Uploaded image for project: 'Debezium'
  1. Debezium
  2. DBZ-8356

SSL: signature check failed and java.security.SignatureException: Signature does not match

XMLWordPrintable

    • False
    • None
    • False
    • Critical

      Hello, I am currently building a debezium connector to listen to postgresql and push logs to the kafka topic. When I push, I get the error "ignature check failed and java.security.SignatureException: Signature does not match"

      While I tested, my ca.crt certificate still works fine and before that I tried connecting to the test environment and it worked but when I started running on prod I got an error.

      You can see the config file using my docker-compose as follows: 

      version: '3.8'
services:
  debezium-connector:
    image: debezium/connect:2.7.3.Final #(debezium/connect:3.0.0.Final)
    container_name: debezium-connector-1
    ports:
      - "8083:8083"
    environment:
      - BOOTSTRAP_SERVERS=10.2.x.x:9094,10.2.x.x:9094,10.2.x.x:9094
      - GROUP_ID=vcr-cdc
      - CONFIG_STORAGE_TOPIC=vcr-cdc-config
      - OFFSET_STORAGE_TOPIC=vcr-cdc-offset
      - STATUS_STORAGE_TOPIC=vcr-cdc-status
      - CONNECT_SECURITY_PROTOCOL=SASL_SSL
      - CONNECT_SASL_MECHANISM=SCRAM-SHA-512
      - CONNECT_SASL_JAAS_CONFIG=org.apache.kafka.common.security.scram.ScramLoginModule required username="vcr-cdc" password="xxxxxx";
      - CONNECT_PRODUCER_SECURITY_PROTOCOL=SASL_SSL
      - CONNECT_PRODUCER_SASL_MECHANISM=SCRAM-SHA-512
      - CONNECT_PRODUCER_SASL_JAAS_CONFIG=org.apache.kafka.common.security.scram.ScramLoginModule required username="vcr-cdc" password="xxxxxx";
      - CONNECT_PRODUCER_SSL_TRUSTSTORE_LOCATION=/etc/kafka/server.truststore
      - CONNECT_PRODUCER_SSL_TRUSTSTORE_PASSWORD=xxxxxx
      - CONNECT_CONSUMER_SECURITY_PROTOCOL=SASL_SSL
      - CONNECT_CONSUMER_SASL_MECHANISM=SCRAM-SHA-512
      - CONNECT_CONSUMER_SASL_JAAS_CONFIG=org.apache.kafka.common.security.scram.ScramLoginModule required username="vcr-cdc" password="xxxxxx";
      - CONNECT_CONSUMER_SSL_TRUSTSTORE_LOCATION=/etc/kafka/server.truststore
      - CONNECT_CONSUMER_SSL_TRUSTSTORE_PASSWORD=xxxxxx
      - CONNECT_SSL_TRUSTSTORE_LOCATION=/etc/kafka/server.truststore
      - CONNECT_SSL_TRUSTSTORE_PASSWORD=xxxxxx
      - CONNECT_SSL_TRUSTSTORE_TYPE=JKS
      - CONNECT_SSL_ENDPOINT_IDENTIFICATION_ALGORITHM=
      - CONNECT_PRODUCER_SSL_ENDPOINT_IDENTIFICATION_ALGORITHM=
      - CONNECT_CONSUMER_SSL_ENDPOINT_IDENTIFICATION_ALGORITHM=
      - CONNECTOR_CLIENT_CONFIG_OVERRIDE_POLICY=All
      - CONNECT_CONFIG_PROVIDERS=file
      - CONNECT_CONFIG_PROVIDERS_FILE_CLASS=org.apache.kafka.common.config.provider.FileConfigProvider
    volumes:
      - ./server.truststore:/etc/kafka/server.truststore
      - ./secrets.properties:/secrets/secrets.properties

      and view logs in the Attachment section

      Hope everyone can help me with this problem. Thank you.

        1. logs.txt
          95 kB
          Tha le

              Unassigned Unassigned
              lethanhtha Tha le
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated: