Uploaded image for project: 'HBase'
  1. HBase
  2. HBASE-27782

During SSL handshake error, netty complains that exceptionCaught() was not handled

    XMLWordPrintableJSON

Details

    • Reviewed

    Description

      I was chaos testing the new native TLS, forcing a certificate to expire and fail handshake. The handshake failure properly causes submitted requests to fail, but I see the following "unhandled exception" like message:

      WARN  o.a.h.t.i.n.c.DefaultChannelPipeline - An exceptionCaught() event was fired, and it reached at the tail of the pipeline. It usually means the last handler in the pipeline did not handle the exception.
      org.apache.hbase.thirdparty.io.netty.handler.codec.DecoderException: javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_expired
              at org.apache.hbase.thirdparty.io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:499)
              at org.apache.hbase.thirdparty.io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:290)
              at org.apache.hbase.thirdparty.io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:444)
              at org.apache.hbase.thirdparty.io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420)
              at org.apache.hbase.thirdparty.io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:412)
              at org.apache.hbase.thirdparty.io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1410)
              at org.apache.hbase.thirdparty.io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:440)
              at org.apache.hbase.thirdparty.io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420)
              at org.apache.hbase.thirdparty.io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:919)
              at org.apache.hbase.thirdparty.io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:166)
              at org.apache.hbase.thirdparty.io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:788)
              at org.apache.hbase.thirdparty.io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:724)
              at org.apache.hbase.thirdparty.io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:650)
              at org.apache.hbase.thirdparty.io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:562)
              at org.apache.hbase.thirdparty.io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:997)
              at org.apache.hbase.thirdparty.io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74)
              at org.apache.hbase.thirdparty.io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
              at java.base/java.lang.Thread.run(Thread.java:833)
      Caused by: javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_expired
              at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131)
              at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117)
              at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:358)
              at java.base/sun.security.ssl.Alert$AlertConsumer.consume(Alert.java:293)
              at java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:204)
              at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:172)
              at java.base/sun.security.ssl.SSLEngineImpl.decode(SSLEngineImpl.java:736)
              at java.base/sun.security.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:691)
              at java.base/sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:506)
              at java.base/sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:482)
              at java.base/javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:679)
              at org.apache.hbase.thirdparty.io.netty.handler.ssl.SslHandler$SslEngineType$3.unwrap(SslHandler.java:296)
              at org.apache.hbase.thirdparty.io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1343)
              at org.apache.hbase.thirdparty.io.netty.handler.ssl.SslHandler.decodeJdkCompatible(SslHandler.java:1236)
              at org.apache.hbase.thirdparty.io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1285)
              at org.apache.hbase.thirdparty.io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:529)
              at org.apache.hbase.thirdparty.io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:468)
              ... 17 common frames omitted

      Attachments

        Issue Links

          Activity

            People

              zhangduo Duo Zhang
              bbeaudreault Bryan Beaudreault
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: