I'm having a problem that I can't figure it out. I'm testing a SSL code that connects to a remote website, and everything works great on my computer. BTW, I imported the certificate from the website with:
keytool -importcert -keystore /java/path/to/cacerts -trustcacerts -alias “Cert Alias” -file website_certificate.cer
The problem appears when I upload and test the code on the server. I get the following exceptions:
Caused by: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: timestamp check failed
Caused by: java.security.cert.CertPathValidatorException: timestamp check failed
Caused by: java.security.cert.CertificateExpiredException: NotAfter:
I checked the date on the server and it is up to date, and the certificate expires on 2012.
Any help will be appreciated.
Related
I'm trying to deploy SCDF 2.6.0 to Openshift.
I can verify DB schema is updated successfully, but seems like the Tomcat failed to start with below error and I have no idea what is going on.
Caused by: java.lang.IllegalArgumentException: standardService.connector.startFailed
Caused by: org.apache.catalina.LifecycleException: Protocol handler start failed
Caused by: java.net.SocketException: Permission denied
Steps reproduce
Use MariaDB, then import the *.yaml in below sequence
server-roles.yaml
server-rolebinding.yaml
service-account.yaml
server-config.yaml (make sure to change the DB connection here )
server-svc.yaml
server-deployment.yaml
I uploaded all the yml and full log file in my repo :
https://github.com/gry77/app-issue-repo/tree/master/Openshift-SCDF-issue/k8s-config
Apparently this error gone after I changed the server port from 80 to something else.
so just change the server.port in the environment to other then 80
OpenShift will not allow you to run containers as privileged by default, so you'll need to specifically allow that using a SecurityContextConstraint. There is a good documentation on how to get SCDF to run on OpenShift here: https://donovanmuller.blog/spring-cloud-dataflow-server-openshift/docs/1.1.0.RELEASE/reference/htmlsingle/#_creating_and_configuring_service_accounts
Basically, you'll need to add the anyuid SCC to the ServiceAccount running the Pods:
oc adm policy add-scc-to-user anyuid system:serviceaccount:scdf:scdf
I am getting following error when I try to connect yahoo
pop3s. plus.mail.pop.yahoo.com:995
error while connecting to pop3 mail server javax.mail.MessagingException: Connect failed;
nested exception is:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
I have already tried adding the certificate into JAVA_Home/jre/lib/security. Also when I am trying to use the same code directly using the Java/javac Cmd it works. But from tomcat it does not work.
Also: the code which I am using that was working since last two years on same server. Recently we have migrated from dedicated server to cloud based server. Backspace is the vendor where we have deployed the code.
Thanks in advance!
Vivek Agrawal
Most probably cause os this is that the system is unable to locate a valid certificate because in your migration something related to the keystore was not properly set.
Review your configuration file $CATALINA_BASE/conf/server.xml and look if the path to the correct keystore is set under Connector tag. If you are using JSSL look for this in that file
<-- Define a SSL Coyote HTTP/1.1 Connector on port 8443 -->
<Connector
port="8443" maxThreads="200"
scheme="https" secure="true" SSLEnabled="true"
keystoreFile="${user.home}/.keystore" keystorePass="changeit"
clientAuth="false" sslProtocol="TLS"/>
Your keystoreFile has to be set to the correct path in order your application can validate amd resolve a certificacion path in a request (the keystorepass have to be correct too, indeed).
If you have another configuration (APR or something) look at the documentation about in http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html
Hope this help,
Cheers!!
I observe the following stack trace when I try to start my jboss server (from both eclipse IDE and the standalone.sh from my unix terminal). Could anybody please tell why?:
JAVA_OPTS: -server -XX:+UseCompressedOops -XX:+TieredCompilation -Xms64m -Xmx512m -XX:MaxPermSize=256m -Djava.net.preferIPv4Stack=true -Dorg.jboss.resolver.warning=true -Dsun.rmi.dgc.client.gcInterval=3600000 -Dsun.rmi.dgc.server.gcInterval=3600000 -Djboss.modules.system.pkgs=org.jboss.byteman -Djava.awt.headless=true -Djboss.server.default.config=standalone.xml
=========================================================================
16:41:48,878 INFO [org.jboss.modules] JBoss Modules version 1.1.1.GA
16:41:49,025 INFO [org.jboss.msc] JBoss MSC version 1.0.2.GA
16:41:49,066 INFO [org.jboss.as] JBAS015899: JBoss AS 7.1.1.Final "Brontes" starting
16:41:49,289 ERROR [org.jboss.as.server] JBAS015956: Caught exception during boot: org.jboss.as.controller.persistence.ConfigurationPersistenceException: JBAS014676: Failed to parse configuration
at org.jboss.as.controller.persistence.XmlConfigurationPersister.load(XmlConfigurationPersister.java:141) [jboss-as-controller-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.as.server.ServerService.boot(ServerService.java:266) [jboss-as-server-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.as.controller.AbstractControllerService$1.run(AbstractControllerService.java:155) [jboss-as-controller-7.1.1.Final.jar:7.1.1.Final]
at java.lang.Thread.run(Thread.java:722) [rt.jar:1.7.0_05-icedtea]
Caused by: com.ctc.wstx.exc.WstxEOFException: Unexpected EOF in prolog
at [row,col {unknown-source}]: [1,0]
at com.ctc.wstx.sr.StreamScanner.throwUnexpectedEOF(StreamScanner.java:677)
at com.ctc.wstx.sr.BasicStreamReader.handleEOF(BasicStreamReader.java:2104)
at com.ctc.wstx.sr.BasicStreamReader.nextFromProlog(BasicStreamReader.java:2010)
at com.ctc.wstx.sr.BasicStreamReader.next(BasicStreamReader.java:1102)
at com.ctc.wstx.sr.BasicStreamReader.nextTag(BasicStreamReader.java:1125)
at org.jboss.staxmapper.XMLMapperImpl.parseDocument(XMLMapperImpl.java:67) [staxmapper-1.1.0.Final.jar:1.1.0.Final]
at org.jboss.as.controller.persistence.XmlConfigurationPersister.load(XmlConfigurationPersister.java:133) [jboss-as-controller-7.1.1.Final.jar:7.1.1.Final]
... 3 more
16:41:49,295 FATAL [org.jboss.as.server] JBAS015957: Server boot has failed in an unrecoverable manner; exiting. See previous messages for details.
16:41:49,301 INFO [org.jboss.as] JBAS015950: JBoss AS 7.1.1.Final "Brontes" stopped in 1ms
This means that there is some problem with your Standalone.xml. Take a fresh one, it should work.
Here are the relevant lines
JBAS014676: Failed to parse configuration
Caused by: com.ctc.wstx.exc.WstxEOFException: Unexpected EOF in prolog
Looks like you're missing a configuration file (or more likely it's empty).
I just came across the same problem and found out that standalone.xml was empty.
I don't know what could have caused this though... U can find back up of ur standalone.xml in ${AS7_installation}/standalone/configuration/standalone_xml_history
I followed the instructions here but when attempted I got the following error:
hudson.util.IOException2: remote file operation failed: /scratch/jenkins/workspace/Xinco Demo Publish/Xinco/target/Xinco-2012-08-30_00-20-05.war at hudson.remoting.Channel#1fc6bdea:s-50b0ae50
at hudson.FilePath.act(FilePath.java:783)
at hudson.FilePath.act(FilePath.java:769)
at com.cloudbees.plugins.deployer.DeployPublisher.perform(DeployPublisher.java:108)
at hudson.tasks.BuildStepMonitor$1.perform(BuildStepMonitor.java:19)
at hudson.model.AbstractBuild$AbstractRunner.perform(AbstractBuild.java:707)
at hudson.model.AbstractBuild$AbstractRunner.performAllBuildSteps(AbstractBuild.java:682)
at hudson.model.AbstractBuild$AbstractRunner.performAllBuildSteps(AbstractBuild.java:660)
at hudson.model.Build$RunnerImpl.post2(Build.java:162)
at hudson.model.AbstractBuild$AbstractRunner.post(AbstractBuild.java:629)
at hudson.model.Run.run(Run.java:1433)
at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:46)
at hudson.model.ResourceController.execute(ResourceController.java:88)
at hudson.model.Executor.run(Executor.java:238)
Caused by: hudson.remoting.ProxyException: hudson.util.IOException2: Server.InternalError - Invalid WEB-INF/cloudbees-web.xml: resource
at com.cloudbees.plugins.deployer.deployables.Deployable.deployFile(Deployable.java:151)
at com.cloudbees.plugins.deployer.deployables.Deployable$DeployFileCallable.invoke(Deployable.java:342)
at hudson.FilePath$FileCallableWrapper.call(FilePath.java:2048)
at hudson.remoting.UserRequest.perform(UserRequest.java:118)
at hudson.remoting.UserRequest.perform(UserRequest.java:48)
at hudson.remoting.Request$2.run(Request.java:287)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:441)
at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:303)
at java.util.concurrent.FutureTask.run(FutureTask.java:138)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
at java.lang.Thread.run(Thread.java:662)
Caused by: hudson.remoting.ProxyException: com.cloudbees.api.BeesClientException: Server.InternalError - Invalid WEB-INF/cloudbees-web.xml: resource
at com.cloudbees.api.BeesClient.readResponse(BeesClient.java:850)
at com.cloudbees.api.BeesClient.applicationDeployArchive(BeesClient.java:435)
at com.cloudbees.plugins.deployer.deployables.Deployable.deployFile(Deployable.java:123)
... 11 more
Build step 'Deploy to CloudBees' marked build as failure
The full output can be seen here.
Caused by: hudson.remoting.ProxyException: com.cloudbees.api.BeesClientException: Server.InternalError - Invalid WEB-INF/cloudbees-web.xml: resource
Your cloudbees-web.xml doesn't follow the correct format.
See http://wiki.cloudbees.com/bin/view/RUN/CloudBeesWebXml - as the cloudbees-web.xml needs to be wrapped in an outer <cloudbees-web-app> element
You also don't have to use cloudbees-web.xml if you don't want - if you bind your app to a DB it will make it available as a named datasource automatically.
(see bees app:bind command).
You only have to do this once - and then the app will know about the datasource.
http://developer.cloudbees.com/bin/view/RUN/Resource+Management
and
https://developer.cloudbees.com/bin/view/RUN/DatabaseGuide
(sorry, still working on docs).
I have created a play application. When i am running the application i'm getting this error both in dev and prod
07:59:58,445 INFO ~ Precompiling ...
08:00:08,884 ERROR ~ Unable to set localhost. This prevents creation of a GUID. Cause was: sys3: sys3: Name or service not known
java.net.UnknownHostException: sys3: sys3: Name or service not known
at java.net.InetAddress.getLocalHost(InetAddress.java:1438)
at net.sf.ehcache.Cache.<clinit>(Cache.java:155)
at net.sf.ehcache.config.ConfigurationHelper.createCache(ConfigurationHelper.java:298)
at net.sf.ehcache.config.ConfigurationHelper.createDefaultCache(ConfigurationHelper.java:214)
at net.sf.ehcache.CacheManager.configure(CacheManager.java:552)
at net.sf.ehcache.CacheManager.init(CacheManager.java:323)
at net.sf.ehcache.CacheManager.<init>(CacheManager.java:279)
at net.sf.ehcache.CacheManager.create(CacheManager.java:641)
at play.cache.EhCacheImpl.<init>(EhCacheImpl.java:31)
at play.cache.EhCacheImpl.newInstance(EhCacheImpl.java:41)
at play.cache.Cache.init(Cache.java:241)
at play.Play.start(Play.java:511)
at play.Play.init(Play.java:300)
at play.server.Server.main(Server.java:158)
Caused by: java.net.UnknownHostException: sys3: Name or service not known
at java.net.Inet6AddressImpl.lookupAllHostAddr(Native Method)
at java.net.InetAddress$1.lookupAllHostAddr(InetAddress.java:866)
at java.net.InetAddress.getAddressesFromNameService(InetAddress.java:1258)
at java.net.InetAddress.getLocalHost(InetAddress.java:1434)
... 13 more
I don't know what is this, what this will do. How to solve this issue. Pl help me.
java is unable to resolve mynap3 as localhost, so you'll have to add the line
127.0.0.1 localhost mynap3
to your /etc/hosts file
you can do this by executing
sudo bash
echo "127.0.0.1 localhost mynap3" >> /etc/hosts