Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

TIMEOUT connect exceeded #2

Open
longlnk opened this issue Jan 13, 2021 · 0 comments
Open

TIMEOUT connect exceeded #2

longlnk opened this issue Jan 13, 2021 · 0 comments

Comments

@longlnk
Copy link

longlnk commented Jan 13, 2021
edited
Loading

Dear Scholzj,

Unfortunately, I think there is still some problems from my zookeeper install. The zoo-entrance gets also timeouts :
Starting Stunnel with configuration:
Starting Stunnel with configuration:
pid = /usr/local/var/run/stunnel.pid
foreground = yes
debug = notice
sslVersion = all
[zookeeper-2181]
client = yes
CAfile = /tmp/cluster-ca.crt
cert = /etc/cluster-operator-certs/cluster-operator.crt
key = /etc/cluster-operator-certs/cluster-operator.key
accept = 0.0.0.0:2181
connect = my-test-lnk-zookeeper-client:2181
delay = yes
verify = 2

2021.01.13 17:30:32 LOG5[1:140635606476864]: stunnel 4.56 on x86_64-redhat-linux-gnu platform
2021.01.13 17:30:32 LOG5[1:140635606476864]: Compiled/running with OpenSSL 1.0.1e-fips 11 Feb 2013
2021.01.13 17:30:32 LOG5[1:140635606476864]: Threading:PTHREAD Sockets:POLL,IPv6 SSL:ENGINE,OCSP,FIPS Auth:LIBWRAP
2021.01.13 17:30:32 LOG5[1:140635606476864]: Reading configuration from file /tmp/stunnel.conf
2021.01.13 17:30:32 LOG5[1:140635606476864]: FIPS mode is enabled
2021.01.13 17:30:32 LOG5[1:140635606476864]: Configuration successful
2021.01.13 17:33:18 LOG5[1:140635606472448]: Service [zookeeper-2181] accepted connection from 10.42.0.0:38537
2021.01.13 17:33:18 LOG5[1:140635606472448]: connect_blocking: connected 10.43.196.203:2181
2021.01.13 17:33:18 LOG5[1:140635606472448]: Service [zookeeper-2181] connected remote server from 10.42.1.94:53880
2021.01.13 17:33:18 LOG5[1:140635606472448]: Certificate accepted: depth=1, /O=io.strimzi/CN=cluster-ca v0
2021.01.13 17:33:18 LOG4[1:140635606472448]: CERT: Verification error: certificate signature failure
2021.01.13 17:33:18 LOG4[1:140635606472448]: Certificate check failed: depth=0, /O=io.strimzi/CN=my-test-lnk-zookeeper
2021.01.13 17:33:18 LOG3[1:140635606472448]: error queue: 14090086: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
2021.01.13 17:33:18 LOG3[1:140635606472448]: error queue: D0C5006: error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP lib
2021.01.13 17:33:18 LOG3[1:140635606472448]: error queue: 4067072: error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check failed
2021.01.13 17:33:18 LOG3[1:140635606472448]: SSL_connect: 407008A: error:0407008A:rsa routines:RSA_padding_check_PKCS1_type_1:invalid padding
2021.01.13 17:33:18 LOG5[1:140635606472448]: Connection reset: 0 byte(s) sent to SSL, 0 byte(s) sent to socket
2021.01.13 17:33:20 LOG5[1:140635606472448]: Service [zookeeper-2181] accepted connection from 10.42.0.0:64563
2021.01.13 17:33:20 LOG5[1:140635606472448]: connect_blocking: connected 10.43.196.203:2181
2021.01.13 17:33:20 LOG5[1:140635606472448]: Service [zookeeper-2181] connected remote server from 10.42.1.94:53948
2021.01.13 17:33:20 LOG5[1:140635606472448]: Certificate accepted: depth=1, /O=io.strimzi/CN=cluster-ca v0
2021.01.13 17:33:20 LOG4[1:140635606472448]: CERT: Verification error: certificate signature failure
2021.01.13 17:33:20 LOG4[1:140635606472448]: Certificate check failed: depth=0, /O=io.strimzi/CN=my-test-lnk-zookeeper
2021.01.13 17:33:20 LOG3[1:140635606472448]: error queue: 14090086: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
2021.01.13 17:33:20 LOG3[1:140635606472448]: error queue: D0C5006: error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP lib
2021.01.13 17:33:20 LOG3[1:140635606472448]: error queue: 4067072: error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check failed
2021.01.13 17:33:20 LOG3[1:140635606472448]: SSL_connect: 407008A: error:0407008A:rsa routines:RSA_padding_check_PKCS1_type_1:invalid padding
2021.01.13 17:33:20 LOG5[1:140635606472448]: Connection reset: 0 byte(s) sent to SSL, 0 byte(s) sent to socket
2021.01.13 17:33:22 LOG5[1:140635606472448]: Service [zookeeper-2181] accepted connection from 10.42.0.0:29880
2021.01.13 17:33:22 LOG5[1:140635606472448]: connect_blocking: connected 10.43.196.203:2181
2021.01.13 17:33:22 LOG5[1:140635606472448]: Service [zookeeper-2181] connected remote server from 10.42.1.94:54018
2021.01.13 17:33:22 LOG5[1:140635606472448]: Certificate accepted: depth=1, /O=io.strimzi/CN=cluster-ca v0
2021.01.13 17:33:22 LOG4[1:140635606472448]: CERT: Verification error: certificate signature failure
2021.01.13 17:33:22 LOG4[1:140635606472448]: Certificate check failed: depth=0, /O=io.strimzi/CN=my-test-lnk-zookeeper
2021.01.13 17:33:22 LOG3[1:140635606472448]: error queue: 14090086: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
2021.01.13 17:33:22 LOG3[1:140635606472448]: error queue: D0C5006: error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP lib
2021.01.13 17:33:22 LOG3[1:140635606472448]: error queue: 4067072: error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check failed
2021.01.13 17:33:22 LOG3[1:140635606472448]: SSL_connect: 407008A: error:0407008A:rsa routines:RSA_padding_check_PKCS1_type_1:invalid padding
2021.01.13 17:33:22 LOG5[1:140635606472448]: Connection reset: 0 byte(s) sent to SSL, 0 byte(s) sent to socket
2021.01.13 17:33:23 LOG5[1:140635606472448]: Service [zookeeper-2181] accepted connection from 10.42.0.0:51167
2021.01.13 17:33:23 LOG5[1:140635606472448]: connect_blocking: connected 10.43.196.203:2181
2021.01.13 17:33:23 LOG5[1:140635606472448]: Service [zookeeper-2181] connected remote server from 10.42.1.94:54146
2021.01.13 17:33:23 LOG5[1:140635606472448]: Certificate accepted: depth=1, /O=io.strimzi/CN=cluster-ca v0
2021.01.13 17:33:23 LOG4[1:140635606472448]: CERT: Verification error: certificate signature failure
2021.01.13 17:33:23 LOG4[1:140635606472448]: Certificate check failed: depth=0, /O=io.strimzi/CN=my-test-lnk-zookeeper
2021.01.13 17:33:23 LOG3[1:140635606472448]: error queue: 14090086: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
2021.01.13 17:33:23 LOG3[1:140635606472448]: error queue: D0C5006: error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP lib
2021.01.13 17:33:23 LOG3[1:140635606472448]: error queue: 4067072: error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check failed
2021.01.13 17:33:23 LOG3[1:140635606472448]: SSL_connect: 407008A: error:0407008A:rsa routines:RSA_padding_check_PKCS1_type_1:invalid padding
2021.01.13 17:33:23 LOG5[1:140635606472448]: Connection reset: 0 byte(s) sent to SSL, 0 byte(s) sent to socket
2021.01.13 17:33:26 LOG5[1:140635606472448]: Service [zookeeper-2181] accepted connection from 10.42.0.0:23926
2021.01.13 17:33:26 LOG5[1:140635606472448]: connect_blocking: connected 10.43.196.203:2181
2021.01.13 17:33:26 LOG5[1:140635606472448]: Service [zookeeper-2181] connected remote server from 10.42.1.94:54210
2021.01.13 17:33:26 LOG5[1:140635606472448]: Certificate accepted: depth=1, /O=io.strimzi/CN=cluster-ca v0
2021.01.13 17:33:26 LOG4[1:140635606472448]: CERT: Verification error: certificate signature failure
2021.01.13 17:33:26 LOG4[1:140635606472448]: Certificate check failed: depth=0, /O=io.strimzi/CN=my-test-lnk-zookeeper
2021.01.13 17:33:26 LOG3[1:140635606472448]: error queue: 14090086: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
2021.01.13 17:33:26 LOG3[1:140635606472448]: error queue: D0C5006: error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP lib
2021.01.13 17:33:26 LOG3[1:140635606472448]: error queue: 4067072: error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check failed
2021.01.13 17:33:26 LOG3[1:140635606472448]: SSL_connect: 407008A: error:0407008A:rsa routines:RSA_padding_check_PKCS1_type_1:invalid padding
2021.01.13 17:33:26 LOG5[1:140635606472448]: Connection reset: 0 byte(s) sent to SSL, 0 byte(s) sent to socket

My cluster-operator.crt

[kafka@zoo-entrance-fbb55f-scv4q kafka]$ cat /etc/cluster-operator-certs/cluster-operator.crt 
-----BEGIN CERTIFICATE-----
MIIC2TCCAcECCQC6Xfq7DbRKcTANBgkqhkiG9w0BAQsFADAtMRMwEQYDVQQKDApp
by5zdHJpbXppMRYwFAYDVQQDDA1jbHVzdGVyLWNhIHYwMB4XDTIxMDExMzA5NTgz
MVoXDTIyMDExMzA5NTgzMVowMDETMBEGA1UECgwKaW8uc3RyaW16aTEZMBcGA1UE
AwwQY2x1c3Rlci1vcGVyYXRvcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOC6pR3lK+d9pCMWbHmxc3Of8S4FVWxGSM68k3sFW6SlcEYoB+oYj3cx//ky
uccRC/oWc55JuyT3Vxl+VEV2fJa8wsY0I+moj6Lmo9Pb0rGYpnbzbZ489SjcoUey
5XznJioXjkvs3d0Dv0R/gOtHmM9Od9XZ6F9UlkOXhaQqrN9767YcCuDAF72VVqfn
i77cLJWOpp0ZZklDS/sqmy+3bbjhshZ+8fUmhzLgMbpiiBgI0yxXYUl9VDL4NZ+d
seBoOIa1+ydHsB1ddXXXB4pgWJxB3uGM3xVbq61BFRzLbc5bPmnIjEenXhOq21Ze
MhneAZoNVIFnvs23pLpS7HVatbkCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAVmZ6
L40bGtMIzO5Juce9DkpRxHkNL1X7nAIt+5u9SQjYMKNHTtDivkBmLy0mGj3zEFZa
jz+fIFBhOKnrU7wIQelurdGWGOC+sBTqnRv09nlLc+luBwCSkdaExwb8/rz2gNRx
azd+AyiiSPGCrxk7h5UWzpczLQYkRP1BpDN7Rakf/jRPMxmgzd7IJx2RGXLv3MBF
jmHayjVSpBYAEo40jemmQvnVGqNySwCdD0uQQhQ3z85Q+g889vSCu6Kc0UVE4aXM
od9eYdYn2clM4j3eM+cL3Iid1sdbMoW16GvBAZiJ2fzDbaZI7ISsFfkWDlV1Ep49
1EwnTbmv100sufIFww==
-----END CERTIFICATE-----

My cluster-operator.key

[kafka@zoo-entrance-fbb55f-scv4q kafka]$ cat /etc/cluster-operator-certs/cluster-operator.key 
-----BEGIN PRIVATE KEY-----
MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDguqUd5SvnfaQj
Fmx5sXNzn/EuBVVsRkjOvJN7BVukpXBGKAfqGI93Mf/5MrnHEQv6FnOeSbsk91cZ
flRFdnyWvMLGNCPpqI+i5qPT29KxmKZ2822ePPUo3KFHsuV85yYqF45L7N3dA79E
f4DrR5jPTnfV2ehfVJZDl4WkKqzfe+u2HArgwBe9lVan54u+3CyVjqadGWZJQ0v7
Kpsvt2244bIWfvH1Jocy4DG6YogYCNMsV2FJfVQy+DWfnbHgaDiGtfsnR7AdXXV1
1weKYFicQd7hjN8VW6utQRUcy23OWz5pyIxHp14TqttWXjIZ3gGaDVSBZ77Nt6S6
Uux1WrW5AgMBAAECggEAIN4LYijvV+b/R4ZzDQVP/lwpGPL8wF4zLdFUvIxXD+iG
WCxoo+s9qFAuwNKTazLqDoSUGlVsQobOPVNFnfcrV5x53CUqD3VwtIGI+mZPFVxf
FEyb/qWpsXU7PVJD0BW6djOFw0L8W+O9aJZBU6fgCInQav14x+CGLZKOoCkBqZme
3Ojeg95G+OBj70dzCHv/E8GF4aCF3s1/1Ltp4Sdf05b2McpYJ6hX1n9G7W1eEyUJ
eCBgzvGLSCQJKJg6OxaCwwg2SH/EAP5WV8kx/o5ZkDnDmQlkxgbmhgyxAj486EpC
rrtqOGkoGfWJAovFUkW6nVGPBiWJ/4TBliJrYMXfUQKBgQD/tHoDPpLky1U/kUor
4Rz6jXDeVsPOdM83HDCa1q/YNnZz+7IR9UxJFHBHXtIlUOmiElmEOfijzufIL9J7
1C8qbe7hPu/0dzXEQSkYftFv9KG76ejQg6T76HItpXHMg4eoQOUDIv6VQ+nRqKRs
pMMHkBmk/CCoSKxH/mBqMxmlzQKBgQDg/QT/8tCUG3p604oprTeHSqGEkKBWLAU5
iRNpUsXomakvZR2JK51BD6M811KmOsQnNw3xlz2xLICRbDs0P/bE0jcAP5/b5Hu8
C80bvCUdGD8Au4U9kJLoyuRZdZuEAXsTXm/BjlWZzTn5aTl3vB8lcFIQX4YQAFY/
8ggaK8kjnQKBgF6asDW5FfHuRLkDERUQ8X7Fi8fHBCTDVNMH6/etjFuLMuIQcj5w
qeuz0yKks005FWdwMIxaQmKgr2KCRvand1fUWngdp/uji1Hz5bd5XBV2xcvXa9qR
ih3lTzESL/tBgpQ+hjxV2yjwenamVUcY4ktPBh3jZlW8pXjxZUyFYWzVAoGAXgXf
HQdgW0TQfpwA1UHqPsPVlAzMtLZYyJ6cWhuZUYdFyOS83yI26YWbdkWV6JoOd0Tu
stO9mFk8sYlFhKRmgAJJsfTk3YQyoXddFAYgjHQhgDDdkcjlXBvOKgSYJSZpRMLm
eUD+TPQTEkQDHCKl8YNrCCSjZfR+FuMSt70spZECgYBZ5hm89+YLz1758plC2dwe
6rvvKuJ7tdCTPvE8T93vnTExtbr70Hg+LNhe2fkFaGwcM3zT+bNiTuZ3iP+838We
awGVPUU25ZC/QmgXrFQLG1wYIEiszLTDQ7dM4pW5ixVsX+hnRO+8bomKsSjNHahj
rwdRdKuR39M66MNwrJoehg==
-----END PRIVATE KEY-----

I use strimzi/kafka:0.20.1-kafka-2.6.0
Kafka tool 2.0

image

Please help me
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@longlnk