2. 질의 응답
  3. Java : Gelf-Logstash -> 예외 "ssl : hostname"

Java : Gelf-Logstash -> 예외 "ssl : hostname"

2016-11-21 2 views
0

ssl로 내 Graylog2 서버에 오류 로그를 보내려고합니다. 불행히도 예외는 항상 있습니다. Java의 cacerts에 ssl/tls 인증서를 설치했습니다. 또한 인증서는 내 Graylog-Server에 있습니다.Java : Gelf-Logstash -> 예외 "ssl : hostname"

예외 :

log4j:ERROR General SSLEngine problem 
java.io.IOException: Cannot send data to 192.168.10.74:12202 
    at biz.paluch.logging.gelf.intern.sender.GelfTCPSender.sendMessage(GelfTCPSender.java:126) 
    at biz.paluch.logging.gelf.log4j.GelfLogAppender.append(GelfLogAppender.java:92) 
    at org.apache.log4j.AppenderSkeleton.doAppend(AppenderSkeleton.java:251) 
    at org.apache.log4j.helpers.AppenderAttachableImpl.appendLoopOnAppenders(AppenderAttachableImpl.java:66) 
    at org.apache.log4j.Category.callAppenders(Category.java:206) 
    at org.apache.log4j.Category.forcedLog(Category.java:391) 
    at org.apache.log4j.Category.error(Category.java:322) 
    at logging.J2Graylog.main(J2Graylog.java:19) 
Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem 
    at sun.security.ssl.Handshaker.checkThrown(Handshaker.java:1336) 
    at sun.security.ssl.SSLEngineImpl.checkTaskThrown(SSLEngineImpl.java:519) 
    at sun.security.ssl.SSLEngineImpl.writeAppRecord(SSLEngineImpl.java:1197) 
    at sun.security.ssl.SSLEngineImpl.wrap(SSLEngineImpl.java:1169) 
    at javax.net.ssl.SSLEngine.wrap(SSLEngine.java:469) 
    at biz.paluch.logging.gelf.intern.sender.GelfTCPSSLSender.doHandshake(GelfTCPSSLSender.java:200) 
    at biz.paluch.logging.gelf.intern.sender.GelfTCPSSLSender.connect(GelfTCPSSLSender.java:61) 
    at biz.paluch.logging.gelf.intern.sender.GelfTCPSender.sendMessage(GelfTCPSender.java:103) 
    ... 7 more 
Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem 
    at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) 
    at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1703) 
    at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:281) 
    at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:273) 
    at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1446) 
    at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:209) 
    at sun.security.ssl.Handshaker.processLoop(Handshaker.java:901) 
    at sun.security.ssl.Handshaker$1.run(Handshaker.java:841) 
    at sun.security.ssl.Handshaker$1.run(Handshaker.java:839) 
    at java.security.AccessController.doPrivileged(Native Method) 
    at sun.security.ssl.Handshaker$DelegatedTask.run(Handshaker.java:1273) 
    at biz.paluch.logging.gelf.intern.sender.GelfTCPSSLSender.doHandshake(GelfTCPSSLSender.java:240) 
    ... 9 more 
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target 
    at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:385) 
    at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292) 
    at sun.security.validator.Validator.validate(Validator.java:260) 
    at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326) 
    at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:283) 
    at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:138) 
    at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1433) 
    ... 16 more 
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target 
    at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:196) 
    at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:268) 
    at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:380) 
    ... 22 more

log4j.properties :

log4j.appender.graylog2=biz.paluch.logging.gelf.log4j.GelfLogAppender 
log4j.appender.graylog2.Host=ssl:myGraylogHost 
log4j.appender.graylog2.Port=myPort 
log4j.appender.graylog2.originHost=localhost 
log4j.appender.graylog2.layout=org.apache.log4j.PatternLayout 
log4j.appender.graylog2.layout.ConversionPattern=%d |%t|%c{1}| %-5p - %m%n 
log4j.appender.graylog2.additionalFields={'environment': 'DEV', 'application': 'MyAPP'} 
log4j.appender.graylog2.extractStackTrace=true 
log4j.appender.graylog2.addExtendedInformation=true 
log4j.appender.graylog2.Facility=gelf-java

누군가가 말해 줄 수, 왜 그렇게 많은 예외를 throw?

출처

2016-11-21 Rene

답변

0

확인 다음 사항

  1. installation.go이 JRE와 URL에 대한 인증서를 넣어하는 사용이 예외를주고있다 코드.
  2. 루트 인증서를 사용 중입니다. @의 jaydeep의 게시물에 추가

출처

2016-11-21 15:32:22 positivecrux

0

:

  1. 는 SSL 설정의 기본 상호 운용성을 확인합니다. 다소 간단한 도구를 사용할 수 있습니다 (https://gist.github.com/4ndrej/4547029 참조).
  2. logstash-gelf은 SSL에 관한 몇 가지 구성 옵션을 제공합니다 (TCP Sender SSL documentation 참조).
  3. 호스트 이름으로 IP 주소를 사용하고있는 것으로 나타났습니다. 인증서에 제목 또는 Subject Alternative Name (IP SANs) IP 주소가 포함되어 있는지 확인하십시오.

출처

2016-12-08 10:19:50 mp911de

관련 문제

 관련 문제