下面是我们尝试读取流
时收到的错误Caused by: kafkashaded.org.apache.kafka.common.KafkaException: Failed to load SSL keystore /dbfs/FileStore/Certs/client.keystore.jks
Caused by: java.nio.file.NoSuchFileException: /dbfs/FileStore/Certs/client.keyst
当试图从Kafka读取流时,Databricks无法找到keystore文件。
df = spark.readStream
.format("kafka")
.option("kafka.bootstrap.servers","kafka server with port")
.option("kafka.security.protocol", "SSL")
.option("kafka.ssl.truststore.location",'/dbfs/FileStore/Certs/client.truststore.jks' )
.option("kafka.ssl.keystore.location", '/dbfs/FileStore/Certs/client.keystore.jks')
.option("kafka.ssl.keystore.password", keystore_pass)
.option("kafka.ssl.truststore.password", truststore_pass)
.option("kafka.ssl.keystore.type", "JKS")
.option("kafka.ssl.truststore.type", "JKS")
.option("subscribe","sports")
.option("startingOffsets", "earliest")
.load()
该文件存在于dbfs中,并且能够读取该文件。我们还将blob存储挂载到数据块中,并尝试从ADLS gen2读取文件。驱动程序日志也有额外的错误:22/11/04 12:18:07 ERROR DefaultSslEngineFactory: Modification time of key store could not be obtained .
我们正在尝试通过使用SSL密钥库进行身份验证来读取kafka流。连接似乎不工作,因为数据库无法查看密钥库
我可以通过在原始路径中添加dbfs前缀来访问密钥存储文件。因此,不使用路径/dbfs/FileStore/Certs/client.truststore。我使用了/dbfs/dbfs/FileStore/Certs/client.truststore.jks.
但是我现在收到SSL握手错误,即使我创建的信任存储是基于服务器证书的,并且证书中的指纹与信任存储指纹匹配。
kafkashaded.org.apache.kafka.common.errors.SslAuthenticationException: SSL handshake failed Caused by: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: signature check failed Caused by: java.security.cert.CertPathValidatorException: signature check failed Caused by: java.security.SignatureException: Signature does not match.