sslv3 alert certificate unknown (_ssl.c:1056)
552 views
Skip to first unread message
Abdessamia Hassouni
Jun 14, 2023, 4:37:16 AM6/14/23
to kafka-clients
Hello,
I'm using kafka-python 2.0.2 with Python 3.7 and I get this error :
KafkaConsumer exception : [SSL: SSLV3_ALERT_CERTIFICATE_UNKNOWN] sslv3 alert certificate unknown (_ssl.c:1056)I'm using kafka-python 2.0.2 with Python 3.7 and I get this error :
consumer = KafkaConsumer(group_id=group_id,
bootstrap_servers=bootstrap_servers,
auto_offset_reset="earliest",
enable_auto_commit=False,
security_protocol="SSL",
ssl_check_hostname=True,
ssl_cafile=certs_and_key["cacert"],
ssl_certfile=certs_and_key["cert_0000"],
ssl_keyfile=certs_and_key[key_alias],
api_version_auto_timeout_ms=timeout_ms,
api_version=(0, 9))
bootstrap_servers=bootstrap_servers,
auto_offset_reset="earliest",
enable_auto_commit=False,
security_protocol="SSL",
ssl_check_hostname=True,
ssl_cafile=certs_and_key["cacert"],
ssl_certfile=certs_and_key["cert_0000"],
ssl_keyfile=certs_and_key[key_alias],
api_version_auto_timeout_ms=timeout_ms,
api_version=(0, 9))
Abdessamia Hassouni
Jun 14, 2023, 6:05:57 AM6/14/23
to kafka-clients
Appreciate any leads. Thanks.
Abdessamia Hassouni
Jun 14, 2023, 6:14:26 AM6/14/23
to kafka-clients
More log details :
KafkaConsumer exception : [SSL: SSLV3_ALERT_CERTIFICATE_UNKNOWN] sslv3 alert certificate unknown (_ssl.c:1056)
DEBUG:kafka.metrics.metrics:Added sensor with name connections-closed
DEBUG:kafka.metrics.metrics:Added sensor with name connections-created
DEBUG:kafka.metrics.metrics:Added sensor with name select-time
DEBUG:kafka.metrics.metrics:Added sensor with name io-time
DEBUG:kafka.metrics.metrics:Added sensor with name bytes-fetched
DEBUG:kafka.metrics.metrics:Added sensor with name records-fetched
DEBUG:kafka.metrics.metrics:Added sensor with name fetch-latency
DEBUG:kafka.metrics.metrics:Added sensor with name records-lag
DEBUG:kafka.metrics.metrics:Added sensor with name fetch-throttle-time
DEBUG:kafka.metrics.metrics:Added sensor with name heartbeat-latency
DEBUG:kafka.metrics.metrics:Added sensor with name join-latency
DEBUG:kafka.metrics.metrics:Added sensor with name sync-latency
DEBUG:kafka.metrics.metrics:Added sensor with name commit-latency
DEBUG:kafka.client:Initializing connection to node bootstrap-1 for metadata request
DEBUG:kafka.client:Initiating connection to node bootstrap-1 at xxxxxxxxxxxxxxx:xxxx
DEBUG:kafka.metrics.metrics:Added sensor with name bytes-sent-received
DEBUG:kafka.metrics.metrics:Added sensor with name bytes-sent
DEBUG:kafka.metrics.metrics:Added sensor with name bytes-received
DEBUG:kafka.metrics.metrics:Added sensor with name request-latency
DEBUG:kafka.metrics.metrics:Added sensor with name node-bootstrap-1.bytes-sent
DEBUG:kafka.metrics.metrics:Added sensor with name node-bootstrap-1.bytes-received
DEBUG:kafka.metrics.metrics:Added sensor with name node-bootstrap-1.latency
DEBUG:kafka.conn:<BrokerConnection node_id=bootstrap-1 host=xxxxxxxxxxxxxxx:xxxx <disconnected> [unspecified None]>: creating new socket
DEBUG:kafka.conn:<BrokerConnection node_id=bootstrap-1 host= xxxxxxxxxxxxxxx:xxxx <disconnected> [IPv4 ('xx.xx.xx.xx', xxxx)]>: setting socket option (6, 1, 1)
INFO:kafka.conn:<BrokerConnection node_id=bootstrap-1 host= xxxxxxxxxxxxxxx:xxxx <connecting> [IPv4 ('xx.xx.xx.xx', xxxx )]>: connecting to xxxxxxxxxxxxxxx:xxxx [('xx.xx.xx.xx', xxxx) IPv4]
DEBUG:kafka.conn:<BrokerConnection node_id=bootstrap-1 host= xxxxxxxxxxxxxxx:xxxx <connecting> [IPv4 ('xx.xx.xx.xx', xxxx )]>: established TCP connection
DEBUG:kafka.conn:<BrokerConnection node_id=bootstrap-1 host= xxxxxxxxxxxxxxx:xxxx <connecting> [IPv4 ('xx.xx.xx.xx', xxxx )]>: initiating SSL handshake
DEBUG:kafka.conn:<BrokerConnection node_id=bootstrap-1 host= xxxxxxxxxxxxxxx:xxxx <handshake> [IPv4 (' xx.xx.xx.xx ', xxxx )]>: configuring default SSL Context
INFO:kafka.conn:<BrokerConnection node_id=bootstrap-1 host= xxxxxxxxxxxxxxx:xxxx <handshake> [IPv4 (' xx.xx.xx.xx ', xxxx )]>: Loading SSL CA from C:\Users\xaxxxx\AppData\Local\Temp\tmp2w9kvonf
INFO:kafka.conn:<BrokerConnection node_id=bootstrap-1 host= xxxxxxxxxxxxxxx:xxxx <handshake> [IPv4 ('xx.xx.xx.xx', xxxx )]>: Loading SSL Cert from C:\Users\xaxxxx\AppData\Local\Temp\tmpnzfsqo2w
INFO:kafka.conn:<BrokerConnection node_id=bootstrap-1 host= xxxxxxxxxxxxxxx:xxxx <handshake> [IPv4 ('xx.xx.xx.xx', xxxx )]>: Loading SSL Key from C:\Users\xaxxxx\AppData\Local\Temp\tmpkfok8rbi
DEBUG:kafka.conn:<BrokerConnection node_id=bootstrap-1 host= xxxxxxxxxxxxxxx:xxxx <handshake> [IPv4 ('xx.xx.xx.xx', xxxx )]>: wrapping socket in ssl context
DEBUG:kafka.metrics.metrics:Added sensor with name connections-created
DEBUG:kafka.metrics.metrics:Added sensor with name select-time
DEBUG:kafka.metrics.metrics:Added sensor with name io-time
DEBUG:kafka.metrics.metrics:Added sensor with name bytes-fetched
DEBUG:kafka.metrics.metrics:Added sensor with name records-fetched
DEBUG:kafka.metrics.metrics:Added sensor with name fetch-latency
DEBUG:kafka.metrics.metrics:Added sensor with name records-lag
DEBUG:kafka.metrics.metrics:Added sensor with name fetch-throttle-time
DEBUG:kafka.metrics.metrics:Added sensor with name heartbeat-latency
DEBUG:kafka.metrics.metrics:Added sensor with name join-latency
DEBUG:kafka.metrics.metrics:Added sensor with name sync-latency
DEBUG:kafka.metrics.metrics:Added sensor with name commit-latency
DEBUG:kafka.client:Initializing connection to node bootstrap-1 for metadata request
DEBUG:kafka.client:Initiating connection to node bootstrap-1 at xxxxxxxxxxxxxxx:xxxx
DEBUG:kafka.metrics.metrics:Added sensor with name bytes-sent-received
DEBUG:kafka.metrics.metrics:Added sensor with name bytes-sent
DEBUG:kafka.metrics.metrics:Added sensor with name bytes-received
DEBUG:kafka.metrics.metrics:Added sensor with name request-latency
DEBUG:kafka.metrics.metrics:Added sensor with name node-bootstrap-1.bytes-sent
DEBUG:kafka.metrics.metrics:Added sensor with name node-bootstrap-1.bytes-received
DEBUG:kafka.metrics.metrics:Added sensor with name node-bootstrap-1.latency
DEBUG:kafka.conn:<BrokerConnection node_id=bootstrap-1 host=xxxxxxxxxxxxxxx:xxxx <disconnected> [unspecified None]>: creating new socket
DEBUG:kafka.conn:<BrokerConnection node_id=bootstrap-1 host= xxxxxxxxxxxxxxx:xxxx <disconnected> [IPv4 ('xx.xx.xx.xx', xxxx)]>: setting socket option (6, 1, 1)
INFO:kafka.conn:<BrokerConnection node_id=bootstrap-1 host= xxxxxxxxxxxxxxx:xxxx <connecting> [IPv4 ('xx.xx.xx.xx', xxxx )]>: connecting to xxxxxxxxxxxxxxx:xxxx [('xx.xx.xx.xx', xxxx) IPv4]
DEBUG:kafka.conn:<BrokerConnection node_id=bootstrap-1 host= xxxxxxxxxxxxxxx:xxxx <connecting> [IPv4 ('xx.xx.xx.xx', xxxx )]>: established TCP connection
DEBUG:kafka.conn:<BrokerConnection node_id=bootstrap-1 host= xxxxxxxxxxxxxxx:xxxx <connecting> [IPv4 ('xx.xx.xx.xx', xxxx )]>: initiating SSL handshake
DEBUG:kafka.conn:<BrokerConnection node_id=bootstrap-1 host= xxxxxxxxxxxxxxx:xxxx <handshake> [IPv4 (' xx.xx.xx.xx ', xxxx )]>: configuring default SSL Context
INFO:kafka.conn:<BrokerConnection node_id=bootstrap-1 host= xxxxxxxxxxxxxxx:xxxx <handshake> [IPv4 (' xx.xx.xx.xx ', xxxx )]>: Loading SSL CA from C:\Users\xaxxxx\AppData\Local\Temp\tmp2w9kvonf
INFO:kafka.conn:<BrokerConnection node_id=bootstrap-1 host= xxxxxxxxxxxxxxx:xxxx <handshake> [IPv4 ('xx.xx.xx.xx', xxxx )]>: Loading SSL Cert from C:\Users\xaxxxx\AppData\Local\Temp\tmpnzfsqo2w
INFO:kafka.conn:<BrokerConnection node_id=bootstrap-1 host= xxxxxxxxxxxxxxx:xxxx <handshake> [IPv4 ('xx.xx.xx.xx', xxxx )]>: Loading SSL Key from C:\Users\xaxxxx\AppData\Local\Temp\tmpkfok8rbi
DEBUG:kafka.conn:<BrokerConnection node_id=bootstrap-1 host= xxxxxxxxxxxxxxx:xxxx <handshake> [IPv4 ('xx.xx.xx.xx', xxxx )]>: wrapping socket in ssl context
KafkaConsumer exception : [SSL: SSLV3_ALERT_CERTIFICATE_UNKNOWN] sslv3 alert certificate unknown (_ssl.c:1056)
Abdessamia Hassouni
Jun 15, 2023, 7:50:09 AM6/15/23
to kafka-clients
hope you're doing well
for more details: the error occurs in the ligne :
self._sock.do_handshake()
for more details: the error occurs in the ligne :
self._sock.do_handshake()
File : Lib/site-packages/kafka/conn.py
def _try_handshake(self):
assert self.config['security_protocol'] in ('SSL', 'SASL_SSL')
try:
self._sock.do_handshake()
return True
# old ssl in python2.6 will swallow all SSLErrors here...
except (SSLWantReadError, SSLWantWriteError):
pass
except (SSLZeroReturnError, ConnectionError, TimeoutError, SSLEOFError):
log.warning('SSL connection closed by server during handshake.')
self.close(Errors.KafkaConnectionError('SSL connection closed by server during handshake'))
# Other SSLErrors will be raised to user
return False
assert self.config['security_protocol'] in ('SSL', 'SASL_SSL')
try:
self._sock.do_handshake()
return True
# old ssl in python2.6 will swallow all SSLErrors here...
except (SSLWantReadError, SSLWantWriteError):
pass
except (SSLZeroReturnError, ConnectionError, TimeoutError, SSLEOFError):
log.warning('SSL connection closed by server during handshake.')
self.close(Errors.KafkaConnectionError('SSL connection closed by server during handshake'))
# Other SSLErrors will be raised to user
return False
Reply all
Reply to author
Forward
0 new messages