Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SSL Certificate not found when specifying native executable path #161

Open
kumarad opened this issue Nov 28, 2017 · 1 comment
Open

SSL Certificate not found when specifying native executable path #161

kumarad opened this issue Nov 28, 2017 · 1 comment
Labels
bug

Comments

@kumarad
Copy link

kumarad commented Nov 28, 2017

With the latest changes to KinesisProducer.java, the producer is unable to find the SSL certificate when specifying the tempDirectory and nativeExecutable in KinesisProducerConfiguration. This in turn causes a curl error code 60 (Peer certificate cannot be authenticated with known CA certificates) when the producer tries to publish records to kinesis.

Prior to the latest update, the KinesisProducer constructor would set CA_DIR to pathToTmpDir in the environment map passed to the Daemon. However, with the latest changes, the constructor sets CA_DIR to a value returned by KinesisProducer.extractBinaries(). The problem is this method returns an empty string if the configuration has nativeExecutable set.

Our infrastructure is built on the previous logic and we are wondering if KinesisProducer.extractBinaries() could return pathToTmpDir when the nativeExecutable path is defined.

Currently the only work around is for us to disable verifyCertificate in the configuration which we would rather not do.

For reference, the constructor:

    public KinesisProducer(KinesisProducerConfiguration config) {
        this.config = config;
        
        String caDirectory = extractBinaries();
        
        env = new ImmutableMap.Builder<String, String>()
                .put("LD_LIBRARY_PATH", pathToLibDir)
                .put("DYLD_LIBRARY_PATH", pathToLibDir)
                .put("CA_DIR", caDirectory)
                .build();
        
        child = new Daemon(pathToExecutable, new MessageHandler(), pathToTmpDir, config, env);
    }

The KinesisProducer.extractBinaries() snippet that is causing the issue:

           if (binPath != null && !binPath.trim().isEmpty()) {
                pathToExecutable = binPath.trim();
                log.warn("Using non-default native binary at " + pathToExecutable);
                pathToLibDir = "";
                return "";
            }
@pfifer
Copy link
Contributor

pfifer commented Dec 18, 2017

Thanks for reporting this, we're looking into this.

@pfifer pfifer added the bug label Dec 18, 2017
@kumarad kumarad mentioned this issue Jan 10, 2018
Open
@pfifer pfifer mentioned this issue Jan 18, 2018
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@kumarad @pfifer