DEVHIDE
Login Or Sign up

Apache Ignite C#.Net thin client SSL authentication

413 Views Asked by At

I have Apache Ignite Thin client used in C#.Net (NugetPackage Apache.Ignite --version 2.11.0-alpha20210225). When I use below SSL configuration, I'm getting below exception. If I say "SkipServerCertificateValidation=true", it works fine.

Any suggestions will be appreciated..

C#.Net Code:

var cfg = new IgniteClientConfiguration
        {
            Endpoints = new[] {"127.0.0.1:10800"}, //worked endPoint
            SslStreamFactory = new SslStreamFactory
            {
                CertificatePath = "C:/OpenSSL/rsh_client.pfx",
                CertificatePassword = "RSH",
                SslProtocols = SslProtocols.Tls12,
                //SkipServerCertificateValidation = true. It works if I enable this code
            }
        };
        var ignite = Ignition.StartClient(cfg);

Exception:

Unhandled exception. System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
   at System.Net.Security.SslStream.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, ExceptionDispatchInfo exception)
   at System.Net.Security.SslStream.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslStream.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslStream.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslStream.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslStream.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslStream.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslStream.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslStream.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslStream.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslStream.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslStream.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslStream.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslStream.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslStream.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslStream.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslStream.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslStream.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslStream.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslStream.ProcessAuthentication(LazyAsyncResult lazyResult, CancellationToken cancellationToken)
   at System.Net.Security.SslStream.AuthenticateAsClient(SslClientAuthenticationOptions sslClientAuthenticationOptions)
   at System.Net.Security.SslStream.AuthenticateAsClient(String targetHost, X509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, Boolean checkCertificateRevocation)
   at Apache.Ignite.Core.Client.SslStreamFactory.Create(Stream stream, String targetHost)
   at Apache.Ignite.Core.Impl.Client.ClientSocket.GetSocketStream(Socket socket, IgniteClientConfiguration cfg, String host)
   at Apache.Ignite.Core.Impl.Client.ClientSocket..ctor(IgniteClientConfiguration clientConfiguration, EndPoint endPoint, String host, Nullable`1 version, Action`1 topVerCallback, Marshaller marshaller)
   at Apache.Ignite.Core.Impl.Client.ClientFailoverSocket.Connect(SocketEndpoint endPoint)
   at Apache.Ignite.Core.Impl.Client.ClientFailoverSocket.GetNextSocket()
   at Apache.Ignite.Core.Impl.Client.ClientFailoverSocket.ConnectDefaultSocket()
   at Apache.Ignite.Core.Impl.Client.ClientFailoverSocket..ctor(IgniteClientConfiguration config, Marshaller marsh, TransactionsClient transactions)
   at Apache.Ignite.Core.Impl.Client.IgniteClient..ctor(IgniteClientConfiguration clientConfiguration)
   at Apache.Ignite.Core.Ignition.StartClient(IgniteClientConfiguration clientConfiguration)
   at Ignite.Client.Program.Main(String[] args) in C:\Users\RSH\dotnet\Ignite\Client\Program.cs:line 61

Server-config.xml:

<bean id="grid.cfg" class="org.apache.ignite.configuration.IgniteConfiguration">
        <property name="clientConnectorConfiguration">
            <bean class="org.apache.ignite.configuration.ClientConnectorConfiguration">
                <property name="port" value="10800"/>
                <property name="sslEnabled" value="true"/>
            </bean>
        </property>
        <property name="sslContextFactory">
            <bean class="org.apache.ignite.ssl.SslContextFactory">
                <property name="keyStoreFilePath" value="C:/apache-ignite-2.9.1-bin/security/server.keystore.jks"/>
                <property name="keyStorePassword" value="RSH"/>
                <property name="trustStoreFilePath" value="C:/apache-ignite-2.9.1-bin/security/server.truststore.jks"/>
                <property name="trustStorePassword" value="RSH"/>
                <property name="protocol" value="TLSv1.2"/>
            </bean>
        </property>
    </bean>

Server side exception:

[14:42:19,955][WARNING][grid-nio-worker-client-listener-4-#45][ClientListenerProcessor] Client disconnected abruptly due to network connection loss or because the connection was left open on application shutdown. [cls=class o.a.i.i.util.nio.GridNioException, msg=Failed to decode SSL data: GridSelectorNioSessionImpl [worker=DirectNioClientWorker [super=AbstractNioClientWorker [idx=4, bytesRcvd=304, bytesSent=0, bytesRcvd0=304, bytesSent0=0, select=true, super=GridWorker [name=grid-nio-worker-client-listener-4, igniteInstanceName=null, finished=false, heartbeatTs=1622106739953, hashCode=264174266, interrupted=false, runner=grid-nio-worker-client-listener-4-#45]]], writeBuf=java.nio.DirectByteBuffer[pos=0 lim=65536 cap=65536], readBuf=java.nio.DirectByteBuffer[pos=31 lim=31 cap=65536], inRecovery=null, outRecovery=null, closeSocket=true, outboundMessagesQueueSizeMetric=null, super=GridNioSessionImpl [locAddr=/127.0.0.1:10800, rmtAddr=/127.0.0.1:51412, createTime=1622106739772, closeTime=0, bytesSent=2415, bytesRcvd=304, bytesSent0=2415, bytesRcvd0=304, sndSchedTime=1622106739772, lastSndTime=1622106739900, lastRcvTime=1622106739953, readsPaused=false, filterChain=FilterChain[filters=[GridNioAsyncNotifyFilter, GridNioCodecFilter [parser=ClientListenerNioMessageParser, directMode=true], SSL filter], accepted=true, markedForClose=false]]]
[14:42:29,909][WARNING][grid-timeout-worker-#30][ClientListenerNioListener] Unable to perform handshake within timeout [timeout=10000, remoteAddr=/127.0.0.1:51412]
c# client ignite thin
Original Q&A
0

There are 0 best solutions below

Related Questions in C#

Related Questions in CLIENT

Related Questions in IGNITE

Related Questions in THIN

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs

Popular Questions

.

Copyright © 2021 Jogjafile Inc.