pulsar-client-python icon indicating copy to clipboard operation
pulsar-client-python copied to clipboard

Published 20 hours ago verified publisher icon apache

[Bug] Python Client verify hostname failed

Open ciiiii opened this issue 3 years ago • 1 comments
trafficstars

Search before asking

  • [X] I searched in the issues and found nothing similar.

Version

Pulsar Version: 2.9.2 pulsar-client=='2.10.0'

Minimal reproduce step

Deploy Broker with JWT Authentication enabled, configure TLS encryption on Pulsar Proxy or Reverse Proxy.

What did you expect to see?

Connect to Cluster and produce message successfully.

What did you see instead?

Can't verify the hostname

[192.168.50.160:65007 -> 54.164.25.155:6651] Handshake failed: certificate verify failed (SSL routines, tls_process_server_certificate)
Error Checking/Getting Partition Metadata while creating producer on persistent://public/default/test1 -- ConnectError
Traceback (most recent call last):
  File "/Users/cai/streamnative/clients/py_client/main.py", line 21, in <module>
    producer = client.create_producer(topic='public/default/test1')
  File "/Users/cai/.pyenv/versions/3.9.11/lib/python3.9/site-packages/pulsar/__init__.py", line 603, in create_producer
    p._producer = self._client.create_producer(topic, conf)
_pulsar.ConnectError: Pulsar error: ConnectError
2022-08-16 13:22:39.722 DEBUG [0x101410580] ClientImpl:582 | ConnectionPool is closed
2022-08-16 13:22:39.722 DEBUG [0x101410580] ClientImpl:584 | ioExecutorProvider_ is closed
2022-08-16 13:22:39.722 DEBUG [0x101410580] ClientImpl:586 | listenerExecutorProvider_ is closed
2022-08-16 13:22:39.722 DEBUG [0x101410580] ClientImpl:588 | partitionListenerExecutorProvider_ is closed

Anything else?

Cert Info

Service Url(cys-tls-broker.cys-dev.test.aws.sn2.dev) can be covered by both CN or DNSNames

CN: *.cys-dev.test.aws.sn2.dev
DNS:*.cys-dev.test.aws.sn2.dev

Curl test

➜ curl https://cys-tls-broker.cys-dev.test.aws.sn2.dev
<html>
<head>
<meta http-equiv="Content-Type" content="text/html;charset=utf-8"/>
<title>Error 404 Not Found</title>
</head>
<body><h2>HTTP ERROR 404 Not Found</h2>
<table>
<tr><th>URI:</th><td>/</td></tr>
<tr><th>STATUS:</th><td>404</td></tr>
<tr><th>MESSAGE:</th><td>Not Found</td></tr>
<tr><th>SERVLET:</th><td>org.glassfish.jersey.servlet.ServletContainer-30aec673</td></tr>
</table>
<hr><a href="https://eclipse.org/jetty">Powered by Jetty:// 9.4.43.v20210629</a><hr/>

</body>
</html>

Code example

import logging

import pulsar
from pulsar import AuthenticationToken


logger =  logging.Logger(name="pulsar", level=logging.DEBUG)

url = 'pulsar+ssl://cys-tls-broker.cys-dev.test.aws.sn2.dev:6651'

client = pulsar.Client(url,
                       tls_validate_hostname=True,
                       logger=logger,
                       use_tls=True,
                       tls_allow_insecure_connection=False,
                       authentication=AuthenticationToken(
                           '--TOKEN STRING--'))

producer = client.create_producer(topic='public/default/test1')
i = 0
while True:
    producer.send(('Hello-%d' % i).encode('utf-8'))
    i = i+1

Are you willing to submit a PR?

  • [X] I'm willing to submit a PR!

ciiiii avatar Aug 16 '22 05:08 ciiiii

The issue had no activity for 30 days, mark with Stale label.

github-actions[bot] avatar Sep 16 '22 02:09 github-actions[bot]