我正在尝试从Kafka连接到S3 AWS和Kinesis AWS。我收到证书错误。 我检查了cacerts文件,它具有亚马逊根证书。我试图通过使用--cacert选项将证书作为参数进行卷曲。
我用尽了所有想法,想了解缺少的证书以及在何处添加证书。请帮忙。
sh-4.2# curl https://kinesis.us-east-1.amazonaws.com/
curl: (60) Peer's Certificate issuer is not recognized.
More details here: http://curl.haxx.se/docs/sslcerts.html
curl performs SSL certificate verification by default, using a "bundle"
of Certificate Authority (CA) public keys (CA certs). If the default
bundle file isn't adequate, you can specify an alternate file
using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
the -k (or --insecure) option.
已更新:添加更多信息。
请查看来自Kafka Connector的日志。这是来自Kinesis。但是对于S3连接器也同样如此。
[2020-05-13 17:15:56,283] INFO KinesisSourceConnectorConfig values:
aws.access.key.id = AKIA5L6UW6EGFBKVQJ5Y
aws.secret.key.id = [hidden]
confluent.license =
confluent.topic = _confluent-command
confluent.topic.bootstrap.servers = [server1:9092]
confluent.topic.replication.factor = 3
kafka.topic = kinesis-test-topic
kinesis.base.url =
kinesis.credentials.provider.class = class com.amazonaws.auth.DefaultAWSCredentialsProviderChain
kinesis.empty.records.backoff.ms = 5000
kinesis.position = TRIM_HORIZON
kinesis.record.limit = 500
kinesis.region = US_EAST_1
kinesis.shard.id = .*
kinesis.stream = arn:aws:kinesis:us-east-1:919032230156:stream/Kinesis-poc
kinesis.throughput.exceeded.backoff.ms = 10000
(io.confluent.connect.kinesis.KinesisSourceConnectorConfig:347)
[2020-05-13 17:15:56,283] INFO KinesisSourceConnectorConfig values:
aws.access.key.id = XXX
aws.secret.key.id = [hidden]
confluent.license =
confluent.topic = _confluent-command
confluent.topic.bootstrap.servers = [server1:9092]
confluent.topic.replication.factor = 3
kafka.topic = kinesis-test-topic
kinesis.base.url =
kinesis.credentials.provider.class = class com.amazonaws.auth.DefaultAWSCredentialsProviderChain
kinesis.empty.records.backoff.ms = 5000
kinesis.position = TRIM_HORIZON
kinesis.record.limit = 500
kinesis.region = US_EAST_1
kinesis.shard.id = .*
kinesis.stream = Kinesis-poc
kinesis.throughput.exceeded.backoff.ms = 10000
(io.confluent.connect.kinesis.KinesisSourceConnectorConfig:347)
[2020-05-13 17:15:57,020] DEBUG Sending Request: POST https://kinesis.us-east-1.amazonaws.com / Headers: (User-Agent: aws-sdk-java/1.11.438 Linux/3.10.0-1127.el7.x86_64 OpenJDK_64-Bit_Server_VM/25.242-b08 java/1.8.0_242 scala/2.12.10 kotlin/1.3.61, amz-sdk-invocation-id: 912154b3-6501-e9c4-a09a-029c3613d620, Content-Length: 72, X-Amz-Target: Kinesis_20131202.DescribeStream, Content-Type: application/x-amz-cbor-1.1, ) (com.amazonaws.request:1232)
[2020-05-13 17:15:57,020] DEBUG Sending Request: POST https://kinesis.us-east-1.amazonaws.com / Headers: (User-Agent: aws-sdk-java/1.11.438 Linux/3.10.0-1127.el7.x86_64 OpenJDK_64-Bit_Server_VM/25.242-b08 java/1.8.0_242 scala/2.12.10 kotlin/1.3.61, amz-sdk-invocation-id: af2b9f36-1b52-36da-57ec-1b3f6bac4f59, Content-Length: 25, X-Amz-Target: Kinesis_20131202.DescribeStream, Content-Type: application/x-amz-cbor-1.1, ) (com.amazonaws.request:1232)
[2020-05-13 17:15:57,051] DEBUG AWS4 Canonical Request: '"POST
/
amz-sdk-invocation-id:af2b9f36-1b52-36da-57ec-1b3f6bac4f59
amz-sdk-retry:0/0/500
content-length:25
content-type:application/x-amz-cbor-1.1
host:kinesis.us-east-1.amazonaws.com
user-agent:aws-sdk-java/1.11.438 Linux/3.10.0-1127.el7.x86_64 OpenJDK_64-Bit_Server_VM/25.242-b08 java/1.8.0_242 scala/2.12.10 kotlin/1.3.61
x-amz-date:20200513T171557Z
x-amz-target:Kinesis_20131202.DescribeStream
amz-sdk-invocation-id;amz-sdk-retry;content-length;content-type;host;user-agent;x-amz-date;x-amz-target
8e2ef637cd73d77d47e40b5a70371e0f51fed843c0174ffe30d80c9ca72a1740" (com.amazonaws.auth.AWS4Signer:33)
[2020-05-13 17:15:57,051] DEBUG AWS4 Canonical Request: '"POST
/
amz-sdk-invocation-id:912154b3-6501-e9c4-a09a-029c3613d620
amz-sdk-retry:0/0/500
content-length:72
content-type:application/x-amz-cbor-1.1
host:kinesis.us-east-1.amazonaws.com
user-agent:aws-sdk-java/1.11.438 Linux/3.10.0-1127.el7.x86_64 OpenJDK_64-Bit_Server_VM/25.242-b08 java/1.8.0_242 scala/2.12.10 kotlin/1.3.61
x-amz-date:20200513T171557Z
x-amz-target:Kinesis_20131202.DescribeStream
amz-sdk-invocation-id;amz-sdk-retry;content-length;content-type;host;user-agent;x-amz-date;x-amz-target
e747aeb68db4084ff18b20cb87215ac9bd6188a303f21ca3d6309fdb24fc9022" (com.amazonaws.auth.AWS4Signer:33)
[2020-05-13 17:15:57,051] DEBUG AWS4 String to Sign: '"AWS4-HMAC-SHA256
20200513T171557Z
20200513/us-east-1/kinesis/aws4_request
5c028d2f4f826acff80030fbeb810393512240e0af54667baa9fb8561eb91c5f" (com.amazonaws.auth.AWS4Signer:33)
[2020-05-13 17:15:57,051] DEBUG AWS4 String to Sign: '"AWS4-HMAC-SHA256
20200513T171557Z
20200513/us-east-1/kinesis/aws4_request
b412ec5b8b6d0f3c29b737f43871bdf517a62d463ea83f64abb7e6f73042dba0" (com.amazonaws.auth.AWS4Signer:33)
[2020-05-13 17:15:57,059] DEBUG Generating a new signing key as the signing key not available in the cache for the date 1589328000000 (com.amazonaws.auth.AWS4Signer:33)
[2020-05-13 17:15:57,059] DEBUG Generating a new signing key as the signing key not available in the cache for the date 1589328000000 (com.amazonaws.auth.AWS4Signer:33)
[2020-05-13 17:15:57,076] DEBUG CookieSpec selected: default (org.apache.http.client.protocol.RequestAddCookies:123)
[2020-05-13 17:15:57,076] DEBUG CookieSpec selected: default (org.apache.http.client.protocol.RequestAddCookies:123)
[2020-05-13 17:15:57,085] DEBUG Auth cache not set in the context (org.apache.http.client.protocol.RequestAuthCache:77)
[2020-05-13 17:15:57,085] DEBUG Auth cache not set in the context (org.apache.http.client.protocol.RequestAuthCache:77)
[2020-05-13 17:15:57,111] DEBUG Connection request: [route: {s}->https://kinesis.us-east-1.amazonaws.com:443][total kept alive: 0; route allocated: 0 of 50; total allocated: 0 of 50] (org.apache.http.impl.conn.PoolingHttpClientConnectionManager:265)
[2020-05-13 17:15:57,111] DEBUG Connection request: [route: {s}->https://kinesis.us-east-1.amazonaws.com:443][total kept alive: 0; route allocated: 0 of 50; total allocated: 0 of 50] (org.apache.http.impl.conn.PoolingHttpClientConnectionManager:265)
[2020-05-13 17:15:57,125] DEBUG Connection leased: [id: 1][route: {s}->https://kinesis.us-east-1.amazonaws.com:443][total kept alive: 0; route allocated: 1 of 50; total allocated: 1 of 50] (org.apache.http.impl.conn.PoolingHttpClientConnectionManager:309)
[2020-05-13 17:15:57,125] DEBUG Connection leased: [id: 0][route: {s}->https://kinesis.us-east-1.amazonaws.com:443][total kept alive: 0; route allocated: 1 of 50; total allocated: 1 of 50] (org.apache.http.impl.conn.PoolingHttpClientConnectionManager:309)
[2020-05-13 17:15:57,127] DEBUG Opening connection {s}->https://kinesis.us-east-1.amazonaws.com:443 (org.apache.http.impl.execchain.MainClientExec:235)
[2020-05-13 17:15:57,127] DEBUG Opening connection {s}->https://kinesis.us-east-1.amazonaws.com:443 (org.apache.http.impl.execchain.MainClientExec:235)
[2020-05-13 17:15:57,136] DEBUG Connecting to kinesis.us-east-1.amazonaws.com/3.91.171.152:443 (org.apache.http.impl.conn.DefaultHttpClientConnectionOperator:139)
[2020-05-13 17:15:57,136] DEBUG Connecting to kinesis.us-east-1.amazonaws.com/3.91.171.152:443 (org.apache.http.impl.conn.DefaultHttpClientConnectionOperator:139)
[2020-05-13 17:15:57,137] DEBUG connecting to kinesis.us-east-1.amazonaws.com/3.91.171.152:443 (com.amazonaws.http.conn.ssl.SdkTLSSocketFactory:137)
[2020-05-13 17:15:57,137] DEBUG connecting to kinesis.us-east-1.amazonaws.com/3.91.171.152:443 (com.amazonaws.http.conn.ssl.SdkTLSSocketFactory:137)
[2020-05-13 17:15:57,137] DEBUG Connecting socket to kinesis.us-east-1.amazonaws.com/3.91.171.152:443 with timeout 10000 (com.amazonaws.http.conn.ssl.SdkTLSSocketFactory:337)
[2020-05-13 17:15:57,137] DEBUG Connecting socket to kinesis.us-east-1.amazonaws.com/3.91.171.152:443 with timeout 10000 (com.amazonaws.http.conn.ssl.SdkTLSSocketFactory:337)
[2020-05-13 17:15:57,198] DEBUG Enabled protocols: [TLSv1, TLSv1.1, TLSv1.2] (com.amazonaws.http.conn.ssl.SdkTLSSocketFactory:390)
[2020-05-13 17:15:57,198] DEBUG Enabled protocols: [TLSv1, TLSv1.1, TLSv1.2] (com.amazonaws.http.conn.ssl.SdkTLSSocketFactory:390)
[2020-05-13 17:15:57,198] DEBUG Enabled cipher suites:[TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_EMPTY_RENEGOTIATION_INFO_SCSV] (com.amazonaws.http.conn.ssl.SdkTLSSocketFactory:391)
[2020-05-13 17:15:57,199] DEBUG Enabled cipher suites:[TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_EMPTY_RENEGOTIATION_INFO_SCSV] (com.amazonaws.http.conn.ssl.SdkTLSSocketFactory:391)
[2020-05-13 17:15:57,199] DEBUG socket.getSupportedProtocols(): [SSLv2Hello, SSLv3, TLSv1, TLSv1.1, TLSv1.2], socket.getEnabledProtocols(): [TLSv1, TLSv1.1, TLSv1.2] (com.amazonaws.http.conn.ssl.SdkTLSSocketFactory:84)
[2020-05-13 17:15:57,200] DEBUG socket.getSupportedProtocols(): [SSLv2Hello, SSLv3, TLSv1, TLSv1.1, TLSv1.2], socket.getEnabledProtocols(): [TLSv1, TLSv1.1, TLSv1.2] (com.amazonaws.http.conn.ssl.SdkTLSSocketFactory:84)
[2020-05-13 17:15:57,200] DEBUG TLS protocol enabled for SSL handshake: [TLSv1.2, TLSv1.1, TLSv1] (com.amazonaws.http.conn.ssl.SdkTLSSocketFactory:112)
[2020-05-13 17:15:57,200] DEBUG Starting handshake (com.amazonaws.http.conn.ssl.SdkTLSSocketFactory:395)
[2020-05-13 17:15:57,200] DEBUG TLS protocol enabled for SSL handshake: [TLSv1.2, TLSv1.1, TLSv1] (com.amazonaws.http.conn.ssl.SdkTLSSocketFactory:112)
[2020-05-13 17:15:57,201] DEBUG Starting handshake (com.amazonaws.http.conn.ssl.SdkTLSSocketFactory:395)
[2020-05-13 17:15:57,426] DEBUG (com.amazonaws.http.conn.ClientConnectionManagerFactory:82)
java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at com.amazonaws.http.conn.ClientConnectionManagerFactory$Handler.invoke(ClientConnectionManagerFactory.java:76)
at com.amazonaws.http.conn.$Proxy40.connect(Unknown Source)
at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:381)
at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:237)
at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:185)
at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:56)
at com.amazonaws.http.apache.client.impl.SdkHttpClient.execute(SdkHttpClient.java:72)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeOneRequest(AmazonHttpClient.java:1285)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeHelper(AmazonHttpClient.java:1101)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.doExecute(AmazonHttpClient.java:758)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeWithTimer(AmazonHttpClient.java:732)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.execute(AmazonHttpClient.java:714)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.access$500(AmazonHttpClient.java:674)
at com.amazonaws.http.AmazonHttpClient$RequestExecutionBuilderImpl.execute(AmazonHttpClient.java:656)
at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:520)
at com.amazonaws.services.kinesis.AmazonKinesisClient.doInvoke(AmazonKinesisClient.java:2803)
at com.amazonaws.services.kinesis.AmazonKinesisClient.invoke(AmazonKinesisClient.java:2772)
at com.amazonaws.services.kinesis.AmazonKinesisClient.invoke(AmazonKinesisClient.java:2761)
at com.amazonaws.services.kinesis.AmazonKinesisClient.executeDescribeStream(AmazonKinesisClient.java:871)
at com.amazonaws.services.kinesis.AmazonKinesisClient.describeStream(AmazonKinesisClient.java:842)
at io.confluent.connect.kinesis.KinesisSourceConnector.start(KinesisSourceConnector.java:58)
at org.apache.kafka.connect.runtime.WorkerConnector.doStart(WorkerConnector.java:110)
at org.apache.kafka.connect.runtime.WorkerConnector.start(WorkerConnector.java:135)
at org.apache.kafka.connect.runtime.WorkerConnector.transitionTo(WorkerConnector.java:195)
at org.apache.kafka.connect.runtime.Worker.startConnector(Worker.java:257)
at org.apache.kafka.connect.runtime.distributed.DistributedHerder.startConnector(DistributedHerder.java:1190)
at org.apache.kafka.connect.runtime.distributed.DistributedHerder.access$1300(DistributedHerder.java:126)
at org.apache.kafka.connect.runtime.distributed.DistributedHerder$14.call(DistributedHerder.java:1206)
at org.apache.kafka.connect.runtime.distributed.DistributedHerder$14.call(DistributedHerder.java:1202)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1946)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:316)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:310)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1639)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:223)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1037)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:965)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1064)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1367)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1395)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1379)
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:396)
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:355)
at com.amazonaws.http.conn.ssl.SdkTLSSocketFactory.connectSocket(SdkTLSSocketFactory.java:142)
at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142)
at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:373)
... 39 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:450)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:317)
at sun.security.validator.Validator.validate(Validator.java:262)
at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:330)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:237)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:132)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1621)
... 51 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:445)
... 57 more
[2020-05-13 17:15:57,426] DEBUG (com.amazonaws.http.conn.ClientConnectionManagerFactory:82)
java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at com.amazonaws.http.conn.ClientConnectionManagerFactory$Handler.invoke(ClientConnectionManagerFactory.java:76)
at com.amazonaws.http.conn.$Proxy40.connect(Unknown Source)
at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:381)
at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:237)
at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:185)
at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:56)
at com.amazonaws.http.apache.client.impl.SdkHttpClient.execute(SdkHttpClient.java:72)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeOneRequest(AmazonHttpClient.java:1285)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeHelper(AmazonHttpClient.java:1101)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.doExecute(AmazonHttpClient.java:758)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeWithTimer(AmazonHttpClient.java:732)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.execute(AmazonHttpClient.java:714)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.access$500(AmazonHttpClient.java:674)
at com.amazonaws.http.AmazonHttpClient$RequestExecutionBuilderImpl.execute(AmazonHttpClient.java:656)
at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:520)
at com.amazonaws.services.kinesis.AmazonKinesisClient.doInvoke(AmazonKinesisClient.java:2803)
at com.amazonaws.services.kinesis.AmazonKinesisClient.invoke(AmazonKinesisClient.java:2772)
at com.amazonaws.services.kinesis.AmazonKinesisClient.invoke(AmazonKinesisClient.java:2761)
at com.amazonaws.services.kinesis.AmazonKinesisClient.executeDescribeStream(AmazonKinesisClient.java:871)
at com.amazonaws.services.kinesis.AmazonKinesisClient.describeStream(AmazonKinesisClient.java:842)
at io.confluent.connect.kinesis.KinesisSourceConnector.start(KinesisSourceConnector.java:58)
at org.apache.kafka.connect.runtime.WorkerConnector.doStart(WorkerConnector.java:110)
at org.apache.kafka.connect.runtime.WorkerConnector.start(WorkerConnector.java:135)
at org.apache.kafka.connect.runtime.WorkerConnector.transitionTo(WorkerConnector.java:195)
at org.apache.kafka.connect.runtime.Worker.startConnector(Worker.java:257)
at org.apache.kafka.connect.runtime.distributed.DistributedHerder.startConnector(DistributedHerder.java:1190)
at org.apache.kafka.connect.runtime.distributed.DistributedHerder.access$1300(DistributedHerder.java:126)
at org.apache.kafka.connect.runtime.distributed.DistributedHerder$14.call(DistributedHerder.java:1206)
at org.apache.kafka.connect.runtime.distributed.DistributedHerder$14.call(DistributedHerder.java:1202)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1946)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:316)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:310)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1639)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:223)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1037)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:965)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1064)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1367)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1395)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1379)
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:396)
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:355)
at com.amazonaws.http.conn.ssl.SdkTLSSocketFactory.connectSocket(SdkTLSSocketFactory.java:142)
at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142)
at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:373)
... 39 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:450)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:317)
at sun.security.validator.Validator.validate(Validator.java:262)
at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:330)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:237)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:132)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1621)
... 51 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:445)
... 57 more
[2020-05-13 17:15:57,428] DEBUG http-outgoing-0: Shutdown connection (org.apache.http.impl.conn.DefaultManagedHttpClientConnection:96)
[2020-05-13 17:15:57,429] DEBUG http-outgoing-1: Shutdown connection (org.apache.http.impl.conn.DefaultManagedHttpClientConnection:96)
[2020-05-13 17:15:57,429] DEBUG Connection discarded (org.apache.http.impl.execchain.MainClientExec:129)
[2020-05-13 17:15:57,429] DEBUG Connection discarded (org.apache.http.impl.execchain.MainClientExec:129)
[2020-05-13 17:15:57,429] DEBUG Connection released: [id: 0][route: {s}->https://kinesis.us-east-1.amazonaws.com:443][total kept alive: 0; route allocated: 0 of 50; total allocated: 0 of 50] (org.apache.http.impl.conn.PoolingHttpClientConnectionManager:348)
[2020-05-13 17:15:57,429] DEBUG Connection released: [id: 1][route: {s}->https://kinesis.us-east-1.amazonaws.com:443][total kept alive: 0; route allocated: 0 of 50; total allocated: 0 of 50] (org.apache.http.impl.conn.PoolingHttpClientConnectionManager:348)