is a directory)
java.io.FileNotFoundException: /opt/solr-5.4.1/server (Is a directory)
at java.io.FileInputStream.open0(Native Method)
at java.io.FileInputStream.open(FileInputStream.java:195)
at java.io.FileInputStream.<init>(FileInputStream.java:138)
at
org.eclipse.jetty.util.resource.FileResource.getInputStream(FileResource.java:290)
at
org.eclipse.jetty.util.security.CertificateUtils.getKeyStore(CertificateUtils.java:43)
at
org.eclipse.jetty.util.ssl.SslContextFactory.loadTrustStore(SslContextFactory.java:884)
at
org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:274)
at
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at
org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:132)
at
org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:114)
at
org.eclipse.jetty.server.SslConnectionFactory.doStart(SslConnectionFactory.java:64)
at
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at
org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:132)
at
org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:114)
at
org.eclipse.jetty.server.AbstractConnector.doStart(AbstractConnector.java:256)
at
org.eclipse.jetty.server.AbstractNetworkConnector.doStart(AbstractConnector.java:81)
at
org.eclipse.jetty.server.ServerConnector.doStart(AbstractConnector.java:236)
at
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at org.eclipse.jetty.server.Server.doStart(Server.java:366)
at
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at
org.eclipse.jetty.jetty.xml.XmlConfiguration$1.run(XmlConfiguration.java:1255)
at java.security.AccesController.doPrivileged(Native Method)
at
org.eclipse.jetty.jetty.xml.XmlConfiguration.main(XmlConfiguration.java:1174)
at sun.reflect.NativeMethodAccessImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessImpl.invoke(NativeMethodAccessImpl.java:62)
at
sun.reflect.DelegatingMethodAccessImpl.invoke(DelegatingMethodAccessImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.eclipse.jetty.start.Main.invokeMain(Main.java:321)
at org.eclipse.jetty.start.Main.start(Main.java:817)
at org.eclipse.jetty.start.Main.main(Main.java:112)
2018-09-10 19:17:15.324 WARN: (main) [ ] o.e.j.u.c.AbstractLifeCycle
FAILED
ServerConnector@...{SSL-http/1.1}{0.0.0.0:8982}:
java.io.FileNotFoundException: /opt/solr-5.4.1/server (Is a directory)
java.io.FileNotFoundException: /opt/solr-5.4.1/server (Is a directory)
at java.io.FileInputStream.open0(Native Method)
at java.io.FileInputStream.open(FileInputStream.java:195)
at java.io.FileInputStream.<init>(FileInputStream.java:138)
at
org.eclipse.jetty.util.resource.FileResource.getInputStream(FileResource.java:290)
at
org.eclipse.jetty.util.security.CertificateUtils.getKeyStore(CertificateUtils.java:43)
at
org.eclipse.jetty.util.ssl.SslContextFactory.loadTrustStore(SslContextFactory.java:884)
at
org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:274)
at
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at
org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:132)
at
org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:114)
at
org.eclipse.jetty.server.SslConnectionFactory.doStart(SslConnectionFactory.java:64)
at
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at
org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:132)
at
org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:114)
at
org.eclipse.jetty.server.AbstractConnector.doStart(AbstractConnector.java:256)
at
org.eclipse.jetty.server.AbstractNetworkConnector.doStart(AbstractConnector.java:81)
at
org.eclipse.jetty.server.ServerConnector.doStart(AbstractConnector.java:236)
at
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at org.eclipse.jetty.server.Server.doStart(Server.java:366)
at
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at
org.eclipse.jetty.jetty.xml.XmlConfiguration$1.run(XmlConfiguration.java:1255)
at java.security.AccesController.doPrivileged(Native Method)
at
org.eclipse.jetty.jetty.xml.XmlConfiguration.main(XmlConfiguration.java:1174)
at sun.reflect.NativeMethodAccessImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessImpl.invoke(NativeMethodAccessImpl.java:62)
at
sun.reflect.DelegatingMethodAccessImpl.invoke(DelegatingMethodAccessImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.eclipse.jetty.start.Main.invokeMain(Main.java:321)
at org.eclipse.jetty.start.Main.start(Main.java:817)
at org.eclipse.jetty.start.Main.main(Main.java:112)
2018-09-10 19:17:15.330 WARN: (main) [ ] o.e.j.u.c.AbstractLifeCycle
FAILED org.eclipse.jetty.server.Server@...
java.io.FileNotFoundException: /opt/solr-5.4.1/server (Is a directory)
java.io.FileNotFoundException: /opt/solr-5.4.1/server (Is a directory)
at java.io.FileInputStream.open0(Native Method)
at java.io.FileInputStream.open(FileInputStream.java:195)
at java.io.FileInputStream.<init>(FileInputStream.java:138)
at
org.eclipse.jetty.util.resource.FileResource.getInputStream(FileResource.java:290)
at
org.eclipse.jetty.util.security.CertificateUtils.getKeyStore(CertificateUtils.java:43)
at
org.eclipse.jetty.util.ssl.SslContextFactory.loadTrustStore(SslContextFactory.java:884)
at
org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:274)
at
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at
org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:132)
at
org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:114)
at
org.eclipse.jetty.server.SslConnectionFactory.doStart(SslConnectionFactory.java:64)
at
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at
org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:132)
at
org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:114)
at
org.eclipse.jetty.server.AbstractConnector.doStart(AbstractConnector.java:256)
at
org.eclipse.jetty.server.AbstractNetworkConnector.doStart(AbstractConnector.java:81)
at
org.eclipse.jetty.server.ServerConnector.doStart(AbstractConnector.java:236)
at
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at org.eclipse.jetty.server.Server.doStart(Server.java:366)
at
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at
org.eclipse.jetty.jetty.xml.XmlConfiguration$1.run(XmlConfiguration.java:1255)
at java.security.AccesController.doPrivileged(Native Method)
at
org.eclipse.jetty.jetty.xml.XmlConfiguration.main(XmlConfiguration.java:1174)
at sun.reflect.NativeMethodAccessImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessImpl.invoke(NativeMethodAccessImpl.java:62)
at
sun.reflect.DelegatingMethodAccessImpl.invoke(DelegatingMethodAccessImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.eclipse.jetty.start.Main.invokeMain(Main.java:321)
at org.eclipse.jetty.start.Main.start(Main.java:817)
at org.eclipse.jetty.start.Main.main(Main.java:112)
2018-09-10 19:17:15.332 INFO (coreLoadExecutor-6-thread-1) [ ]
o.a.s.c.SolrConfig current version of requestparams : -1
--
Sent from: http://lucene.472066.n3.nabble.com/Solr-User-f472068.html
Re: Unable to enable SSL with self-sign certs
Posted by Shawn Heisey <ap...@elyograg.org>.
On 9/10/2018 12:47 PM, cyndefromva wrote:
> I installed solr 5.4.1 and java 1.8 on its own linux server and used the
> install_solr_service.sh file to install and setup solr. At this point I was
> able to start the process and access the dashboard from a browser. After
> shutting down solr I then attempted to enable SSL via the Enabling SSL
> <https://lucene.apache.org/solr/guide/6_6/enabling-ssl.html> page using
> self-signed certificates. But I am unable to start the process. Instead I
> see the following in the solr.log file:
>
> WARN: (main) AbstractLifeCycle FAILED
> SslContextFactory@...(etc/solr-ssl.keystore.jks,) :
> java.io.FileNotFoundException: /opt/solr-5.4.1/server (Is a directory)
> java.io.FileNotFoundException: /opt/solr-5.4.1/server (Is a directory)
> at java.io.FileInputStream.open0(Native Method)
> at java.io.FileInputStream.open(FileInputStream.java:195)
> ...
You left out most of the error message. The entire thing is MANY lines
long and may have multiple "Caused by" sections each with their own
stacktrace.
The settings you mentioned have "SOLR_SSL_TRUS_STORE" ... which is a
typo -- missing the final T in TRUST. Is this what's actually in the
solr.in.sh file?
Except for that typo everything seems valid, so we will need the ENTIRE
error from the logfile. What you included above is also missing the
timestamp that is found on all log entries in solr.log, which has me
wondering why that is the case.
Thanks,
Shawn