You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@pulsar.apache.org by GitBox <gi...@apache.org> on 2021/04/23 05:09:26 UTC

[GitHub] [pulsar] lhotari commented on issue #9720: [jdk11] Test failure KeyStoreTlsProducerConsumerTestWithAuth on JDK11: Received fatal alert: handshake_failure

lhotari commented on issue #9720:
URL: https://github.com/apache/pulsar/issues/9720#issuecomment-825389817


   The client key and certificate in `src/test/resources/authentication/keystoretls/client.keystore.jks` are invalid for TLSv1.3.
   
   The public key is "DSA 1024 bits" and signature algorithm is "SHA1WITHRSA". Both DS and SHA1 are prohibited in TLSv1.3.
   ![image](https://user-images.githubusercontent.com/66864/115820789-39b93780-a40a-11eb-96a3-9bb840dc0196.png)
   
   However I'm not sure why this problems comes up only on JDK11 since newer Java 8 versions contain TLSv1.3 as well. A similar problem showed up on Java 8 when TLSv1.3 was rolled out on new Java 8 updates: #8580 .
   
   I'll recreate the keys again with a valid public key type (RSA 2048) and signature algorithm (SHA256) to see if the problem gets fixed.
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org