You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm not all that familiar with redis or redisson yet. A previous team worked towards using redis with a cluster mode enabled cluster in AWS. It's redisson in in a java app. I'm continuing it by deploying new redis instances and upgrading redisson.
The intent is to use it for session storage with tomcat by adding the redisson jar to the tomcat/lib directory and adding the redisson config file to the tomcat/conf directory.
Encountering this.
Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem at sun.security.ssl.Alerts.getSSLException(Alerts.java:198) at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1728) at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:333) at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:325) at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1689) at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:226) at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1082) at sun.security.ssl.Handshaker$1.run(Handshaker.java:1015) at sun.security.ssl.Handshaker$1.run(Handshaker.java:1012) at java.security.AccessController.doPrivileged(Native Method) at sun.security.ssl.Handshaker$DelegatedTask.run(Handshaker.java:1520) at io.netty.handler.ssl.SslHandler.runDelegatedTasks(SslHandler.java:1559) at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1405) ... 21 more Caused by: java.security.cert.CertificateException: No subject alternative names matching IP address 172.18.5.12 found at sun.security.util.HostnameChecker.matchIP(HostnameChecker.java:168) at sun.security.util.HostnameChecker.match(HostnameChecker.java:94) at sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:459) at sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:440) at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:284) at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:144) at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1676) ... 29 more
Here's some info about the cluster configuration in the aws console. It's tab separated. It can likely be pasted into a spreadsheet easily to view better.
`
Name Type NodesPerShard Slots/Keyspaces Zone Status ARN ParameterGroupstatus Endpoint CreatedDate
repgroup1-0001 Shard 2 0-8191 - Available - - - -
repgroup1-0001-001 Node - - us-east-1a Available arn:aws:elasticache:us-east-1:0123456789012:cluster:repgroup1-0001-001 In-sync repgroup1-0001-001.repgroup1.u2zidke.use1.cache.amazonaws.com:6379 June 9, 2023, 10:52:05 (UTC-04:00)
repgroup1-0001-002 Node - - us-east-1b Available arn:aws:elasticache:us-east-1:0123456789012:cluster:repgroup1-0001-002 In-sync repgroup1-0001-002.repgroup1.u2zidke.use1.cache.amazonaws.com:6379 June 9, 2023, 10:52:05 (UTC-04:00)
repgroup1-0002 Shard 2 8192-16383 - Available - - - -
repgroup1-0002-001 Node - - us-east-1b Available arn:aws:elasticache:us-east-1:0123456789012:cluster:repgroup1-0002-001 In-sync repgroup1-0002-001.repgroup1.u2zidke.use1.cache.amazonaws.com:6379 June 9, 2023, 10:52:05 (UTC-04:00)
repgroup1-0002-002 Node - - us-east-1a Available arn:aws:elasticache:us-east-1:0123456789012:cluster:repgroup1-0002-002 In-sync repgroup1-0002-002.repgroup1.u2zidke.use1.cache.amazonaws.com:6379 June 9, 2023, 10:52:05 (UTC-04:00)
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
I'm not all that familiar with redis or redisson yet. A previous team worked towards using redis with a cluster mode enabled cluster in AWS. It's redisson in in a java app. I'm continuing it by deploying new redis instances and upgrading redisson.
The intent is to use it for session storage with tomcat by adding the redisson jar to the tomcat/lib directory and adding the redisson config file to the tomcat/conf directory.
Encountering this.
Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem at sun.security.ssl.Alerts.getSSLException(Alerts.java:198) at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1728) at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:333) at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:325) at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1689) at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:226) at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1082) at sun.security.ssl.Handshaker$1.run(Handshaker.java:1015) at sun.security.ssl.Handshaker$1.run(Handshaker.java:1012) at java.security.AccessController.doPrivileged(Native Method) at sun.security.ssl.Handshaker$DelegatedTask.run(Handshaker.java:1520) at io.netty.handler.ssl.SslHandler.runDelegatedTasks(SslHandler.java:1559) at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1405) ... 21 more Caused by: java.security.cert.CertificateException: No subject alternative names matching IP address 172.18.5.12 found at sun.security.util.HostnameChecker.matchIP(HostnameChecker.java:168) at sun.security.util.HostnameChecker.match(HostnameChecker.java:94) at sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:459) at sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:440) at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:284) at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:144) at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1676) ... 29 moreThe config is like this:
`
clusterServersConfig:
idleConnectionTimeout: 10000
connectTimeout: 10000
timeout: 3000
retryAttempts: 3
retryInterval: 1500
failedSlaveReconnectionInterval: 3000
failedSlaveCheckInterval: 60000
password: asdoiuwer29372
subscriptionsPerConnection: 5
clientName: null
loadBalancer: !<org.redisson.connection.balancer.RoundRobinLoadBalancer> {}
subscriptionConnectionMinimumIdleSize: 1
subscriptionConnectionPoolSize: 50
slaveConnectionMinimumIdleSize: 24
slaveConnectionPoolSize: 64
masterConnectionMinimumIdleSize: 24
masterConnectionPoolSize: 64
readMode: "SLAVE"
subscriptionMode: "SLAVE"
nodeAddresses:
scanInterval: 1000
pingConnectionInterval: 0
keepAlive: false
tcpNoDelay: false
threads: 16
nettyThreads: 32
codec: !<org.redisson.codec.SerializationCodec> {}
transportMode: "NIO"
`
Here's some info about the cluster configuration in the aws console. It's tab separated. It can likely be pasted into a spreadsheet easily to view better.
`
Name Type NodesPerShard Slots/Keyspaces Zone Status ARN ParameterGroupstatus Endpoint CreatedDate
repgroup1-0001 Shard 2 0-8191 - Available - - - -
repgroup1-0001-001 Node - - us-east-1a Available arn:aws:elasticache:us-east-1:0123456789012:cluster:repgroup1-0001-001 In-sync repgroup1-0001-001.repgroup1.u2zidke.use1.cache.amazonaws.com:6379 June 9, 2023, 10:52:05 (UTC-04:00)
repgroup1-0001-002 Node - - us-east-1b Available arn:aws:elasticache:us-east-1:0123456789012:cluster:repgroup1-0001-002 In-sync repgroup1-0001-002.repgroup1.u2zidke.use1.cache.amazonaws.com:6379 June 9, 2023, 10:52:05 (UTC-04:00)
repgroup1-0002 Shard 2 8192-16383 - Available - - - -
repgroup1-0002-001 Node - - us-east-1b Available arn:aws:elasticache:us-east-1:0123456789012:cluster:repgroup1-0002-001 In-sync repgroup1-0002-001.repgroup1.u2zidke.use1.cache.amazonaws.com:6379 June 9, 2023, 10:52:05 (UTC-04:00)
repgroup1-0002-002 Node - - us-east-1a Available arn:aws:elasticache:us-east-1:0123456789012:cluster:repgroup1-0002-002 In-sync repgroup1-0002-002.repgroup1.u2zidke.use1.cache.amazonaws.com:6379 June 9, 2023, 10:52:05 (UTC-04:00)
ConfigurationEndpoint: clustercfg.repgroup1.u2zidke.use1.cache.amazonaws.com:6379
ClusterMode: Enabled
EncryptionInTransit Enabled
TransitEncryptionMode Required
`
I see this ticket: #1296
There are code commits. I'm not clear on what the answer is there.
Beta Was this translation helpful? Give feedback.
All reactions