Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SSL Incorrect Error Message : Memcached not enabled #10971

Closed
dbrimley opened this issue Jul 24, 2017 · 3 comments
Closed

SSL Incorrect Error Message : Memcached not enabled #10971

dbrimley opened this issue Jul 24, 2017 · 3 comments
Assignees
Milestone

Comments

@dbrimley
Copy link
Member

@dbrimley dbrimley commented Jul 24, 2017

If you try to connect to a Hazelcast Cluster that has SSL/Security disabled with a Hazelcast Client that has SSL enabled we seem to get a very strange error message...where it complains that "Memcached not enabled".

This is using 3.8.1 both sides. Not tried 3.8.3/3.9-EA

Can we please change this to tell the user they're trying to connect with an SSL enabled client to a non SSL cluster

2017-07-24T14:10:30,644 INFO  [TcpIpConnection] [x.x.x.x]:47501 [dev] [3.8.1] Connection[id=32, /x.x.x.x:47501->/x.x.x.x:54938, endpoint=null, alive=false, type=NONE] closed. Reason: Memcached not enabled

ip addresses redacted.

ClientNetworkConfig networkConfig = clientConfig.getNetworkConfig();
networkConfig.setSSLConfig((new SSLConfig()).setEnabled(true));
clientConfig.setNetworkConfig(networkConfig);
return HazelcastClient.newHazelcastClient(clientConfig);
@jerrinot jerrinot added this to the 3.10 milestone Jul 24, 2017
@jerrinot
Copy link
Contributor

@jerrinot jerrinot commented Jul 24, 2017

I think the only sensible way is to change the error message.
otherwise we would have to detect SSL/TLS Hello Message on our own. See https://idea.popcount.org/2012-06-16-dissecting-ssl-handshake/

@dbrimley
Copy link
Member Author

@dbrimley dbrimley commented Jul 26, 2017

Yes, that's all I'm asking can we change the error message.

Maybe we could put a hint in there, rather than doing the detection.

e.g. "You might have an issue connecting to non TLS cluster with a TLS client."

@pveentjer
Copy link
Member

@pveentjer pveentjer commented Jul 27, 2017

If it is just an error message improvement, we can easily slip it in 3.9.

@jerrinot jerrinot modified the milestones: 3.9, 3.10 Jul 27, 2017
@pveentjer pveentjer self-assigned this Aug 10, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

4 participants
You can’t perform that action at this time.