我正在尝试通过java datastax驱动程序通过openssl连接到cassandra集群,此文档https://docs.datastax.com/en/developer/java-driver/3.1/manual/ssl/使用我的客户端证书和密钥,以及作为cassandra集群的信任库需要双向相互证书认证
这是我的代码
public static void main( String[] args ) throws Exception
{
KeyStore ks = KeyStore.getInstance("JKS");
// make sure you close this stream properly (not shown here for brevity)
InputStream trustStore = new FileInputStream("MyTrustStore");
ks.load(trustStore, "abcdef".toCharArray());
TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(ks);
SslContextBuilder builder = SslContextBuilder
.forClient()
.sslProvider(SslProvider.OPENSSL)
.trustManager(tmf)
// only if you use client authentication
.keyManager(new File("client_cert"), new File("private_key"));
SSLOptions sslOptions = new NettySSLOptions(builder.build());
Cluster cluster = Cluster.builder()
.addContactPoint("w.x.y.z")
.withSSL(sslOptions)
.build();
}
在pom中具有以下依赖项
<dependencies>
<dependency>
<groupId>com.datastax.cassandra</groupId>
<artifactId>cassandra-driver-core</artifactId>
<version>3.6.0</version>
</dependency>
<dependency>
<groupId>io.netty</groupId>
<artifactId>netty-tcnative</artifactId>
<version>2.0.25.Final</version>
</dependency>
<dependency>
<groupId>io.netty</groupId>
<artifactId>netty-tcnative-boringssl-static</artifactId>
<version>2.0.0.Final</version>
<classifier>osx-x86_64</classifier>
</dependency>
</dependencies>
但是我得到一个错误
Exception in thread "main" java.lang.UnsatisfiedLinkError: failed to load the required native library
at io.netty.handler.ssl.OpenSsl.ensureAvailability(OpenSsl.java:327)
at io.netty.handler.ssl.ReferenceCountedOpenSslContext.<init>(ReferenceCountedOpenSslContext.java:193)
at io.netty.handler.ssl.ReferenceCountedOpenSslContext.<init>(ReferenceCountedOpenSslContext.java:182)
at io.netty.handler.ssl.OpenSslContext.<init>(OpenSslContext.java:34)
at io.netty.handler.ssl.OpenSslClientContext.<init>(OpenSslClientContext.java:188)
at io.netty.handler.ssl.SslContext.newClientContextInternal(SslContext.java:775)
at io.netty.handler.ssl.SslContextBuilder.build(SslContextBuilder.java:446)
at com.example.App.main(App.java:41)
Caused by: java.lang.IllegalArgumentException: Failed to load any of the given libraries: [netty_tcnative_osx_x86_64, netty_tcnative_x86_64, netty_tcnative]
at io.netty.util.internal.NativeLibraryLoader.loadFirstAvailable(NativeLibraryLoader.java:93)
at io.netty.handler.ssl.OpenSsl.loadTcNative(OpenSsl.java:421)
at io.netty.handler.ssl.OpenSsl.<clinit>(OpenSsl.java:89)
... 7 more
我尝试从pom中删除无聊的静态dep或tcnative dep,但它似乎仍然不起作用。任何帮助将不胜感激。
提前谢谢
答案 0 :(得分:2)
我怀疑此处可能发生的情况是由于此处使用的netty,netty-tcnative和netty-tcnative-boringssl-static版本之间的某些不兼容引起的。
在先前的实验中,我发现netty和netty-tcnative的版本特别重要,因为两者之间可能存在不兼容性。
datastax Java驱动程序3.6.0依赖于netty 4.0.56.Final,并将netty-tcnative 2.0.7.Final列为可选依赖项。您也可以find in the documentation对于Java驱动程序3.6.0,建议使用2.0.7.Final:
netty-tcnative的较新版本与驱动程序使用的netty版本之间存在已知的运行时不兼容性。为了获得最佳效果,请使用2.0.7.Final版本。
我还怀疑未使用相同版本的netty-tcnative和netty-tcnative-boringssl-static可能会导致不兼容。我建议尝试相同的版本。
由于我已经对此进行了测试,因此我将首先尝试以下配置:
<dependencies>
<dependency>
<groupId>com.datastax.cassandra</groupId>
<artifactId>cassandra-driver-core</artifactId>
<version>3.6.0</version>
</dependency>
<dependency>
<groupId>io.netty</groupId>
<artifactId>netty-tcnative</artifactId>
<version>2.0.7.Final</version>
</dependency>
<dependency>
<groupId>io.netty</groupId>
<artifactId>netty-tcnative-boringssl-static</artifactId>
<version>2.0.7.Final</version>
<classifier>osx-x86_64</classifier>
</dependency>
</dependencies>