Unable to enable SSL with self-sign certs

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Unable to enable SSL with self-sign certs

cyndefromva
This post was updated on .
CONTENTS DELETED
The author has deleted this message.
Reply | Threaded
Open this post in threaded view
|

Re: Unable to enable SSL with self-sign certs

Shawn Heisey-2
On 9/10/2018 12:47 PM, cyndefromva wrote:

> I installed solr 5.4.1 and java 1.8 on its own linux server and used the
> install_solr_service.sh file to install and setup solr. At this point I was
> able to start the process and access the dashboard from a browser. After
> shutting down solr I then attempted to enable SSL via the  Enabling SSL
> <https://lucene.apache.org/solr/guide/6_6/enabling-ssl.html>   page using
> self-signed certificates. But I am unable to start the process. Instead I
> see the following in the solr.log file:
>
> WARN: (main) AbstractLifeCycle FAILED
> SslContextFactory@...(etc/solr-ssl.keystore.jks,) :
> java.io.FileNotFoundException: /opt/solr-5.4.1/server (Is a directory)
> java.io.FileNotFoundException: /opt/solr-5.4.1/server (Is a directory)
>          at java.io.FileInputStream.open0(Native Method)
>          at java.io.FileInputStream.open(FileInputStream.java:195)
>          ...

You left out most of the error message.  The entire thing is MANY lines
long and may have multiple "Caused by" sections each with their own
stacktrace.

The settings you mentioned have "SOLR_SSL_TRUS_STORE" ... which is a
typo -- missing the final T in TRUST.  Is this what's actually in the
solr.in.sh file?

Except for that typo everything seems valid, so we will need the ENTIRE
error from the logfile.  What you included above is also missing the
timestamp that is found on all log entries in solr.log, which has me
wondering why that is the case.

Thanks,
Shawn

Reply | Threaded
Open this post in threaded view
|

Re: Unable to enable SSL with self-sign certs

cyndefromva
This post was updated on .
TRUS_STORE is a typo (I used what was already there, I just uncommented it). The application is on an internal network with no internet access so I had to type everything by hand. I was hoping I put enough already , but ugh... probably more typos to come. Here it is:

2018-09-10 19:17:15.311 WARN: (main) [   ] o.e.j.u.c.AbstractLifeCycle FAILED SslContextFactory@...(/opt/solr-5.4.1/server/etc/solr-ssl.keystore.jks,) : java.io.FileNotFoundException: /opt/solr-5.4.1/server (Is a directory)
java.io.FileNotFoundException: /opt/solr-5.4.1/server (Is a directory)
        at java.io.FileInputStream.open0(Native Method)
        at java.io.FileInputStream.open(FileInputStream.java:195)
        at java.io.FileInputStream.<init>(FileInputStream.java:138)
        at org.eclipse.jetty.util.resource.FileResource.getInputStream(FileResource.java:290)
        at org.eclipse.jetty.util.security.CertificateUtils.getKeyStore(CertificateUtils.java:43)
        at org.eclipse.jetty.util.ssl.SslContextFactory.loadTrustStore(SslContextFactory.java:884)
        at org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:274)
        at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
        at org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:132)
        at org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:114)
        at org.eclipse.jetty.server.SslConnectionFactory.doStart(SslConnectionFactory.java:64)
        at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
        at org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:132)
        at org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:114)
        at org.eclipse.jetty.server.AbstractConnector.doStart(AbstractConnector.java:256)
        at org.eclipse.jetty.server.AbstractNetworkConnector.doStart(AbstractConnector.java:81)
        at org.eclipse.jetty.server.ServerConnector.doStart(AbstractConnector.java:236)
        at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
        at org.eclipse.jetty.server.Server.doStart(Server.java:366)
        at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
        at org.eclipse.jetty.jetty.xml.XmlConfiguration$1.run(XmlConfiguration.java:1255)
        at java.security.AccesController.doPrivileged(Native Method)
        at org.eclipse.jetty.jetty.xml.XmlConfiguration.main(XmlConfiguration.java:1174)
        at sun.reflect.NativeMethodAccessImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessImpl.invoke(NativeMethodAccessImpl.java:62)
        at sun.reflect.DelegatingMethodAccessImpl.invoke(DelegatingMethodAccessImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:498)
        at org.eclipse.jetty.start.Main.invokeMain(Main.java:321)
        at org.eclipse.jetty.start.Main.start(Main.java:817)
        at org.eclipse.jetty.start.Main.main(Main.java:112)
2018-09-10 19:17:15.323 WARN: (main) [   ] o.e.j.u.c.AbstractLifeCycle FAILED SslConnectionFactory@...{SSL-http/1.1}: java.io.FileNotFoundException: /opt/solr-5.4.1/server (Is a directory)
java.io.FileNotFoundException: /opt/solr-5.4.1/server (Is a directory)
        at java.io.FileInputStream.open0(Native Method)
        at java.io.FileInputStream.open(FileInputStream.java:195)
        at java.io.FileInputStream.<init>(FileInputStream.java:138)
        at org.eclipse.jetty.util.resource.FileResource.getInputStream(FileResource.java:290)
        at org.eclipse.jetty.util.security.CertificateUtils.getKeyStore(CertificateUtils.java:43)
        at org.eclipse.jetty.util.ssl.SslContextFactory.loadTrustStore(SslContextFactory.java:884)
        at org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:274)
        at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
        at org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:132)
        at org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:114)
        at org.eclipse.jetty.server.SslConnectionFactory.doStart(SslConnectionFactory.java:64)
        at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
        at org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:132)
        at org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:114)
        at org.eclipse.jetty.server.AbstractConnector.doStart(AbstractConnector.java:256)
        at org.eclipse.jetty.server.AbstractNetworkConnector.doStart(AbstractConnector.java:81)
        at org.eclipse.jetty.server.ServerConnector.doStart(AbstractConnector.java:236)
        at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
        at org.eclipse.jetty.server.Server.doStart(Server.java:366)
        at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
        at org.eclipse.jetty.jetty.xml.XmlConfiguration$1.run(XmlConfiguration.java:1255)
        at java.security.AccesController.doPrivileged(Native Method)
        at org.eclipse.jetty.jetty.xml.XmlConfiguration.main(XmlConfiguration.java:1174)
        at sun.reflect.NativeMethodAccessImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessImpl.invoke(NativeMethodAccessImpl.java:62)
        at sun.reflect.DelegatingMethodAccessImpl.invoke(DelegatingMethodAccessImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:498)
        at org.eclipse.jetty.start.Main.invokeMain(Main.java:321)
        at org.eclipse.jetty.start.Main.start(Main.java:817)
        at org.eclipse.jetty.start.Main.main(Main.java:112)
2018-09-10 19:17:15.324 WARN: (main) [   ] o.e.j.u.c.AbstractLifeCycle FAILED ServerConnector@...{SSL-http/1.1}{0.0.0.0:8982}: java.io.FileNotFoundException: /opt/solr-5.4.1/server (Is a directory)
java.io.FileNotFoundException: /opt/solr-5.4.1/server (Is a directory)
        at java.io.FileInputStream.open0(Native Method)
        at java.io.FileInputStream.open(FileInputStream.java:195)
        at java.io.FileInputStream.<init>(FileInputStream.java:138)
        at org.eclipse.jetty.util.resource.FileResource.getInputStream(FileResource.java:290)
        at org.eclipse.jetty.util.security.CertificateUtils.getKeyStore(CertificateUtils.java:43)
        at org.eclipse.jetty.util.ssl.SslContextFactory.loadTrustStore(SslContextFactory.java:884)
        at org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:274)
        at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
        at org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:132)
        at org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:114)
        at org.eclipse.jetty.server.SslConnectionFactory.doStart(SslConnectionFactory.java:64)
        at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
        at org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:132)
        at org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:114)
        at org.eclipse.jetty.server.AbstractConnector.doStart(AbstractConnector.java:256)
        at org.eclipse.jetty.server.AbstractNetworkConnector.doStart(AbstractConnector.java:81)
        at org.eclipse.jetty.server.ServerConnector.doStart(AbstractConnector.java:236)
        at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
        at org.eclipse.jetty.server.Server.doStart(Server.java:366)
        at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
        at org.eclipse.jetty.jetty.xml.XmlConfiguration$1.run(XmlConfiguration.java:1255)
        at java.security.AccesController.doPrivileged(Native Method)
        at org.eclipse.jetty.jetty.xml.XmlConfiguration.main(XmlConfiguration.java:1174)
        at sun.reflect.NativeMethodAccessImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessImpl.invoke(NativeMethodAccessImpl.java:62)
        at sun.reflect.DelegatingMethodAccessImpl.invoke(DelegatingMethodAccessImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:498)
        at org.eclipse.jetty.start.Main.invokeMain(Main.java:321)
        at org.eclipse.jetty.start.Main.start(Main.java:817)
        at org.eclipse.jetty.start.Main.main(Main.java:112)
2018-09-10 19:17:15.330 WARN: (main) [   ] o.e.j.u.c.AbstractLifeCycle FAILED org.eclipse.jetty.server.Server@... java.io.FileNotFoundException: /opt/solr-5.4.1/server (Is a directory)
java.io.FileNotFoundException: /opt/solr-5.4.1/server (Is a directory)
        at java.io.FileInputStream.open0(Native Method)
        at java.io.FileInputStream.open(FileInputStream.java:195)
        at java.io.FileInputStream.<init>(FileInputStream.java:138)
        at org.eclipse.jetty.util.resource.FileResource.getInputStream(FileResource.java:290)
        at org.eclipse.jetty.util.security.CertificateUtils.getKeyStore(CertificateUtils.java:43)
        at org.eclipse.jetty.util.ssl.SslContextFactory.loadTrustStore(SslContextFactory.java:884)
        at org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:274)
        at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
        at org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:132)
        at org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:114)
        at org.eclipse.jetty.server.SslConnectionFactory.doStart(SslConnectionFactory.java:64)
        at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
        at org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:132)
        at org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:114)
        at org.eclipse.jetty.server.AbstractConnector.doStart(AbstractConnector.java:256)
        at org.eclipse.jetty.server.AbstractNetworkConnector.doStart(AbstractConnector.java:81)
        at org.eclipse.jetty.server.ServerConnector.doStart(AbstractConnector.java:236)
        at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
        at org.eclipse.jetty.server.Server.doStart(Server.java:366)
        at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
        at org.eclipse.jetty.jetty.xml.XmlConfiguration$1.run(XmlConfiguration.java:1255)
        at java.security.AccesController.doPrivileged(Native Method)
        at org.eclipse.jetty.jetty.xml.XmlConfiguration.main(XmlConfiguration.java:1174)
        at sun.reflect.NativeMethodAccessImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessImpl.invoke(NativeMethodAccessImpl.java:62)
        at sun.reflect.DelegatingMethodAccessImpl.invoke(DelegatingMethodAccessImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:498)
        at org.eclipse.jetty.start.Main.invokeMain(Main.java:321)
        at org.eclipse.jetty.start.Main.start(Main.java:817)
        at org.eclipse.jetty.start.Main.main(Main.java:112)
2018-09-10 19:17:15.332 INFO  (coreLoadExecutor-6-thread-1) [  ] o.a.s.c.SolrConfig current version of requestparams : -1




--
Sent from: http://lucene.472066.n3.nabble.com/Solr-User-f472068.html
Reply | Threaded
Open this post in threaded view
|

Re: Unable to enable SSL with self-sign certs

Chris Hostetter-3
In reply to this post by cyndefromva

: WARN: (main) AbstractLifeCycle FAILED org.eclipse.jetty.server.Server@...
: java.io.FileNotFoundException: /opt/solr-5.4.1/server (Is a directory)
: java.io.FileNotFoundException: /opt/solr-5.4.1/server (Is a directory)
:         at java.io.FileInputStream.open0(Native Method)
:         at java.io.FileInputStream.open(FileInputStream.java:195)
:
: The above jks is in the etc folder (/opt/solr-5.4.1/server/etc) and the
: permissions are 644. The settings in the /etc/default/solr.in.sh file are as
: follows:

What are the owner/group/perms of all the following...

/opt/solr-5.4.1/server/etc/solr-ssl.keystore.jks
/opt/solr-5.4.1/server/etc
/opt/solr-5.4.1/server
/opt/solr-5.4.1
/opt

...because my best guess for why be a read perms issue on "solr-5.4.1"
preventing it from "finding" the server directory inside of it?



-Hoss
http://www.lucidworks.com/