Hi, IMO is we should keep our own trust store for Stratos, but I'm not sure it encounter any problem.
Thanks ! On Fri, Dec 19, 2014 at 1:58 PM, Udara Liyanage <ud...@wso2.com> wrote: > > Hi, > > We need to update the carbon trust store and ship with Stratos. Currently > truststore is coming from kernel, we have to keep a truss tore of our own > then. > > On Fri, Dec 19, 2014 at 1:13 PM, Udara Liyanage <ud...@wso2.com> wrote: >> >> Hi, >> >> I think that worked. Thanks Raj. >> >> >> On Fri, Dec 19, 2014 at 12:09 PM, Rajkumar Rajaratnam <rajkum...@wso2.com >> > wrote: >>> >>> Hi Udara, >>> >>> Seems that the cert has changed at amazon side. >>> >>> Can you import the amazon cert into the client-truststore and try again? >>> >>> Thanks. >>> >>> On Fri, Dec 19, 2014 at 12:02 PM, Udara Liyanage <ud...@wso2.com> wrote: >>>> >>>> Hi, >>>> >>>> Below exception is thrown when application is deployed. >>>> >>>> Region I have specified in cloud-controller.xml and partition of the >>>> deployment policy is ap-souteast-1. >>>> >>>> >>>> TID: [0] [STRATOS] [2014-12-19 06:18:56,376] ERROR >>>> {org.jclouds.http.handlers.BackoffLimitedRetryHandler} - Cannot retry >>>> after server error, command has exceeded retry limit 5: >>>> [method=org.jclouds.ec2.features.AvailabilityZoneAndRegionApi.public >>>> abstract java.util.Map >>>> org.jclouds.ec2.features.AvailabilityZoneAndRegionApi.describeRegions(org.jclouds.ec2.options.DescribeRegionsOptions[])[[Lorg.jclouds.ec2.options.DescribeRegionsOptions;@5fced56c], >>>> request=POST https://ec2.us-east-1.amazonaws.com/ HTTP/1.1] >>>> TID: [0] [STRATOS] [2014-12-19 06:18:56,379] ERROR >>>> {org.apache.stratos.cloud.controller.iaases.JcloudsIaasUtil} - * Could >>>> not build iaas of type: ec2* >>>> *org.jclouds.http.HttpResponseException: >>>> sun.security.validator.ValidatorException: PKIX path building failed: >>>> sun.security.provider.certpath.SunCertPathBuilderException: unable to find >>>> valid certification path to requested target connecting to POST >>>> https://ec2.us-east-1.amazonaw <https://ec2.us-east-1.amazonaw>*s.com/ >>>> HTTP/1.1 >>>> at >>>> org.jclouds.http.internal.BaseHttpCommandExecutorService.invoke(BaseHttpCommandExecutorService.java:110) >>>> at >>>> org.jclouds.rest.internal.InvokeHttpMethod.invoke(InvokeHttpMethod.java:90) >>>> at >>>> org.jclouds.rest.internal.InvokeHttpMethod.apply(InvokeHttpMethod.java:73) >>>> at >>>> org.jclouds.rest.internal.InvokeHttpMethod.apply(InvokeHttpMethod.java:44) >>>> at >>>> org.jclouds.reflect.FunctionalReflection$FunctionalInvocationHandler.handleInvocation(FunctionalReflection.java:117) >>>> at >>>> com.google.common.reflect.AbstractInvocationHandler.invoke(AbstractInvocationHandler.java:87) >>>> at com.sun.proxy.$Proxy111.describeRegions(Unknown Source) >>>> at >>>> org.jclouds.ec2.suppliers.DescribeRegionsForRegionURIs.get(DescribeRegionsForRegionURIs.java:47) >>>> at >>>> org.jclouds.ec2.suppliers.DescribeRegionsForRegionURIs.get(DescribeRegionsForRegionURIs.java:34) >>>> at >>>> org.jclouds.rest.suppliers.MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier$SetAndThrowAuthorizationExceptionSupplierBackedLoader.load(MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier.java:73) >>>> at >>>> org.jclouds.rest.suppliers.MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier$SetAndThrowAuthorizationExceptionSupplierBackedLoader.load(MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier.java:57) >>>> at >>>> com.google.common.cache.LocalCache$LoadingValueReference.loadFuture(LocalCache.java:3524) >>>> at >>>> com.google.common.cache.LocalCache$Segment.loadSync(LocalCache.java:2317) >>>> at >>>> com.google.common.cache.LocalCache$Segment.lockedGetOrLoad(LocalCache.java:2280) >>>> at com.google.common.cache.LocalCache$Segment.get(LocalCache.java:2195) >>>> at com.google.common.cache.LocalCache.get(LocalCache.java:3934) >>>> at com.google.common.cache.LocalCache.getOrLoad(LocalCache.java:3938) >>>> at >>>> com.google.common.cache.LocalCache$LocalLoadingCache.get(LocalCache.java:4821) >>>> at >>>> org.jclouds.rest.suppliers.MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier.get(MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier.java:119) >>>> at >>>> org.jclouds.location.suppliers.derived.RegionIdsFromRegionIdToURIKeySet.get(RegionIdsFromRegionIdToURIKeySet.java:49) >>>> at >>>> org.jclouds.location.suppliers.derived.RegionIdsFromRegionIdToURIKeySet.get(RegionIdsFromRegionIdToURIKeySet.java:36) >>>> at >>>> com.google.common.base.Suppliers$SupplierComposition.get(Suppliers.java:67) >>>> at >>>> org.jclouds.rest.suppliers.MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier$SetAndThrowAuthorizationExceptionSupplierBackedLoader.load(MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier.java:73) >>>> at >>>> org.jclouds.rest.suppliers.MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier$SetAndThrowAuthorizationExceptionSupplierBackedLoader.load(MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier.java:57) >>>> at >>>> com.google.common.cache.LocalCache$LoadingValueReference.loadFuture(LocalCache.java:3524) >>>> at >>>> com.google.common.cache.LocalCache$Segment.loadSync(LocalCache.java:2317) >>>> at >>>> com.google.common.cache.LocalCache$Segment.lockedGetOrLoad(LocalCache.java:2280) >>>> at com.google.common.cache.LocalCache$Segment.get(LocalCache.java:2195) >>>> at com.google.common.cache.LocalCache.get(LocalCache.java:3934) >>>> at com.google.common.cache.LocalCache.getOrLoad(LocalCache.java:3938) >>>> at >>>> com.google.common.cache.LocalCache$LocalLoadingCache.get(LocalCache.java:4821) >>>> at >>>> org.jclouds.rest.suppliers.MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier.get(MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier.java:119) >>>> at >>>> org.jclouds.location.suppliers.all.RegionToProviderOrJustProvider.get(RegionToProviderOrJustProvider.java:56) >>>> at >>>> org.jclouds.location.suppliers.all.ZoneToRegionToProviderOrJustProvider.get(ZoneToRegionToProviderOrJustProvider.java:71) >>>> at >>>> org.jclouds.location.suppliers.all.ZoneToRegionToProviderOrJustProvider.get(ZoneToRegionToProviderOrJustProvider.java:46) >>>> at >>>> org.jclouds.rest.suppliers.MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier$SetAndThrowAuthorizationExceptionSupplierBackedLoader.load(MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier.java:73) >>>> at >>>> org.jclouds.rest.suppliers.MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier$SetAndThrowAuthorizationExceptionSupplierBackedLoader.load(MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier.java:57) >>>> at >>>> com.google.common.cache.LocalCache$LoadingValueReference.loadFuture(LocalCache.java:3524) >>>> at >>>> com.google.common.cache.LocalCache$Segment.loadSync(LocalCache.java:2317) >>>> at >>>> com.google.common.cache.LocalCache$Segment.lockedGetOrLoad(LocalCache.java:2280) >>>> at com.google.common.cache.LocalCache$Segment.get(LocalCache.java:2195) >>>> at com.google.common.cache.LocalCache.get(LocalCache.java:3934) >>>> at com.google.common.cache.LocalCache.getOrLoad(LocalCache.java:3938) >>>> at >>>> com.google.common.cache.LocalCache$LocalLoadingCache.get(LocalCache.java:4821) >>>> at >>>> org.jclouds.rest.suppliers.MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier.get(MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier.java:119) >>>> at >>>> org.jclouds.compute.internal.BaseComputeService.listAssignableLocations(BaseComputeService.java:385) >>>> at >>>> org.apache.stratos.cloud.controller.iaases.JcloudsEC2Iaas.buildTemplate(JcloudsEC2Iaas.java:101) >>>> at >>>> org.apache.stratos.cloud.controller.iaases.JcloudsEC2Iaas.buildComputeServiceAndTemplate(JcloudsEC2Iaas.java:79) >>>> at >>>> org.apache.stratos.cloud.controller.iaases.JcloudsIaasUtil.buildComputeServiceAndTemplateFromImage(JcloudsIaasUtil.java:46) >>>> at >>>> org.apache.stratos.cloud.controller.iaases.JcloudsIaasUtil.buildComputeServiceAndTemplate(JcloudsIaasUtil.java:37) >>>> at >>>> org.apache.stratos.cloud.controller.iaases.JcloudsIaas.initialize(JcloudsIaas.java:95) >>>> at >>>> org.apache.stratos.cloud.controller.domain.IaasProvider.getIaas(IaasProvider.java:224) >>>> at >>>> org.apache.stratos.cloud.controller.services.impl.CloudControllerServiceUtil.buildIaas(CloudControllerServiceUtil.java:51) >>>> at >>>> org.apache.stratos.cloud.controller.services.impl.CloudControllerServiceImpl.deployCartridgeDefinition(CloudControllerServiceImpl.java:113) >>>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >>>> at >>>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) >>>> at >>>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) >>>> at java.lang.reflect.Method.invoke(Method.java:606) >>>> at >>>> org.apache.axis2.rpc.receivers.RPCUtil.invokeServiceClass(RPCUtil.java:212) >>>> at >>>> org.apache.axis2.rpc.receivers.RPCMessageReceiver.invokeBusinessLogic(RPCMessageReceiver.java:117) >>>> at >>>> org.apache.axis2.receivers.AbstractInOutMessageReceiver.invokeBusinessLogic(AbstractInOutMessageReceiver.java:40) >>>> at >>>> org.apache.axis2.receivers.AbstractMessageReceiver.receive(AbstractMessageReceiver.java:110) >>>> at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180) >>>> at >>>> org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:172) >>>> at >>>> org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:146) >>>> at >>>> org.wso2.carbon.core.transports.CarbonServlet.doPost(CarbonServlet.java:231) >>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:755) >>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:848) >>>> at >>>> org.eclipse.equinox.http.servlet.internal.ServletRegistration.service(ServletRegistration.java:61) >>>> at >>>> org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:128) >>>> at >>>> org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:68) >>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:848) >>>> at >>>> org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:68) >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305) >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210) >>>> at >>>> org.wso2.carbon.tomcat.ext.filter.CharacterSetFilter.doFilter(CharacterSetFilter.java:61) >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243) >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210) >>>> at >>>> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222) >>>> at >>>> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123) >>>> at >>>> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472) >>>> at >>>> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171) >>>> at >>>> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99) >>>> at >>>> org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(CompositeValve.java:178) >>>> at >>>> org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve$1.invoke(CarbonTomcatValve.java:47) >>>> at >>>> org.wso2.carbon.webapp.mgt.TenantLazyLoaderValve.invoke(TenantLazyLoaderValve.java:56) >>>> at >>>> org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invokeValves(TomcatValveContainer.java:47) >>>> at >>>> org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:141) >>>> at >>>> org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:156) >>>> at >>>> org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:936) >>>> at >>>> org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:52) >>>> at >>>> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118) >>>> at >>>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407) >>>> at >>>> org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1004) >>>> at >>>> org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:589) >>>> at >>>> org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1653) >>>> at >>>> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) >>>> at >>>> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) >>>> at java.lang.Thread.run(Thread.java:744) >>>> Caused by: javax.net.ssl.SSLHandshakeException: >>>> sun.security.validator.ValidatorException: PKIX path building failed: >>>> sun.security.provider.certpath.SunCertPathBuilderException: unable to find >>>> valid certification path to requested target >>>> at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) >>>> at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1884) >>>> at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:276) >>>> at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:270) >>>> at >>>> sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1341) >>>> at >>>> sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:153) >>>> at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868) >>>> at sun.security.ssl.Handshaker.process_record(Handshaker.java:804) >>>> at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1016) >>>> at >>>> sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312) >>>> at >>>> sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339) >>>> at >>>> sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323) >>>> at >>>> sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563) >>>> at >>>> sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) >>>> at >>>> sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1091) >>>> at >>>> sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:250) >>>> at >>>> org.jclouds.http.internal.JavaUrlHttpCommandExecutorService.writePayloadToConnection(JavaUrlHttpCommandExecutorService.java:303) >>>> at >>>> org.jclouds.http.internal.JavaUrlHttpCommandExecutorService.convert(JavaUrlHttpCommandExecutorService.java:190) >>>> at >>>> org.jclouds.http.internal.JavaUrlHttpCommandExecutorService.convert(JavaUrlHttpCommandExecutorService.java:71) >>>> at >>>> org.jclouds.http.internal.BaseHttpCommandExecutorService.invoke(BaseHttpCommandExecutorService.java:88) >>>> ... 98 more >>>> Caused by: sun.security.validator.ValidatorException: PKIX path >>>> building failed: >>>> sun.security.provider.certpath.SunCertPathBuilderException: unable to find >>>> valid certification path to requested target >>>> at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:385) >>>> at >>>> sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292) >>>> at sun.security.validator.Validator.validate(Validator.java:260) >>>> at >>>> sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326) >>>> at >>>> sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231) >>>> at >>>> sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126) >>>> at >>>> sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1323) >>>> ... 113 more >>>> Caused by: sun.security.provider.certpath.SunCertPathBuilderException: >>>> unable to find valid certification path to requested target >>>> at >>>> sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:196) >>>> at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:268) >>>> at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:380) >>>> ... 119 more >>>> TID: [0] [STRATOS] [2014-12-19 06:18:56,385] ERROR >>>> {org.apache.stratos.cloud.controller.iaases.JcloudsIaas} - Could not >>>> initialize jclouds IaaS >>>> org.apache.stratos.cloud.controller.exception.InvalidIaasProviderException: >>>> Could not build iaas of type: ec2 >>>> at >>>> org.apache.stratos.cloud.controller.iaases.JcloudsIaasUtil.buildComputeServiceAndTemplateFromImage(JcloudsIaasUtil.java:50) >>>> at >>>> org.apache.stratos.cloud.controller.iaases.JcloudsIaasUtil.buildComputeServiceAndTemplate(JcloudsIaasUtil.java:37) >>>> at >>>> org.apache.stratos.cloud.controller.iaases.JcloudsIaas.initialize(Jclo >>>> -- >>>> >>>> Udara Liyanage >>>> Software Engineer >>>> WSO2, Inc.: http://wso2.com >>>> lean. enterprise. middleware >>>> >>>> web: http://udaraliyanage.wordpress.com >>>> phone: +94 71 443 6897 >>>> >>> >>> >>> -- >>> Rajkumar Rajaratnam >>> Committer & PMC Member, Apache Stratos >>> Software Engineer, WSO2 >>> >>> Mobile : +94777568639 >>> Blog : rajkumarr.com >>> >> >> >> -- >> >> Udara Liyanage >> Software Engineer >> WSO2, Inc.: http://wso2.com >> lean. enterprise. middleware >> >> web: http://udaraliyanage.wordpress.com >> phone: +94 71 443 6897 >> > > > -- > > Udara Liyanage > Software Engineer > WSO2, Inc.: http://wso2.com > lean. enterprise. middleware > > web: http://udaraliyanage.wordpress.com > phone: +94 71 443 6897 > -- Regards, Manula Chathurika Thantriwatte Software Engineer WSO2 Inc. : http://wso2.com lean . enterprise . middleware email : manu...@wso2.com / man...@apache.org phone : +94 772492511 blog : http://manulachathurika.blogspot.com/