Hi,
I have installed ROR compatible for my elasticsearch version 7.7.1.
readonlyrest.yml is configured as below.
readonlyrest:
access_control_rules:
- name: "Require HTTP Basic Auth"
type: allow
auth_key: username:password
ssl:
enable: true
keystore_file: "Keystore.jks"
keystore_pass: password
key_pass: password
Added below property in elasticearch.yml
http.type: ssl_netty4
Upon starting the elasticsearch, I’m getting java.lang.NoClassDefFoundError
java.lang.NoClassDefFoundError: io/netty/internal/tcnative/SSLPrivateKeyMethod
at io.netty.handler.ssl.SslContext.newServerContextInternal(SslContext.java:471)
at io.netty.handler.ssl.SslContextBuilder.build(SslContextBuilder.java:571)
at tech.beshu.ror.es.ssl.SSLNetty4HttpServerTransport$SSLHandler$SSLContextCreatorImpl.mkSSLContext(SSLNetty4HttpServerTransport.scala:80)
at tech.beshu.ror.utils.SSLCertParser$.$anonfun$run$3(SSLCertParser.scala:41)
at scala.runtime.java8.JFunction0$mcV$sp.apply(JFunction0$mcV$sp.java:23)
at cats.effect.internals.IORunLoop$.cats$effect$internals$IORunLoop$$loop(IORunLoop.scala:87)
at cats.effect.internals.IORunLoop$.startCancelable(IORunLoop.scala:41)
at cats.effect.internals.IOBracket$BracketStart.run(IOBracket.scala:86)
at cats.effect.internals.Trampoline.cats$effect$internals$Trampoline$$immediateLoop(Trampoline.scala:70)
at cats.effect.internals.Trampoline.startLoop(Trampoline.scala:36)
at cats.effect.internals.TrampolineEC$JVMTrampoline.super$startLoop(TrampolineEC.scala:93)
at cats.effect.internals.TrampolineEC$JVMTrampoline.$anonfun$startLoop$1(TrampolineEC.scala:93)
at scala.runtime.java8.JFunction0$mcV$sp.apply(JFunction0$mcV$sp.java:23)
at scala.concurrent.BlockContext$.withBlockContext(BlockContext.scala:85)
at cats.effect.internals.TrampolineEC$JVMTrampoline.startLoop(TrampolineEC.scala:93)
at cats.effect.internals.Trampoline.execute(Trampoline.scala:43)
at cats.effect.internals.TrampolineEC.execute(TrampolineEC.scala:44)
at cats.effect.internals.IOBracket$BracketStart.apply(IOBracket.scala:72)
at cats.effect.internals.IOBracket$BracketStart.apply(IOBracket.scala:52)
at cats.effect.internals.IORunLoop$.cats$effect$internals$IORunLoop$$loop(IORunLoop.scala:136)
at cats.effect.internals.IORunLoop$.start(IORunLoop.scala:34)
at cats.effect.internals.IOBracket$.$anonfun$apply$1(IOBracket.scala:44)
at cats.effect.internals.IOBracket$.$anonfun$apply$1$adapted(IOBracket.scala:34)
at cats.effect.internals.IORunLoop$RestartCallback.start(IORunLoop.scala:341)
at cats.effect.internals.IORunLoop$.cats$effect$internals$IORunLoop$$loop(IORunLoop.scala:119)
at cats.effect.internals.IORunLoop$.start(IORunLoop.scala:34)
at cats.effect.IO.unsafeRunAsync(IO.scala:257)
at cats.effect.internals.IOPlatform$.unsafeResync(IOPlatform.scala:38)
at cats.effect.IO.unsafeRunTimed(IO.scala:324)
at cats.effect.IO.unsafeRunSync(IO.scala:239)
at tech.beshu.ror.utils.SSLCertParser$.$anonfun$run$1(SSLCertParser.scala:41)
at scala.runtime.java8.JFunction0$mcV$sp.apply(JFunction0$mcV$sp.java:23)
at scala.util.Try$.apply(Try.scala:213)
at tech.beshu.ror.utils.SSLCertParser$.run(SSLCertParser.scala:42)
at tech.beshu.ror.es.ssl.SSLNetty4HttpServerTransport$SSLHandler.$anonfun$new$1(SSLNetty4HttpServerTransport.scala:64)
at scala.runtime.java8.JFunction0$mcV$sp.apply(JFunction0$mcV$sp.java:23)
at tech.beshu.ror.utils.AccessControllerHelper$$anon$1.run(AccessControllerHelper.scala:25)
at java.security.AccessController.doPrivileged(Native Method)
at tech.beshu.ror.utils.AccessControllerHelper$.doPrivileged(AccessControllerHelper.scala:24)
at tech.beshu.ror.es.ssl.SSLNetty4HttpServerTransport$SSLHandler.(SSLNetty4HttpServerTransport.scala:64)
at tech.beshu.ror.es.ssl.SSLNetty4HttpServerTransport.configureServerChannelHandler(SSLNetty4HttpServerTransport.scala:56)
at tech.beshu.ror.es.ssl.SSLNetty4HttpServerTransport.configureServerChannelHandler(SSLNetty4HttpServerTransport.scala:38)
at org.elasticsearch.http.netty4.Netty4HttpServerTransport.doStart(Netty4HttpServerTransport.java:195)
at org.elasticsearch.common.component.AbstractLifecycleComponent.start(AbstractLifecycleComponent.java:59)
at org.elasticsearch.node.Node.start(Node.java:799)
at org.elasticsearch.bootstrap.Bootstrap.start(Bootstrap.java:317)
at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:402)
at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:170)
at org.elasticsearch.bootstrap.Elasticsearch.execute(Elasticsearch.java:161)
at org.elasticsearch.cli.EnvironmentAwareCommand.execute(EnvironmentAwareCommand.java:86)
at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:127)
at org.elasticsearch.cli.Command.main(Command.java:90)
at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:126)
at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:92)
Caused by: java.lang.ClassNotFoundException: io.netty.internal.tcnative.SSLPrivateKeyMethod
at java.net.URLClassLoader.findClass(URLClassLoader.java:381)
at java.lang.ClassLoader.loadClass(ClassLoader.java:424)
at java.net.FactoryURLClassLoader.loadClass(URLClassLoader.java:814)
at java.lang.ClassLoader.loadClass(ClassLoader.java:357)
… 54 more
When I check the relevant jar inside readonlyrest plugin, found netty-tcnative-boringssl-static-2.0.19.Final.jar. But it do have the class file SSLPrivateKeyMethod.
On searching the Maven repo, the latest jar which has this class is netty-tcnative-2.0.24.Final.jar
After replacing it in the installed ROR pulgin, ES is started fine.
So, should the ROR deliverable be adopted from your side? Kindly advise to run it with default installation.
Thanks,
Shan.