Hi Nirmal, I tried using the InstallCert java program that’s attached to this page, references from the wiki link I posted below. I ran it using the same java binary that I use to run Stratos, but that didn’t seem to make a difference.
I’m now trying to overwrite the cacerts of the Oracle JRE I use with the ones shipped with Ubuntu, to see if that fixes it.. Does Stratos have its’ own client-truststore? If so, where can I find it? (I didn’t spot the argument used to pass in a custom one) Thanks! Michiel On 11 Dec 2014, at 19:47, Nirmal Fernando <nirmal070...@gmail.com> wrote: > Hi Michiel, > > Could you please try the same after importing the cert of your Openstack > server, into the client-truststore of Stratos server? > > On Fri, Dec 12, 2014 at 1:09 AM, Michiel Blokzijl (mblokzij) > <mblok...@cisco.com> wrote: > Hi, > > I’m hitting the following issue in Stratos: > > TID: [0] [STRATOS] [2014-12-11 17:25:24,018] ERROR > {org.apache.stratos.cloud.controller.validate.OpenstackNovaPartitionValidator} > - Invalid Partition Detected : RegionOne-AZ-1-Core. Cause: > sun.security.validator.ValidatorException: PKIX path building failed: > sun.security.provider.certpath.SunCertPathBuilderException: unable to find > valid certification path to requested target connecting to POST > https://us-internal-1.cloud.cisco.com:5000/v2.0/tokens HTTP/1.1 > {org.apache.stratos.cloud.controller.validate.OpenstackNovaPartitionValidator} > > Has anyone tested Stratos against Rackspace or another OpenStack API endpoint > that has proper SSL certificates, rather than self-signed ones? > > I tried the suggestions from > https://confluence.atlassian.com/display/JIRAKB/Unable+to+Connect+to+SSL+Services+due+to+PKIX+Path+Building+Failed+sun.security.provider.certpath.SunCertPathBuilderException, > but they didn’t help. > > Cheers, > > Michiel > > > > -- > Best Regards, > Nirmal > > Nirmal Fernando. > PPMC Member & Committer of Apache Stratos, > Senior Software Engineer, WSO2 Inc. > > Blog: http://nirmalfdo.blogspot.com/
signature.asc
Description: Message signed with OpenPGP using GPGMail