I have this problem using centos 7 the problem is when i try to connect with ssl and I’am using local internet provider the handshaking will block after client hello,
openssl version: OpenSSL 1.1.0g 2 Nov 2017
openssl s_client -connect 151.3.144.205:9093 -state -nbio 2>&1
CONNECTED(00000003)
Turned on non blocking io
SSL_connect:before SSL initialization
SSL_connect:SSLv3/TLS write client hello
SSL_connect:error in SSLv3/TLS write client hello
write R BLOCK
If I use a mobile connection the handshaking goes ahead.
the certificates are generating for kafka server and I use the common guide to generate it.
I guess is a problem with openssl
2
Answers
We found the problem in Centos 7 or Openssl version, we have installed a debian server machine with the same Kafka and zookeper configuration and we have solve the problem. I guess that there is a bug in Openssl Centos version, becouse it's impossible that the communication tcp by ssl secutity were interrupted by the firs client presentation and no server hello response.
If it would be a problem with openssl then it would not work with the mobile connection either, assuming that you are using the same openssl with mobile and without.
It is more likely that there is some firewall which blocks access on your normal connection and that by using the mobile connection you bypass the firewall. Thus, search for the cause of the problem in your network and not in openssl.