Hi,
IMO is we should keep our own trust store for Stratos, but I'm not sure it
encounter any problem.
Thanks !
On Fri, Dec 19, 2014 at 1:58 PM, Udara Liyanage <ud...@wso2.com> wrote:
>
> Hi,
>
> We need to update the carbon trust store and ship with Stratos. Currently
> truststore is coming from kernel, we have to keep a truss tore of our own
> then.
>
> On Fri, Dec 19, 2014 at 1:13 PM, Udara Liyanage <ud...@wso2.com> wrote:
>>
>> Hi,
>>
>> I think that worked. Thanks Raj.
>>
>>
>> On Fri, Dec 19, 2014 at 12:09 PM, Rajkumar Rajaratnam <rajkum...@wso2.com
>> > wrote:
>>>
>>> Hi Udara,
>>>
>>> Seems that the cert has changed at amazon side.
>>>
>>> Can you import the amazon cert into the client-truststore and try again?
>>>
>>> Thanks.
>>>
>>> On Fri, Dec 19, 2014 at 12:02 PM, Udara Liyanage <ud...@wso2.com> wrote:
>>>>
>>>> Hi,
>>>>
>>>> Below exception is thrown when application is deployed.
>>>>
>>>> Region I have specified in cloud-controller.xml and partition of the
>>>> deployment policy is ap-souteast-1.
>>>>
>>>>
>>>> TID: [0] [STRATOS] [2014-12-19 06:18:56,376] ERROR
>>>> {org.jclouds.http.handlers.BackoffLimitedRetryHandler} - Cannot retry
>>>> after server error, command has exceeded retry limit 5:
>>>> [method=org.jclouds.ec2.features.AvailabilityZoneAndRegionApi.public
>>>> abstract java.util.Map
>>>> org.jclouds.ec2.features.AvailabilityZoneAndRegionApi.describeRegions(org.jclouds.ec2.options.DescribeRegionsOptions[])[[Lorg.jclouds.ec2.options.DescribeRegionsOptions;@5fced56c],
>>>> request=POST https://ec2.us-east-1.amazonaws.com/ HTTP/1.1]
>>>> TID: [0] [STRATOS] [2014-12-19 06:18:56,379] ERROR
>>>> {org.apache.stratos.cloud.controller.iaases.JcloudsIaasUtil} - * Could
>>>> not build iaas of type: ec2*
>>>> *org.jclouds.http.HttpResponseException:
>>>> sun.security.validator.ValidatorException: PKIX path building failed:
>>>> sun.security.provider.certpath.SunCertPathBuilderException: unable to find
>>>> valid certification path to requested target connecting to POST
>>>> https://ec2.us-east-1.amazonaw <https://ec2.us-east-1.amazonaw>*s.com/
>>>> HTTP/1.1
>>>> at
>>>> org.jclouds.http.internal.BaseHttpCommandExecutorService.invoke(BaseHttpCommandExecutorService.java:110)
>>>> at
>>>> org.jclouds.rest.internal.InvokeHttpMethod.invoke(InvokeHttpMethod.java:90)
>>>> at
>>>> org.jclouds.rest.internal.InvokeHttpMethod.apply(InvokeHttpMethod.java:73)
>>>> at
>>>> org.jclouds.rest.internal.InvokeHttpMethod.apply(InvokeHttpMethod.java:44)
>>>> at
>>>> org.jclouds.reflect.FunctionalReflection$FunctionalInvocationHandler.handleInvocation(FunctionalReflection.java:117)
>>>> at
>>>> com.google.common.reflect.AbstractInvocationHandler.invoke(AbstractInvocationHandler.java:87)
>>>> at com.sun.proxy.$Proxy111.describeRegions(Unknown Source)
>>>> at
>>>> org.jclouds.ec2.suppliers.DescribeRegionsForRegionURIs.get(DescribeRegionsForRegionURIs.java:47)
>>>> at
>>>> org.jclouds.ec2.suppliers.DescribeRegionsForRegionURIs.get(DescribeRegionsForRegionURIs.java:34)
>>>> at
>>>> org.jclouds.rest.suppliers.MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier$SetAndThrowAuthorizationExceptionSupplierBackedLoader.load(MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier.java:73)
>>>> at
>>>> org.jclouds.rest.suppliers.MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier$SetAndThrowAuthorizationExceptionSupplierBackedLoader.load(MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier.java:57)
>>>> at
>>>> com.google.common.cache.LocalCache$LoadingValueReference.loadFuture(LocalCache.java:3524)
>>>> at
>>>> com.google.common.cache.LocalCache$Segment.loadSync(LocalCache.java:2317)
>>>> at
>>>> com.google.common.cache.LocalCache$Segment.lockedGetOrLoad(LocalCache.java:2280)
>>>> at com.google.common.cache.LocalCache$Segment.get(LocalCache.java:2195)
>>>> at com.google.common.cache.LocalCache.get(LocalCache.java:3934)
>>>> at com.google.common.cache.LocalCache.getOrLoad(LocalCache.java:3938)
>>>> at
>>>> com.google.common.cache.LocalCache$LocalLoadingCache.get(LocalCache.java:4821)
>>>> at
>>>> org.jclouds.rest.suppliers.MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier.get(MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier.java:119)
>>>> at
>>>> org.jclouds.location.suppliers.derived.RegionIdsFromRegionIdToURIKeySet.get(RegionIdsFromRegionIdToURIKeySet.java:49)
>>>> at
>>>> org.jclouds.location.suppliers.derived.RegionIdsFromRegionIdToURIKeySet.get(RegionIdsFromRegionIdToURIKeySet.java:36)
>>>> at
>>>> com.google.common.base.Suppliers$SupplierComposition.get(Suppliers.java:67)
>>>> at
>>>> org.jclouds.rest.suppliers.MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier$SetAndThrowAuthorizationExceptionSupplierBackedLoader.load(MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier.java:73)
>>>> at
>>>> org.jclouds.rest.suppliers.MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier$SetAndThrowAuthorizationExceptionSupplierBackedLoader.load(MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier.java:57)
>>>> at
>>>> com.google.common.cache.LocalCache$LoadingValueReference.loadFuture(LocalCache.java:3524)
>>>> at
>>>> com.google.common.cache.LocalCache$Segment.loadSync(LocalCache.java:2317)
>>>> at
>>>> com.google.common.cache.LocalCache$Segment.lockedGetOrLoad(LocalCache.java:2280)
>>>> at com.google.common.cache.LocalCache$Segment.get(LocalCache.java:2195)
>>>> at com.google.common.cache.LocalCache.get(LocalCache.java:3934)
>>>> at com.google.common.cache.LocalCache.getOrLoad(LocalCache.java:3938)
>>>> at
>>>> com.google.common.cache.LocalCache$LocalLoadingCache.get(LocalCache.java:4821)
>>>> at
>>>> org.jclouds.rest.suppliers.MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier.get(MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier.java:119)
>>>> at
>>>> org.jclouds.location.suppliers.all.RegionToProviderOrJustProvider.get(RegionToProviderOrJustProvider.java:56)
>>>> at
>>>> org.jclouds.location.suppliers.all.ZoneToRegionToProviderOrJustProvider.get(ZoneToRegionToProviderOrJustProvider.java:71)
>>>> at
>>>> org.jclouds.location.suppliers.all.ZoneToRegionToProviderOrJustProvider.get(ZoneToRegionToProviderOrJustProvider.java:46)
>>>> at
>>>> org.jclouds.rest.suppliers.MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier$SetAndThrowAuthorizationExceptionSupplierBackedLoader.load(MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier.java:73)
>>>> at
>>>> org.jclouds.rest.suppliers.MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier$SetAndThrowAuthorizationExceptionSupplierBackedLoader.load(MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier.java:57)
>>>> at
>>>> com.google.common.cache.LocalCache$LoadingValueReference.loadFuture(LocalCache.java:3524)
>>>> at
>>>> com.google.common.cache.LocalCache$Segment.loadSync(LocalCache.java:2317)
>>>> at
>>>> com.google.common.cache.LocalCache$Segment.lockedGetOrLoad(LocalCache.java:2280)
>>>> at com.google.common.cache.LocalCache$Segment.get(LocalCache.java:2195)
>>>> at com.google.common.cache.LocalCache.get(LocalCache.java:3934)
>>>> at com.google.common.cache.LocalCache.getOrLoad(LocalCache.java:3938)
>>>> at
>>>> com.google.common.cache.LocalCache$LocalLoadingCache.get(LocalCache.java:4821)
>>>> at
>>>> org.jclouds.rest.suppliers.MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier.get(MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier.java:119)
>>>> at
>>>> org.jclouds.compute.internal.BaseComputeService.listAssignableLocations(BaseComputeService.java:385)
>>>> at
>>>> org.apache.stratos.cloud.controller.iaases.JcloudsEC2Iaas.buildTemplate(JcloudsEC2Iaas.java:101)
>>>> at
>>>> org.apache.stratos.cloud.controller.iaases.JcloudsEC2Iaas.buildComputeServiceAndTemplate(JcloudsEC2Iaas.java:79)
>>>> at
>>>> org.apache.stratos.cloud.controller.iaases.JcloudsIaasUtil.buildComputeServiceAndTemplateFromImage(JcloudsIaasUtil.java:46)
>>>> at
>>>> org.apache.stratos.cloud.controller.iaases.JcloudsIaasUtil.buildComputeServiceAndTemplate(JcloudsIaasUtil.java:37)
>>>> at
>>>> org.apache.stratos.cloud.controller.iaases.JcloudsIaas.initialize(JcloudsIaas.java:95)
>>>> at
>>>> org.apache.stratos.cloud.controller.domain.IaasProvider.getIaas(IaasProvider.java:224)
>>>> at
>>>> org.apache.stratos.cloud.controller.services.impl.CloudControllerServiceUtil.buildIaas(CloudControllerServiceUtil.java:51)
>>>> at
>>>> org.apache.stratos.cloud.controller.services.impl.CloudControllerServiceImpl.deployCartridgeDefinition(CloudControllerServiceImpl.java:113)
>>>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>>>> at
>>>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
>>>> at
>>>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
>>>> at java.lang.reflect.Method.invoke(Method.java:606)
>>>> at
>>>> org.apache.axis2.rpc.receivers.RPCUtil.invokeServiceClass(RPCUtil.java:212)
>>>> at
>>>> org.apache.axis2.rpc.receivers.RPCMessageReceiver.invokeBusinessLogic(RPCMessageReceiver.java:117)
>>>> at
>>>> org.apache.axis2.receivers.AbstractInOutMessageReceiver.invokeBusinessLogic(AbstractInOutMessageReceiver.java:40)
>>>> at
>>>> org.apache.axis2.receivers.AbstractMessageReceiver.receive(AbstractMessageReceiver.java:110)
>>>> at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180)
>>>> at
>>>> org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:172)
>>>> at
>>>> org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:146)
>>>> at
>>>> org.wso2.carbon.core.transports.CarbonServlet.doPost(CarbonServlet.java:231)
>>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:755)
>>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:848)
>>>> at
>>>> org.eclipse.equinox.http.servlet.internal.ServletRegistration.service(ServletRegistration.java:61)
>>>> at
>>>> org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:128)
>>>> at
>>>> org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:68)
>>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:848)
>>>> at
>>>> org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:68)
>>>> at
>>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305)
>>>> at
>>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
>>>> at
>>>> org.wso2.carbon.tomcat.ext.filter.CharacterSetFilter.doFilter(CharacterSetFilter.java:61)
>>>> at
>>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
>>>> at
>>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
>>>> at
>>>> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222)
>>>> at
>>>> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123)
>>>> at
>>>> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
>>>> at
>>>> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171)
>>>> at
>>>> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99)
>>>> at
>>>> org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(CompositeValve.java:178)
>>>> at
>>>> org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve$1.invoke(CarbonTomcatValve.java:47)
>>>> at
>>>> org.wso2.carbon.webapp.mgt.TenantLazyLoaderValve.invoke(TenantLazyLoaderValve.java:56)
>>>> at
>>>> org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invokeValves(TomcatValveContainer.java:47)
>>>> at
>>>> org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:141)
>>>> at
>>>> org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:156)
>>>> at
>>>> org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:936)
>>>> at
>>>> org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:52)
>>>> at
>>>> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
>>>> at
>>>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407)
>>>> at
>>>> org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1004)
>>>> at
>>>> org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:589)
>>>> at
>>>> org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1653)
>>>> at
>>>> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
>>>> at
>>>> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
>>>> at java.lang.Thread.run(Thread.java:744)
>>>> Caused by: javax.net.ssl.SSLHandshakeException:
>>>> sun.security.validator.ValidatorException: PKIX path building failed:
>>>> sun.security.provider.certpath.SunCertPathBuilderException: unable to find
>>>> valid certification path to requested target
>>>> at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
>>>> at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1884)
>>>> at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:276)
>>>> at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:270)
>>>> at
>>>> sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1341)
>>>> at
>>>> sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:153)
>>>> at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868)
>>>> at sun.security.ssl.Handshaker.process_record(Handshaker.java:804)
>>>> at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1016)
>>>> at
>>>> sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312)
>>>> at
>>>> sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339)
>>>> at
>>>> sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323)
>>>> at
>>>> sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563)
>>>> at
>>>> sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
>>>> at
>>>> sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1091)
>>>> at
>>>> sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:250)
>>>> at
>>>> org.jclouds.http.internal.JavaUrlHttpCommandExecutorService.writePayloadToConnection(JavaUrlHttpCommandExecutorService.java:303)
>>>> at
>>>> org.jclouds.http.internal.JavaUrlHttpCommandExecutorService.convert(JavaUrlHttpCommandExecutorService.java:190)
>>>> at
>>>> org.jclouds.http.internal.JavaUrlHttpCommandExecutorService.convert(JavaUrlHttpCommandExecutorService.java:71)
>>>> at
>>>> org.jclouds.http.internal.BaseHttpCommandExecutorService.invoke(BaseHttpCommandExecutorService.java:88)
>>>> ... 98 more
>>>> Caused by: sun.security.validator.ValidatorException: PKIX path
>>>> building failed:
>>>> sun.security.provider.certpath.SunCertPathBuilderException: unable to find
>>>> valid certification path to requested target
>>>> at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:385)
>>>> at
>>>> sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)
>>>> at sun.security.validator.Validator.validate(Validator.java:260)
>>>> at
>>>> sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326)
>>>> at
>>>> sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231)
>>>> at
>>>> sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126)
>>>> at
>>>> sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1323)
>>>> ... 113 more
>>>> Caused by: sun.security.provider.certpath.SunCertPathBuilderException:
>>>> unable to find valid certification path to requested target
>>>> at
>>>> sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:196)
>>>> at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:268)
>>>> at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:380)
>>>> ... 119 more
>>>> TID: [0] [STRATOS] [2014-12-19 06:18:56,385] ERROR
>>>> {org.apache.stratos.cloud.controller.iaases.JcloudsIaas} - Could not
>>>> initialize jclouds IaaS
>>>> org.apache.stratos.cloud.controller.exception.InvalidIaasProviderException:
>>>> Could not build iaas of type: ec2
>>>> at
>>>> org.apache.stratos.cloud.controller.iaases.JcloudsIaasUtil.buildComputeServiceAndTemplateFromImage(JcloudsIaasUtil.java:50)
>>>> at
>>>> org.apache.stratos.cloud.controller.iaases.JcloudsIaasUtil.buildComputeServiceAndTemplate(JcloudsIaasUtil.java:37)
>>>> at
>>>> org.apache.stratos.cloud.controller.iaases.JcloudsIaas.initialize(Jclo
>>>> --
>>>>
>>>> Udara Liyanage
>>>> Software Engineer
>>>> WSO2, Inc.: http://wso2.com
>>>> lean. enterprise. middleware
>>>>
>>>> web: http://udaraliyanage.wordpress.com
>>>> phone: +94 71 443 6897
>>>>
>>>
>>>
>>> --
>>> Rajkumar Rajaratnam
>>> Committer & PMC Member, Apache Stratos
>>> Software Engineer, WSO2
>>>
>>> Mobile : +94777568639
>>> Blog : rajkumarr.com
>>>
>>
>>
>> --
>>
>> Udara Liyanage
>> Software Engineer
>> WSO2, Inc.: http://wso2.com
>> lean. enterprise. middleware
>>
>> web: http://udaraliyanage.wordpress.com
>> phone: +94 71 443 6897
>>
>
>
> --
>
> Udara Liyanage
> Software Engineer
> WSO2, Inc.: http://wso2.com
> lean. enterprise. middleware
>
> web: http://udaraliyanage.wordpress.com
> phone: +94 71 443 6897
>
--
Regards,
Manula Chathurika Thantriwatte
Software Engineer
WSO2 Inc. : http://wso2.com
lean . enterprise . middleware
email : manu...@wso2.com / man...@apache.org
phone : +94 772492511
blog : http://manulachathurika.blogspot.com/
