Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Updates dummyTrustManager to use more supported security protocol #436

Merged
merged 5 commits into from
May 30, 2023
Merged

Updates dummyTrustManager to use more supported security protocol #436

merged 5 commits into from
May 30, 2023

Conversation

scottopell
Copy link
Contributor

@scottopell scottopell commented Apr 28, 2023
edited
Loading

Some customers run JMXFetch on a host install where their own JVM is used. These JVMs may restrict the available security algorithms to exclude SSL which would lead to an error similar to this:

java.security.NoSuchAlgorithmException: SSL SSLContext not available
   at java.base/sun.security.jca.GetInstance.getInstance(GetInstance.java:159)
   at java.base/javax.net.ssl.SSLContext.getInstance(SSLContext.java:168)
   at org.datadog.jmxfetch.HttpClient.<init>(HttpClient.java:91)
   at org.datadog.jmxfetch.App.<init>(App.java:115)
   at org.datadog.jmxfetch.JmxFetch.main(JmxFetch.java:56)
   at org.datadog.jmxfetch.App.main(App.java:91)

This PR changes our dummyTrustManager to use TLS instead of SSL (allowing the JVM to pick the specific version of TLS supported), which should have wider support across JVMs.

Also adds an error log specifying the impact of a missing dummyTrustManager to help with future triage.

@scottopell scottopell force-pushed the sopell/trust-mgr-fail-logs branch from 76f540f to 9a48737 Compare April 28, 2023 18:35
@scottopell scottopell force-pushed the sopell/trust-mgr-fail-logs branch from 1e4481e to 913df87 Compare May 5, 2023 16:05
@scottopell scottopell changed the title Adds extra logging when dummyTrustManager fails to configure Updates dummyTrustManager to use more support security protocol May 5, 2023
@scottopell scottopell force-pushed the sopell/trust-mgr-fail-logs branch from 913df87 to fa02c90 Compare May 5, 2023 16:10
@scottopell scottopell changed the title Updates dummyTrustManager to use more support security protocol Updates dummyTrustManager to use more supported security protocol May 5, 2023
@scottopell scottopell marked this pull request as ready for review May 8, 2023 20:10
@scottopell scottopell requested a review from vickenty May 30, 2023 14:24
@scottopell scottopell merged commit f6abd93 into master May 30, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@vickenty vickenty vickenty approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@scottopell @vickenty