Issue with SSL connection using Amazon Corretto

1

I’m getting the same kind of error seen here Issue with SSL connection from Docker

My code works fine when using AWS Lambda with java8 runtime. However, once switched to Corretto 8 (java8.al2) or Corretto 11 (java11), I get this:

java.sql.SQLException: Failure in connecting to Dremio: cdjd.com.dremio.exec.rpc.ConnectionFailedException: CONNECTION : SSL negotiation failed

Caused by: java.lang.UnsupportedOperationException: Allocator doesn’t support heap-based memory.
at cdjd.org.apache.arrow.memory.ArrowByteBufAllocator.fail(ArrowByteBufAllocator.java:159) ~[dremio-jdbc-driver-22.0.0-202206221430090603-1fa4049f-1fa4049f.jar:22.0.0-202206221430090603-1fa4049f]
at cdjd.org.apache.arrow.memory.ArrowByteBufAllocator.heapBuffer(ArrowByteBufAllocator.java:130) ~[dremio-jdbc-driver-22.0.0-202206221430090603-1fa4049f-1fa4049f.jar:22.0.0-202206221430090603-1fa4049f]
at cdjd.io.netty.handler.ssl.SslHandler$SslEngineType$3.allocateWrapBuffer(SslHandler.java:326) ~[dremio-jdbc-driver-22.0.0-202206221430090603-1fa4049f-1fa4049f.jar:22.0.0-202206221430090603-1fa4049f] …

In reference to answers from the thread above, I believe the Corretto runtimes do come with glibc. And the /tmp directory has execute permission.

Has anyone else run into this issue in AWS (Lambda or EC2)? Thanks in advance.

2

After a lot of debugging, I determined that libcrypt.so.1 is no longer included in the version of glibc in newer Lambda runtimes (java8.al2, java11, java17, etc.)

Since we can’t install anything over Lambda runtimes, the workaround is to copy the libcrypt.so.1 file from java8 runtime files, and add it to the lib folder in our deployment package.

Detailed steps:

  • Write a Lambda function that:
    • uses ListObjects to look for the libcrypt.so.1 file at various directories (I don’t remember exactly where, likely /usr/lib or /lib)
    • once found, copies the file to S3
  • Deploy the Lambda, with java8 as runtime, and run it.
  • Once you have the libcrypt.so.1 file, download and place it in your source code, under lib folder.