Details
-
Bug
-
Status: Open
-
Major
-
Resolution: Unresolved
-
3.9.0, 3.9.1, 3.9.2
-
None
-
None
Description
TLS is not established after the following warning message:
{{2024-09-06 20:55:34,307 [myid:] - WARN [epollEventLoopGroup-4-1:o.a.z.s.NettyServerCnxnFactory$CnxnChannelHandler@302] - Exception }}
{{caught }}
io.netty.handler.codec.DecoderException: javax.net.ssl.SSLHandshakeException: The client supported protocol versions [TLSv1.2] are not accepted by server preferences [TLS13] {}
{{ at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:499) }}
{{ at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:290) }}
{{ at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:444) }}
{{ at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420) }}
{{ at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:412) }}
{{ at io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1410) }}
{{ at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:440) }}
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420)
During the startup, zookeeper logs:
{{2024-09-06 20:54:49,778 [myid:] - INFO [main:o.a.z.c.X509Util@110] - Default TLS protocol is TLSv1.3, supported TLS protocols are [ }}
TLSv1.3, TLSv1.2, TLSv1.1, TLSv1, SSLv3, SSLv2Hello]
This was noticed on the following environment:
- Zookeeper Client (3.9.0) - Zookeeper Server (3.9.1): When Zookeeper server is running with Java 21. Client java version does not matter. This works with Java 17.
- Zookeeper Client (3.9.1) - Zookeeper Server (3.9.2): It happens for Java 17 and Java 21