We Keep Coding

Akka Management serving HTTP over HTTPS

I am trying to secure the Akka Management port of a Scala microservice with TLS by starting Akka Management programatically on port 8558 via AkkaManagement:withHttpsConnectionContext().
When the Scala service is run, it reads from the configuration and starts Akka Management fine, but does not appear to be operating with TLS encryption enabled.
~$ telnet localhost 8558
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
GET /cluster/members HTTP/1.0
Host: 127.0.0.1
HTTP/1.1 200 OK
Server: akka-http/10.4.0
Date: Fri, 27 Jan 2023 20:26:00 GMT
Connection: close
Content-Type: application/json
Content-Length: 439
From what I can tell, Akka Management is serving HTTP from what should be the HTTPS port, and not encrypting the response.
:~$ openssl s_client -connect localhost:8558 -state -debug
CONNECTED(00000003)
SSL_connect:before SSL initialization
write to 0x56097b12c740 [0x56097b13ee80] (283 bytes => 283 (0x11B))
0000 - 16 03 01 01 16 01 00 01-12 03 03 05 27 1c 50 1b ............'.P.
0010 - e6 b6 23 5a e5 da d5 48-29 33 51 08 13 fb b6 aa ..#Z...H)3Q.....
0020 - 23 f4 2e 44 93 75 95 97-59 9a 1c 20 99 b0 36 06 #..D.u..Y.. ..6.
0030 - 1f 3d 79 d0 d8 e8 36 7e-41 5e 2e ff 70 f7 ce a5 .=y...6~A^..p...
0040 - 0a 5a 56 e4 a9 fc 15 09-d0 3c a7 9b 00 3e 13 02 .ZV......<...>..
0050 - 13 03 13 01 c0 2c c0 30-00 9f cc a9 cc a8 cc aa .....,.0........
0060 - c0 2b c0 2f 00 9e c0 24-c0 28 00 6b c0 23 c0 27 .+./...$.(.k.#.'
0070 - 00 67 c0 0a c0 14 00 39-c0 09 c0 13 00 33 00 9d .g.....9.....3..
0080 - 00 9c 00 3d 00 3c 00 35-00 2f 00 ff 01 00 00 8b ...=.<.5./......
0090 - 00 0b 00 04 03 00 01 02-00 0a 00 0c 00 0a 00 1d ................
00a0 - 00 17 00 1e 00 19 00 18-00 23 00 00 00 16 00 00 .........#......
00b0 - 00 17 00 00 00 0d 00 2a-00 28 04 03 05 03 06 03 .......*.(......
00c0 - 08 07 08 08 08 09 08 0a-08 0b 08 04 08 05 08 06 ................
00d0 - 04 01 05 01 06 01 03 03-03 01 03 02 04 02 05 02 ................
00e0 - 06 02 00 2b 00 05 04 03-04 03 03 00 2d 00 02 01 ...+........-...
00f0 - 01 00 33 00 26 00 24 00-1d 00 20 4e 63 c8 62 95 ..3.&.$... Nc.b.
0100 - f3 8e a4 b2 04 44 1a 83-6e 53 99 4b ef d0 f7 51 .....D..nS.K...Q
0110 - eb 95 b5 8c 1d 3c f7 f7-fa c1 1b .....<.....
SSL_connect:SSLv3/TLS write client hello
read from 0x56097b12c740 [0x56097b135c63] (5 bytes => 5 (0x5))
0000 - 48 54 54 50 2f HTTP/
SSL_connect:error in error
139911147234624:error:1408F10B:SSL routines:ssl3_get_record:wrong version number:../ssl/record/ssl3_record.c:331:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 5 bytes and written 283 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---
read from 0x56097b12c740 [0x56097b123f00] (8192 bytes => 189 (0xBD))
0000 - 31 2e 31 20 34 30 30 20-42 61 64 20 52 65 71 75 1.1 400 Bad Requ
0010 - 65 73 74 0d 0a 53 65 72-76 65 72 3a 20 61 6b 6b est..Server: akk
0020 - 61 2d 68 74 74 70 2f 31-30 2e 34 2e 30 0d 0a 44 a-http/10.4.0..D
0030 - 61 74 65 3a 20 46 72 69-2c 20 32 37 20 4a 61 6e ate: Fri, 27 Jan
0040 - 20 32 30 32 33 20 32 30-3a 33 36 3a 30 32 20 47 2023 20:36:02 G
0050 - 4d 54 0d 0a 43 6f 6e 6e-65 63 74 69 6f 6e 3a 20 MT..Connection:
0060 - 63 6c 6f 73 65 0d 0a 43-6f 6e 74 65 6e 74 2d 54 close..Content-T
0070 - 79 70 65 3a 20 74 65 78-74 2f 70 6c 61 69 6e 3b ype: text/plain;
0080 - 20 63 68 61 72 73 65 74-3d 55 54 46 2d 38 0d 0a charset=UTF-8..
0090 - 43 6f 6e 74 65 6e 74 2d-4c 65 6e 67 74 68 3a 20 Content-Length:
00a0 - 32 33 0d 0a 0d 0a 55 6e-73 75 70 70 6f 72 74 65 23....Unsupporte
00b0 - 64 20 48 54 54 50 20 6d-65 74 68 6f 64 d HTTP method
read from 0x56097b12c740 [0x56097b123f00] (8192 bytes => 0 (0x0))
It also looks like attempting to access Akka Management with TLS is also failing completely.
I'm seeing the following log message on the microservice when using the openssl command:
[WARN] [akka.actor.ActorSystemImpl] [] [inbound-transaction-akka.actor.default-dispatcher-65] [] [] [] [] - Illegal request, responding with status '400 Bad Request': Unsupported HTTP method: The HTTP method started with 0x16 rather than any known HTTP method from 192.168.96.1:39184. Perhaps this was an HTTPS request sent to an HTTP endpoint?
I tried starting Akka Management programatically with TLS encryption, and got unencrypted HTTP instead.
Here is the code used to setup HTTPS and start Akka Management:
def getHttpsConnectionContext(config: HttpsConfig): SSLContext = {
val keystore: KeyStore = KeyStore.getInstance("PKCS12")
val keystoreFile: InputStream =
getClass.getClassLoader.getResourceAsStream(config.keystoreFile)
val keystorePassword = config.keystorePassword.toCharArray
keystore.load(keystoreFile, keystorePassword)
val keyManagerFactory: KeyManagerFactory =
KeyManagerFactory.getInstance("SunX509")
keyManagerFactory.init(keystore, keystorePassword)
val trustManagerFactory: TrustManagerFactory =
TrustManagerFactory.getInstance("SunX509")
trustManagerFactory.init(keystore)
val sslContext: SSLContext = SSLContext.getInstance("TLS")
sslContext.init(
keyManagerFactory.getKeyManagers,
trustManagerFactory.getTrustManagers,
new SecureRandom
)
sslContext
}
val httpsConfig: HttpsConfig =
HttpsConfig(
actorSystem.settings.config,
"akka.moo.https"
) match {
case Some(value) => value
case None => throw new ConfigurationException("Bad HTTPS config")
}
val sslContext: SSLContext =
HttpsContext.getHttpsConnectionContext(httpsConfig)
val httpsServer: HttpsConnectionContext =
ConnectionContext.httpsServer(sslContext)
val management = AkkaManagement(actorSystem)
management.start(_.withHttpsConnectionContext(httpsServer))
I'm not sure what the problem here is.
Thank you ahead of time for your help.

Change and move MongoDB data directory in Windows

The drive for holding my Mongo data is running out of space (data directory: D:\mongo\data). So I decided to move the data directory to another drive that has a larger space (intended directory: F:\mongodata\data).
I learned that I could just copy D:\mongo\data to F:\mongodata\data and modify the dbPath in mongod.cfg to dbPath: F:\mongodata\data (the log is still path: D:\mongo\log\mongod.log). However when I try to connect to MongoDB via MongoDB Compass Community, I get the following error,
connect ECONNREFUSED 127.0.0.1:27017
The command line returns this error,
C:\Users\liding>mongo
MongoDB shell version v4.4.0
connecting to: mongodb://127.0.0.1:27017/?compressors=disabled&gssapiServiceName=mongodb
Error: couldn't connect to server 127.0.0.1:27017, connection attempt failed: SocketException: Error connecting to 127.0.0.1:27017 :: caused by :: No connection could be made because the target machine actively refused it. :
connect#src/mongo/shell/mongo.js:362:17
#(connect):2:6
exception: connect failed
exiting with code 1
I don't know if it is the problem with Windows service since I installed Windows service right after installing MongoDB on my PC. So I followed this by modifying the regedit and restarted my computer. The problem was still there.
I also tried mongod --dbpath "F:\mongodata\data" in cmd following this. It appeared to be working.
{"t":{"$date":"2021-04-18T16:16:35.933+08:00"},"s":"I", "c":"CONTROL", "id":23285, "ctx":"main","msg":"Automatically disabling TLS 1.0, to force-enable TLS 1.0 specify --sslDisabledProtocols 'none'"}
{"t":{"$date":"2021-04-18T16:16:35.935+08:00"},"s":"W", "c":"ASIO", "id":22601, "ctx":"main","msg":"No TransportLayer configured during NetworkInterface startup"}
{"t":{"$date":"2021-04-18T16:16:35.935+08:00"},"s":"I", "c":"NETWORK", "id":4648602, "ctx":"main","msg":"Implicit TCP FastOpen in use."}
{"t":{"$date":"2021-04-18T16:16:35.936+08:00"},"s":"I", "c":"STORAGE", "id":4615611, "ctx":"initandlisten","msg":"MongoDB starting","attr":{"pid":5292,"port":27017,"dbPath":"F:/mongodata/data","architecture":"64-bit","host":"lidingoffice"}}
{"t":{"$date":"2021-04-18T16:16:35.936+08:00"},"s":"I", "c":"CONTROL", "id":23398, "ctx":"initandlisten","msg":"Target operating system minimum version","attr":{"targetMinOS":"Windows 7/Windows Server 2008 R2"}}
{"t":{"$date":"2021-04-18T16:16:35.936+08:00"},"s":"I", "c":"CONTROL", "id":23403, "ctx":"initandlisten","msg":"Build Info","attr":{"buildInfo":{"version":"4.4.0","gitVersion":"563487e100c4215e2dce98d0af2a6a5a2d67c5cf","modules":[],"allocator":"tcmalloc","environment":{"distmod":"windows","distarch":"x86_64","target_arch":"x86_64"}}}}
{"t":{"$date":"2021-04-18T16:16:35.936+08:00"},"s":"I", "c":"CONTROL", "id":51765, "ctx":"initandlisten","msg":"Operating System","attr":{"os":{"name":"Microsoft Windows 10","version":"10.0 (build 18363)"}}}
{"t":{"$date":"2021-04-18T16:16:35.936+08:00"},"s":"I", "c":"CONTROL", "id":21951, "ctx":"initandlisten","msg":"Options set by command line","attr":{"options":{"storage":{"dbPath":"F:\\mongodata\\data"}}}}
{"t":{"$date":"2021-04-18T16:16:35.937+08:00"},"s":"W", "c":"STORAGE", "id":22271, "ctx":"initandlisten","msg":"Detected unclean shutdown - Lock file is not empty","attr":{"lockFile":"F:\\mongodata\\data\\mongod.lock"}}
{"t":{"$date":"2021-04-18T16:16:35.937+08:00"},"s":"I", "c":"STORAGE", "id":22270, "ctx":"initandlisten","msg":"Storage engine to use detected by data files","attr":{"dbpath":"F:/mongodata/data","storageEngine":"wiredTiger"}}
{"t":{"$date":"2021-04-18T16:16:35.937+08:00"},"s":"W", "c":"STORAGE", "id":22302, "ctx":"initandlisten","msg":"Recovering data from the last clean checkpoint."}
{"t":{"$date":"2021-04-18T16:16:35.937+08:00"},"s":"I", "c":"STORAGE", "id":22315, "ctx":"initandlisten","msg":"Opening WiredTiger","attr":{"config":"create,cache_size=15762M,session_max=33000,eviction=(threads_min=4,threads_max=4),config_base=false,statistics=(fast),log=(enabled=true,archive=true,path=journal,compressor=snappy),file_manager=(close_idle_time=100000,close_scan_interval=10,close_handle_minimum=250),statistics_log=(wait=0),verbose=[recovery_progress,checkpoint_progress,compact_progress],"}}
{"t":{"$date":"2021-04-18T16:16:36.243+08:00"},"s":"I", "c":"STORAGE", "id":22430, "ctx":"initandlisten","msg":"WiredTiger message","attr":{"message":"[1618733796:243547][5292:140737312022176], txn-recover: [WT_VERB_RECOVERY_PROGRESS] Recovering log 5962 through 5963"}}
{"t":{"$date":"2021-04-18T16:16:36.287+08:00"},"s":"I", "c":"STORAGE", "id":22430, "ctx":"initandlisten","msg":"WiredTiger message","attr":{"message":"[1618733796:286397][5292:140737312022176], txn-recover: [WT_VERB_RECOVERY_PROGRESS] Recovering log 5963 through 5963"}}
{"t":{"$date":"2021-04-18T16:16:36.332+08:00"},"s":"I", "c":"STORAGE", "id":22430, "ctx":"initandlisten","msg":"WiredTiger message","attr":{"message":"[1618733796:332303][5292:140737312022176], txn-recover: [WT_VERB_RECOVERY | WT_VERB_RECOVERY_PROGRESS] Main recovery loop: starting at 5962/2304 to 5963/256"}}
{"t":{"$date":"2021-04-18T16:16:36.333+08:00"},"s":"I", "c":"STORAGE", "id":22430, "ctx":"initandlisten","msg":"WiredTiger message","attr":{"message":"[1618733796:332303][5292:140737312022176], txn-recover: [WT_VERB_RECOVERY_PROGRESS] Recovering log 5962 through 5963"}}
{"t":{"$date":"2021-04-18T16:16:36.418+08:00"},"s":"I", "c":"STORAGE", "id":22430, "ctx":"initandlisten","msg":"WiredTiger message","attr":{"message":"[1618733796:418251][5292:140737312022176], file:sizeStorer.wt, txn-recover: [WT_VERB_RECOVERY_PROGRESS] Recovering log 5963 through 5963"}}
{"t":{"$date":"2021-04-18T16:16:36.454+08:00"},"s":"I", "c":"STORAGE", "id":22430, "ctx":"initandlisten","msg":"WiredTiger message","attr":{"message":"[1618733796:454386][5292:140737312022176], file:sizeStorer.wt, txn-recover: [WT_VERB_RECOVERY | WT_VERB_RECOVERY_PROGRESS] Set global recovery timestamp: (0, 0)"}}
{"t":{"$date":"2021-04-18T16:16:36.569+08:00"},"s":"I", "c":"STORAGE", "id":4795906, "ctx":"initandlisten","msg":"WiredTiger opened","attr":{"durationMillis":632}}
{"t":{"$date":"2021-04-18T16:16:36.570+08:00"},"s":"I", "c":"RECOVERY", "id":23987, "ctx":"initandlisten","msg":"WiredTiger recoveryTimestamp","attr":{"recoveryTimestamp":{"$timestamp":{"t":0,"i":0}}}}
{"t":{"$date":"2021-04-18T16:16:36.592+08:00"},"s":"I", "c":"STORAGE", "id":22262, "ctx":"initandlisten","msg":"Timestamp monitor starting"}
{"t":{"$date":"2021-04-18T16:16:36.641+08:00"},"s":"W", "c":"CONTROL", "id":22120, "ctx":"initandlisten","msg":"Access control is not enabled for the database. Read and write access to data and configuration is unrestricted","tags":["startupWarnings"]}
{"t":{"$date":"2021-04-18T16:16:36.642+08:00"},"s":"W", "c":"CONTROL", "id":22140, "ctx":"initandlisten","msg":"This server is bound to localhost. Remote systems will be unable to connect to this server. Start the server with --bind_ip <address> to specify which IP addresses it should serve responses from, or with --bind_ip_all to bind to all interfaces. If this behavior is desired, start the server with --bind_ip 127.0.0.1 to disable this warning","tags":["startupWarnings"]}
{"t":{"$date":"2021-04-18T16:16:36.668+08:00"},"s":"I", "c":"STORAGE", "id":20536, "ctx":"initandlisten","msg":"Flow Control is enabled on this deployment"}
{"t":{"$date":"2021-04-18T16:16:36.775+08:00"},"s":"I", "c":"FTDC", "id":20625, "ctx":"initandlisten","msg":"Initializing full-time diagnostic data capture","attr":{"dataDirectory":"F:/mongodata/data/diagnostic.data"}}
{"t":{"$date":"2021-04-18T16:16:36.778+08:00"},"s":"I", "c":"NETWORK", "id":23015, "ctx":"listener","msg":"Listening on","attr":{"address":"127.0.0.1"}}
{"t":{"$date":"2021-04-18T16:16:36.778+08:00"},"s":"I", "c":"NETWORK", "id":23016, "ctx":"listener","msg":"Waiting for connections","attr":{"port":27017,"ssl":"off"}}
{"t":{"$date":"2021-04-18T16:16:37.004+08:00"},"s":"I", "c":"FTDC", "id":20631, "ctx":"ftdc","msg":"Unclean full-time diagnostic data capture shutdown detected, found interim file, some metrics may have been lost","attr":{"error":{"code":0,"codeName":"OK"}}}
However, after a few seconds, the connection would disconnect automatically and throw some "WiredTiger error" (part of the error is as follows),
{"t":{"$date":"2021-04-18T16:17:36.778+08:00"},"s":"E", "c":"STORAGE", "id":22435, "ctx":"TTLMonitor","msg":"WiredTiger error","attr":{"error":0,"message":"[1618733856:777592][5292:140737312022176], file:index-6--2848807291971628139.wt, WT_SESSION.open_cursor: __wt_block_read_off, 283: index-6--2848807291971628139.wt: read checksum error for 4096B block at offset 4096: block header checksum of 0xebf13864 doesn't match expected checksum of 0x6b102582"}}
{"t":{"$date":"2021-04-18T16:17:36.778+08:00"},"s":"E", "c":"STORAGE", "id":22435, "ctx":"TTLMonitor","msg":"WiredTiger error","attr":{"error":0,"message":"[1618733856:778335][5292:140737312022176], file:index-6--2848807291971628139.wt, WT_SESSION.open_cursor: __wt_bm_corrupt_dump, 135: {4096, 4096, 0x6b102582}: (chunk 1 of 4): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 36 00 00 00 0e 00 00 00 01 00 00 01 00 10 00 00 64 38 f1 eb 01 00 00 00 e2 f5 1a 80 cf c0 cf c0 df c0 cf c0 80 81 e4 01 6a 39 1c e2 0f c0 00 00 00 00 00 00 c4 72 65 6e 63 72 79 70 74 69 6f 6e 3d 28 6b 65 79 69 64 3d 2c 6e 61 6d 65 3d 29 2c 62 6c 6f 63 6b 5f 6d 65 74 61 64 61 74 61 5f 65 6e 63 72 79 70 74 65 64 3d 66 61 6c 73 65 2c 62 6c 6f 63 6b 5f 6d 65 74 61 64 61 74 61 3d 5b 61 63 63 65 73 73 5f 70 61 74 74 65 72 6e 5f 68 69 6e 74 3d 6e 6f 6e 65 2c 61 6c 6c 6f 63 61 74 69 6f 6e 5f 73 69 7a 65 3d 34 4b 42 2c 61 70 70 5f 6d 65 74 61 64 61 74 61 3d 28 66 6f 72 6d 61 74 56 65 72 73 69 6f 6e 3d 38 29 2c 61 73 73 65 72 74 3d 28 63 6f 6d 6d 69 74 5f 74 69 6d 65 73 74 61 6d 70 3d 6e 6f 6e 65 2c 64 75 72 61 62 6c 65 5f 74 69 6d 65 73 74 61 6d 70 3d 6e 6f 6e 65 2c 72 65 61 64 5f 74 69 6d 65 73 74 61 6d 70 3d 6e 6f 6e 65 29 2c 62 6c 6f 63 6b 5f 61 6c 6c 6f 63 61 74 69 6f 6e 3d 62 65 73 74 2c 62 6c 6f 63 6b 5f 63 6f 6d 70 72 65 73 73 6f 72 3d 2c 63 61 63 68 65 5f 72 65 73 69 64 65 6e 74 3d 66 61 6c 73 65 2c 63 68 65 63 6b 73 75 6d 3d 6f 6e 2c 63 6f 6c 6c 61 74 6f 72 3d 2c 63 6f 6c 75 6d 6e 73 3d 2c 64 69 63 74 69 6f 6e 61 72 79 3d 30 2c 65 6e 63 72 79 70 74 69 6f 6e 3d 28 6b 65 79 69 64 3d 2c 6e 61 6d 65 3d 29 2c 66 6f 72 6d 61 74 3d 62 74 72 65 65 2c 68 75 66 66 6d 61 6e 5f 6b 65 79 3d 2c 68 75 66 66 6d 61 6e 5f 76 61 6c 75 65 3d 2c 69 64 3d 31 30 2c 69 67 6e 6f 72 65 5f 69 6e 5f 6d 65 6d 6f 72 79 5f 63 61 63 68 65 5f 73 69 7a 65 3d 66 61 6c 73 65 2c 69 6e 74 65 72 6e 61 6c 5f 69 74 65 6d 5f 6d 61 78 3d 30 2c 69 6e 74 65 72 6e 61 6c 5f 6b 65 79 5f 6d 61 78 3d 30 2c 69 6e 74 65 72 6e 61 6c 5f 6b 65 79 5f 74 72 75 6e 63 61 74 65 3d 74 72 75 65 2c 69 6e 74 65 72 6e 61 6c 5f 70 61 67 65 5f 6d 61 78 3d 31 36 6b 2c 6b 65 79 5f 66 6f 72 6d 61 74 3d 75 2c 6b 65 79 5f 67 61 70 3d 31 30 2c 6c 65 61 66 5f 69 74 65 6d 5f 6d 61 78 3d 30 2c 6c 65 61 66 5f 6b 65 79 5f 6d 61 78 3d 30 2c 6c 65 61 66 5f 70 61 67 65 5f 6d 61 78 3d 31 36 6b 2c 6c 65 61 66 5f 76 61 6c 75 65 5f 6d 61 78 3d 30 2c 6c 6f 67 3d 28 65 6e 61 62 6c 65 64 3d 74 72 75 65 29 2c 6d 65 6d 6f 72 79 5f 70 61 67 65 5f 69 6d 61 67 65 5f 6d 61 78 3d 30 2c 6d 65 6d 6f 72 79 5f 70 61 67 65 5f 6d 61 78 3d 35 4d 42 2c 6f 73 5f 63 61 63 68 65 5f 64 69 72 74 79 5f 6d 61 78 3d 30 2c 6f 73 5f 63 61 63 68 65 5f 6d 61 78 3d 30 2c 70 72 65 66 69 78 5f 63 6f 6d 70 72 65 73 73 69 6f 6e 3d 74 72 75 65 2c 70 72 65 66 69 78 5f 63 6f 6d 70 72 65 73 73 69 6f 6e 5f 6d 69 6e 3d 34 2c 73 70 6c 69 74 5f 64 65 65 70 65 6e 5f 6d 69 6e 5f 63 68 69 6c 64 3d 30 2c 73 70 6c 69 74 5f 64 65 65 70 65 6e 5f 70 65 72 5f 63 68 69 6c 64 3d 30 2c 73 70 6c 69 74 5f 70 63 74 3d 39 30 2c 76 61 6c 75 65 5f 66 6f 72 6d 61 74 3d 75 2c 76 65 72 73 69 6f 6e 3d 28 6d 61 6a 6f 72 3d 31 2c 6d 69 6e 6f 72 3d 31 29 2c 63 68 65 63 6b 70 6f 69 6e 74 3d 28 57 69 72 65 64 54 69 67 65 72 43 68 65 63 6b 70 6f 69 6e 74 2e 32 38 33 38 37 35 3d 28 61 64 64 72 3d 22 30 31 38 30 38 30 38 30 38 30 38 30 38 30 38 31 38 31 65 34 31 37 32 64 34 33 36 31 38 30 38 30 38 30 65 32 30 66 63 30 38 30 "}}
{"t":{"$date":"2021-04-18T15:57:51.396+08:00"},"s":"E", "c":"STORAGE", "id":22435, "ctx":"TTLMonitor","msg":"WiredTiger error","attr":{"error":-31802,"message":"[1618732671:395950][17832:140737312022176], file:index-6--2848807291971628139.wt, WT_SESSION.open_cursor: __wt_block_read_off, 292: index-6--2848807291971628139.wt: fatal read error: WT_ERROR: non-specific WiredTiger error"}}
{"t":{"$date":"2021-04-18T15:57:51.397+08:00"},"s":"E", "c":"STORAGE", "id":22435, "ctx":"TTLMonitor","msg":"WiredTiger error","attr":{"error":-31804,"message":"[1618732671:396947][17832:140737312022176], file:index-6--2848807291971628139.wt, WT_SESSION.open_cursor: __wt_block_read_off, 292: the process must exit and restart: WT_PANIC: WiredTiger library panic"}}
{"t":{"$date":"2021-04-18T15:57:51.398+08:00"},"s":"F", "c":"-", "id":23089, "ctx":"TTLMonitor","msg":"Fatal assertion","attr":{"msgid":50853,"file":"src\\mongo\\db\\storage\\wiredtiger\\wiredtiger_util.cpp","line":446}}
{"t":{"$date":"2021-04-18T15:57:51.404+08:00"},"s":"F", "c":"-", "id":23090, "ctx":"TTLMonitor","msg":"\n\n***aborting after fassert() failure\n\n"}
{"t":{"$date":"2021-04-18T15:57:51.405+08:00"},"s":"F", "c":"CONTROL", "id":4757800, "ctx":"TTLMonitor","msg":"Writing fatal message","attr":{"message":"Got signal: 22 (SIGABRT).\n"}}
Any clue of how to fix this problem? Thanks!

OSC address without preceding slash (/)?

I'm sending the following OSC message to a Behringer X32 mixer:
00000000 2f 6e 6f 64 65 00 00 00 2c 73 00 00 63 6f 6e 66 /node... ,s..conf
00000010 69 67 2f 63 68 6c 69 6e 6b 00 00 00 ig/chlin k...
I'm getting this message back:
00000000 6e 6f 64 65 00 00 00 00 2c 73 00 00 2f 63 6f 6e node.... ,s../con
00000010 66 69 67 2f 63 68 6c 69 6e 6b 20 4f 46 46 20 4f fig/chli nk OFF O
00000020 4e 20 4f 4e 20 4f 4e 20 4f 46 46 20 4f 4e 20 4f N ON ON OFF ON O
00000030 46 46 20 4f 46 46 20 4f 4e 20 4f 4e 20 4f 4e 20 FF OFF O N ON ON
00000040 4f 4e 20 4f 46 46 20 4f 46 46 20 4f 46 46 20 4f ON OFF O FF OFF O
00000050 46 46 0a 00 FF..
It seems that the address in the response is malformed as it does not begin with a preceding slash character /.
According to the OSC 1.0 specification:
An OSC Address Pattern is an OSC-string beginning with the character '/' (forward slash).
Is the packet I'm getting back from the mixer simply an invalid OSC message that I need to deal with, or is there some meaning or convention behind the omission of the slash character?

Found in Patrick-Gilles Maillot's unofficial documentation:
Note/bug: the response from the Server is “node…” and not “/node…” as one could expect. This is not OSC compliant.

ssl socket write gives connection reset exception

I am trying to send ios push notification using javapns library . the code is working fine on java 6 but not working on java 7 . I am trying to write on a ssl socket by java code
this.socket.getOutputStream().write(bytes);
but getting following exception : -
2015-09-24 02:01:17,330 [JavaPNS grouped notification thread in LIST
mode] ERROR javapns.notification.PushNotificationManager
(PushNotificationManager.java:496) - Delivery error
java.net.SocketException: Connection reset
at java.net.SocketInputStream.read(SocketInputStream.java:196) ~[?:1.7.0_79]
at java.net.SocketInputStream.read(SocketInputStream.java:122) ~[?:1.7.0_79]
at sun.security.ssl.InputRecord.readFully(InputRecord.java:442) ~[?:1.7.0_79]
at sun.security.ssl.InputRecord.read(InputRecord.java:480) ~[?:1.7.0_79]
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:934)
~[?:1.7.0_79]
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1332)
~[?:1.7.0_79]
at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:709)
~[?:1.7.0_79]
at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:122)
~[?:1.7.0_79]
at java.io.OutputStream.write(OutputStream.java:75) ~[?:1.7.0_79]
at javapns.notification.PushNotificationManager.sendNotification(PushNotificationManager.java:464)
[utils-1.0.jar:?]
at javapns.notification.PushNotificationManager.sendNotification(PushNotificationManager.java:409)
[utils-1.0.jar:?]
at javapns.notification.transmission.NotificationThread.runList(NotificationThread.java:283)
[utils-1.0.jar:?]
at javapns.notification.transmission.NotificationThread.run(NotificationThread.java:254)
[utils-1.0.jar:?]
at java.lang.Thread.run(Thread.java:745) [?:1.7.0_79]
Following are my ssl debug log : -
*** Certificate chain
chain [0] = [
[
Version: V3
Subject: ........
Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11
Key: Sun RSA public key, 2048 bits
modulus: 22222491044564264786925450301128660800404037455402211937155693765439451266775814064935111308236503917661658380453607223444671197507922227372310694498331784203397249559620562506847738658137494429967865235154139927237328515659798669693649542833648664525838898423359833650942229563615420055801398510282090750116916759108752545159033267269553610447830532132801594757535863574777003658295660123855620269370519852284530709335738820289388013418673721050782042119531816409879900413319632795054390149130447840278225455201462347192736907867086706041266601675705875530393925455170420669674672723643704537136254104782678046353641
public exponent: 65537
Validity: [From: Thu Jul 16 12:10:32 IST 2015,
To: Fri Jul 15 12:10:32 IST 2016]
Issuer: CN=Apple Worldwide Developer Relations Certification Authority, OU=Apple Worldwide Developer Relations, O=Apple Inc., C=US
SerialNumber: [ 25dea3f4 f4f072b3]
Certificate Extensions: 8
[1]: ObjectId: 1.2.840.113635.100.6.1.2 Criticality=true
Extension unknown: DER encoded OCTET string =
0000: 04 02 05 00 ....
[2]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
AuthorityInfoAccess [
[
accessMethod: ocsp
accessLocation: URIName: http://ocsp.apple.com/ocsp03-wwdr01
]
]
[3]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 88 27 17 09 A9 B6 18 60 8B EC EB BA F6 47 59 C5 .'.....`.....GY.
0010: 52 54 A3 B7 RT..
]
]
[4]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:false
PathLen: undefined
]
[5]: ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [1.2.840.113635.100.5.1]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.2
qualifier: 0000: 30 81 B6 0C 81 B3 52 65 6C 69 61 6E 63 65 20 6F 0.....Reliance o
0010: 6E 20 74 68 69 73 20 63 65 72 74 69 66 69 63 61 n this certifica
0020: 74 65 20 62 79 20 61 6E 79 20 70 61 72 74 79 20 te by any party
0030: 61 73 73 75 6D 65 73 20 61 63 63 65 70 74 61 6E assumes acceptan
0040: 63 65 20 6F 66 20 74 68 65 20 74 68 65 6E 20 61 ce of the then a
0050: 70 70 6C 69 63 61 62 6C 65 20 73 74 61 6E 64 61 pplicable standa
0060: 72 64 20 74 65 72 6D 73 20 61 6E 64 20 63 6F 6E rd terms and con
0070: 64 69 74 69 6F 6E 73 20 6F 66 20 75 73 65 2C 20 ditions of use,
0080: 63 65 72 74 69 66 69 63 61 74 65 20 70 6F 6C 69 certificate poli
0090: 63 79 20 61 6E 64 20 63 65 72 74 69 66 69 63 61 cy and certifica
00A0: 74 69 6F 6E 20 70 72 61 63 74 69 63 65 20 73 74 tion practice st
00B0: 61 74 65 6D 65 6E 74 73 2E atements.
], PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 2A 68 74 74 70 3A 2F 2F 77 77 77 2E 61 70 70 .*http://www.app
0010: 6C 65 2E 63 6F 6D 2F 63 65 72 74 69 66 69 63 61 le.com/certifica
0020: 74 65 61 75 74 68 6F 72 69 74 79 2F teauthority/
]] ]
]
[6]: ObjectId: 2.5.29.37 Criticality=true
ExtendedKeyUsages [
codeSigning
]
[7]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
]
[8]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 6F FB BD 5A 59 70 1C 2E 77 32 9A 97 69 C3 23 0E o..ZYp..w2..i.#.
0010: EF D8 E9 D0 ....
]
]
]
Algorithm: [SHA256withRSA]
Signature:
0000: 90 BE B9 5B E7 66 C1 B4 C1 C8 60 90 69 5F 01 04 ...[.f....`.i_..
0010: 2B C4 E6 9E 8D 13 8C A7 3F 81 55 6C CD D1 47 48 +.......?.Ul..GH
0020: 3C D7 D8 3E F5 C2 69 A7 A2 21 CE 15 08 F7 D9 8C <..>..i..!......
0030: 2D FE 37 29 AD DC E3 CA 27 27 83 2C 15 95 4D 40 -.7)....''.,..M#
0040: EA 2C AD EF 99 7C 9B 84 59 3F 6C E6 BA 07 F4 EC .,......Y?l.....
0050: 05 36 E4 58 EA B0 DF 00 AB 54 F2 FF 6B AE C2 C1 .6.X.....T..k...
0060: E4 3C D3 23 79 61 D1 67 DD 0C 0D 2B 77 E0 8E 6F .<.#ya.g...+w..o
0070: A2 7B 21 13 D2 4F D7 8B 98 A7 E0 22 E9 95 D7 1A ..!..O....."....
0080: C5 71 0A 15 35 77 38 37 EC F9 CC 60 79 2D A5 E0 .q..5w87...`y-..
0090: DA C2 78 AD 59 88 7B 92 93 66 9A 44 F7 58 8C 0D ..x.Y....f.D.X..
00A0: 28 E3 42 D0 79 DC F5 23 C7 36 D0 61 0A 34 61 F3 (.B.y..#.6.a.4a.
00B0: 16 AE 7B D8 8B BC B8 6B D6 05 C4 E4 EF B0 BF 4B .......k.......K
00C0: 66 E1 6F 59 EC 67 F6 A3 C0 49 7A 83 8A 7B FC 7B f.oY.g...Iz.....
00D0: 26 3C 42 16 F7 DE DB 74 4D 1A A5 7F AE C2 36 C4 &<B....tM.....6.
00E0: 8E 5A F9 75 05 3A A5 13 70 0C 69 96 00 CB FD 77 .Z.u.:..p.i....w
00F0: 4A 9E C8 E4 AA 39 75 7D 6D C9 79 04 BC DF 59 EF J....9u.m.y...Y.
]
***
*** ClientKeyExchange, RSA PreMasterSecret, TLSv1
JavaPNS grouped notification thread in LIST mode, WRITE: TLSv1 Handshake, length = 1729
SESSION KEYGEN:
PreMaster Secret:
0000: 03 01 00 2E C1 C7 9F 24 B2 E9 02 59 7B D2 8A A7 .......$...Y....
0010: 22 D3 72 B2 16 55 5F 5C E1 30 7D 4A 56 F1 3C 32 ".r..U_\.0.JV.<2
0020: 5D 77 8F 13 BD B0 E9 6A 84 9E 81 0D 0B 38 D5 0E ]w.....j.....8..
CONNECTION KEYGEN:
Client Nonce:
0000: 56 03 10 94 63 A2 8C A1 6D 75 2F F0 38 EC CD 4F V...c...mu/.8..O
0010: 3A D6 46 C7 C4 2D 5F 76 4B 38 3F FC 28 59 6B 04 :.F..-_vK8?.(Yk.
Server Nonce:
0000: B2 1F 50 60 42 F5 94 7A 5B 7C FE 50 60 3E 84 BC ..P`B..z[..P`>..
0010: CB 18 B7 B1 E8 50 56 6E F9 DD 6E E2 B9 34 25 01 .....PVn..n..4%.
Master Secret:
0000: 03 87 6A 7D 0E 69 76 FA 5F 2E 48 BB B7 77 79 0F ..j..iv._.H..wy.
0010: 5E 59 CF 32 BA B5 D7 2E 0F 9D 43 F2 4F F1 CD 52 ^Y.2......C.O..R
0020: DF A7 05 EB 47 BF FD 18 48 F0 DD F1 78 10 47 FF ....G...H...x.G.
Client MAC write Secret:
0000: ED B5 4A 85 1D CC 96 D2 D0 94 29 40 AE 8F C3 10 ..J.......)#....
0010: 74 52 24 8D tR$.
Server MAC write Secret:
0000: B9 ED CD B7 30 52 1F 74 9E 47 71 41 2A 1B 90 C7 ....0R.t.GqA*...
0010: AF 2F 93 4E ./.N
Client write key:
0000: A0 B0 7C 23 2F C7 A3 5D 24 03 B4 1F F9 2B B2 97 ...#/..]$....+..
Server write key:
0000: 29 4C 64 FB 39 02 96 43 7A 5B F5 1D D4 2A 51 B7 )Ld.9..Cz[...*Q.
Client write IV:
0000: 85 3C C4 38 B4 9F 41 92 B6 88 7A 47 F6 B9 82 C1 .<.8..A...zG....
Server write IV:
0000: FA 04 7C A8 D7 29 A3 0D 5F 20 BF 3C 4C C8 52 9A .....).._ .<L.R.
*** CertificateVerify
JavaPNS grouped notification thread in LIST mode, WRITE: TLSv1 Handshake, length = 262
JavaPNS grouped notification thread in LIST mode, WRITE: TLSv1 Change Cipher Spec, length = 1
*** Finished
verify_data: { 221, 26, 21, 239, 125, 223, 149, 73, 149, 170, 46, 218 }
***
JavaPNS grouped notification thread in LIST mode, WRITE: TLSv1 Handshake, length = 48
JavaPNS grouped notification thread in LIST mode, handling exception: java.net.SocketException: Connection reset
%% Invalidated: [Session-2, TLS_RSA_WITH_AES_128_CBC_SHA]
JavaPNS grouped notification thread in LIST mode, SEND TLSv1 ALERT: fatal, description = unexpected_message
JavaPNS grouped notification thread in LIST mode, WRITE: TLSv1 Alert, length = 32
JavaPNS grouped notification thread in LIST mode, Exception sending alert: java.net.SocketException: Broken pipe
JavaPNS grouped notification thread in LIST mode, called closeSocket()
JavaPNS grouped notification thread in LIST mode, called close()
JavaPNS grouped notification thread in LIST mode, called closeInternal(true)
abhishek$ which openssl
/usr/bin/openssl
abhishek$ openssl version
OpenSSL 1.0.2d 9 Jul 2015
abhishek$ java -version
java version "1.7.0_79"
Java(TM) SE Runtime Environment (build 1.7.0_79-b15)
Java HotSpot(TM) 64-Bit Server VM (build 24.79-b02, mixed mode)
Edit : When I printed this SSLSession
SSLSession session = socket.getSession();
//I got [Session-1, SSL_NULL_WITH_NULL_NULL]
// Returns the SSL Session in use by this connection. These can be long lived, and frequently correspond to an entire login session for some user. The session specifies a particular cipher suite which is being actively used by all connections in that session, as well as the identities of the session's client and server.
This method will initiate the initial handshake if necessary and then block until the handshake has been established.
If an error occurs during the initial handshake, this method returns an invalid session object which reports an invalid cipher suite of "SSL_NULL_WITH_NULL_NULL".
System.out.println(session.getLocalCertificates());
// I got null
While Using same certificates in java 6 I did not get null .

The peer has closed the connection. You would have to look at its logs to see why. Possibly it asked you for a certificate and you didn't provide one.

MSMQ How best to handle classes when using binary encoding

I'm new here, so please be gentle.
This question revolves around VB.net / VS2010 / MSMQ 4.0
I'm developing an application that has MSMQ at its heart. There are (currently) 3 separate VB solutions each of which send and receive message to a queue.
I tried using the XMLMessageFormatter and ran into problems with that, plus this is a high performance, time critical app and I understand that XMLMessaegFormatter has a high overhead, so I've switched over to using BinaryMessageFormatter for the messages.
I've established a class (clsTMessage) which provides the structure for the message data and resides in its own .vb file attached to the solution. I realize that the downside of using Binaryformatter is that the exact same class (down to version and all) has to encode and decode the messages and indeed I'm seeing that problem.
So I figured, no problem, I'd just copy clsTmessage.vb to each solution, but that doesn't quite do the trick as the messages encodes with the namespace of the host assemby and therefore the next solution to pick up the message is technically looking for a different class to decode it.
In this example, for instance, you can see that TelemanusWorkbench Version 1.0.0.0 encoded the message using TelemanusWorkbench.clsTMessage.
00 01 00 00 00 FF FF FF .....ÿÿÿ
FF 01 00 00 00 00 00 00 ÿ.......
00 0C 02 00 00 00 49 54 ......IT
65 6C 65 6D 61 6E 75 73 elemanus
57 6F 72 6B 62 65 6E 63 Workbenc
68 2C 20 56 65 72 73 69 h, Versi
6F 6E 3D 31 2E 30 2E 30 on=1.0.0
2E 30 2C 20 43 75 6C 74 .0, Cult
75 72 65 3D 6E 65 75 74 ure=neut
72 61 6C 2C 20 50 75 62 ral, Pub
6C 69 63 4B 65 79 54 6F licKeyTo
6B 65 6E 3D 6E 75 6C 6C ken=null
05 01 00 00 00 1E 54 65 ......Te
6C 65 6D 61 6E 75 73 57 lemanusW
6F 72 6B 62 65 6E 63 68 orkbench
2E 63 6C 73 54 4D 65 73 .clsTMes
73 61 67 65 09 00 00 00 sage....
0E 6E 65 77 4D 65 73 73 .newMess
61 67 65 54 79 70 65 12 ageType.
6E 65 77 50 72 6F 74 6F newProto
63 6F 6C 56 65 72 73 69 colVersi
6F 6E 0D 6E 65 77 49 64 on.newId
65 6E 74 69 66 69 65 72 entifier
0B 6E 65 77 53 6F 75 72 .newSour
63 65 49 50 0D 6E 65 77 ceIP.new
53 6F 75 72 63 65 50 6F SourcePo
72 74 10 6E 65 77 44 65 rt.newDe
73 74 69 6E 61 74 69 6F stinatio
6E 49 50 12 6E 65 77 44 nIP.newD
65 73 74 69 6E 61 74 69 estinati
6F 6E 50 6F 72 74 0C 6E onPort.n
65 77 54 69 6D 65 73 74 ewTimest
61 6D 70 0E 6E 65 77 4D amp.newM
65 73 73 61 67 65 42 6F essageBo
64 79 01 01 01 01 01 01 dy......
01 00 01 0D 02 00 00 00 ........
06 03 00 00 00 03 44 46 ......DF
58 06 04 00 00 00 01 30 X......0
06 05 00 00 00 0C 30 30 ......00
30 30 30 30 30 30 30 30 00000000
30 30 06 06 00 00 00 07 00......
30 2E 30 2E 30 2E 30 06 0.0.0.0.
07 00 00 00 01 30 06 08 .....0..
00 00 00 0B 31 39 32 2E ....192.
31 36 38 2E 31 2E 31 06 168.1.1.
09 00 00 00 04 35 30 30 .....500
30 20 46 FE 12 F9 32 CF 0 Fþ.ù2Ï
88 06 0A 00 00 00 49 70 .....Ip
2C 31 2C 31 32 33 34 35 ,1,12345
36 37 38 39 30 31 32 33 67890123
34 35 36 37 38 39 2C 31 456789,1
32 33 34 35 36 37 38 39 23456789
30 31 32 33 34 35 2C 31 012345,1
2C 69 6E 74 65 72 6E 65 ,interne
74 2C 75 73 65 72 6E 61 t,userna
6D 65 2C 70 61 73 73 77 me,passw
6F 72 64 2C 30 2C 33 30 ord,0,30
0B .
When I pick up the message from another solution/project within the app, it fails to parse the message even though it has an identical copy of clsTMessage it's in namespace TelemanusListener.clsTMessage.
Given that it's generically a bad idea to have multiple copies of the class in different parts of the app anyway, what's the reccomended way to do this ? I've read what MSDN has to say bout this, but it's very thin on how to actually implement it.
Hope I've explained that well enought, if not please ask for more info.
Duncan

Yes. One class library with a public message type needs to be referenced from the two projects.
Bit of warning about automatic properties - don't use them within classes that need to be serialised/deserialised. Each time a class type is compiled into an assembly, the compiler creates a randomly named backing field for each automatic property. This can cause serialisation problems when you deploy the one/same class library compiled at different times with different projects.