What I'm not clear is why CC sends a request to *https://ec2.us-east-1.amazonaw <https://ec2.us-east-1.amazonaw/>*s.com (us-east) endpoint, while the defined regions are ap-southeast?
On Fri, Dec 19, 2014 at 8:12 PM, Manula Chathurika Thantriwatte < manu...@wso2.com> wrote: > > Hi, > > IMO is we should keep our own trust store for Stratos, but I'm not sure it > encounter any problem. > > Thanks ! > > On Fri, Dec 19, 2014 at 1:58 PM, Udara Liyanage <ud...@wso2.com> wrote: >> >> Hi, >> >> We need to update the carbon trust store and ship with Stratos. Currently >> truststore is coming from kernel, we have to keep a truss tore of our own >> then. >> >> On Fri, Dec 19, 2014 at 1:13 PM, Udara Liyanage <ud...@wso2.com> wrote: >>> >>> Hi, >>> >>> I think that worked. Thanks Raj. >>> >>> >>> On Fri, Dec 19, 2014 at 12:09 PM, Rajkumar Rajaratnam < >>> rajkum...@wso2.com> wrote: >>>> >>>> Hi Udara, >>>> >>>> Seems that the cert has changed at amazon side. >>>> >>>> Can you import the amazon cert into the client-truststore and try again? >>>> >>>> Thanks. >>>> >>>> On Fri, Dec 19, 2014 at 12:02 PM, Udara Liyanage <ud...@wso2.com> >>>> wrote: >>>>> >>>>> Hi, >>>>> >>>>> Below exception is thrown when application is deployed. >>>>> >>>>> Region I have specified in cloud-controller.xml and partition of the >>>>> deployment policy is ap-souteast-1. >>>>> >>>>> >>>>> TID: [0] [STRATOS] [2014-12-19 06:18:56,376] ERROR >>>>> {org.jclouds.http.handlers.BackoffLimitedRetryHandler} - Cannot retry >>>>> after server error, command has exceeded retry limit 5: >>>>> [method=org.jclouds.ec2.features.AvailabilityZoneAndRegionApi.public >>>>> abstract java.util.Map >>>>> org.jclouds.ec2.features.AvailabilityZoneAndRegionApi.describeRegions(org.jclouds.ec2.options.DescribeRegionsOptions[])[[Lorg.jclouds.ec2.options.DescribeRegionsOptions;@5fced56c], >>>>> request=POST https://ec2.us-east-1.amazonaws.com/ HTTP/1.1] >>>>> TID: [0] [STRATOS] [2014-12-19 06:18:56,379] ERROR >>>>> {org.apache.stratos.cloud.controller.iaases.JcloudsIaasUtil} - * Could >>>>> not build iaas of type: ec2* >>>>> *org.jclouds.http.HttpResponseException: >>>>> sun.security.validator.ValidatorException: PKIX path building failed: >>>>> sun.security.provider.certpath.SunCertPathBuilderException: unable to find >>>>> valid certification path to requested target connecting to POST >>>>> https://ec2.us-east-1.amazonaw <https://ec2.us-east-1.amazonaw>*s.com/ >>>>> HTTP/1.1 >>>>> at >>>>> org.jclouds.http.internal.BaseHttpCommandExecutorService.invoke(BaseHttpCommandExecutorService.java:110) >>>>> at >>>>> org.jclouds.rest.internal.InvokeHttpMethod.invoke(InvokeHttpMethod.java:90) >>>>> at >>>>> org.jclouds.rest.internal.InvokeHttpMethod.apply(InvokeHttpMethod.java:73) >>>>> at >>>>> org.jclouds.rest.internal.InvokeHttpMethod.apply(InvokeHttpMethod.java:44) >>>>> at >>>>> org.jclouds.reflect.FunctionalReflection$FunctionalInvocationHandler.handleInvocation(FunctionalReflection.java:117) >>>>> at >>>>> com.google.common.reflect.AbstractInvocationHandler.invoke(AbstractInvocationHandler.java:87) >>>>> at com.sun.proxy.$Proxy111.describeRegions(Unknown Source) >>>>> at >>>>> org.jclouds.ec2.suppliers.DescribeRegionsForRegionURIs.get(DescribeRegionsForRegionURIs.java:47) >>>>> at >>>>> org.jclouds.ec2.suppliers.DescribeRegionsForRegionURIs.get(DescribeRegionsForRegionURIs.java:34) >>>>> at >>>>> org.jclouds.rest.suppliers.MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier$SetAndThrowAuthorizationExceptionSupplierBackedLoader.load(MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier.java:73) >>>>> at >>>>> org.jclouds.rest.suppliers.MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier$SetAndThrowAuthorizationExceptionSupplierBackedLoader.load(MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier.java:57) >>>>> at >>>>> com.google.common.cache.LocalCache$LoadingValueReference.loadFuture(LocalCache.java:3524) >>>>> at >>>>> com.google.common.cache.LocalCache$Segment.loadSync(LocalCache.java:2317) >>>>> at >>>>> com.google.common.cache.LocalCache$Segment.lockedGetOrLoad(LocalCache.java:2280) >>>>> at com.google.common.cache.LocalCache$Segment.get(LocalCache.java:2195) >>>>> at com.google.common.cache.LocalCache.get(LocalCache.java:3934) >>>>> at com.google.common.cache.LocalCache.getOrLoad(LocalCache.java:3938) >>>>> at >>>>> com.google.common.cache.LocalCache$LocalLoadingCache.get(LocalCache.java:4821) >>>>> at >>>>> org.jclouds.rest.suppliers.MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier.get(MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier.java:119) >>>>> at >>>>> org.jclouds.location.suppliers.derived.RegionIdsFromRegionIdToURIKeySet.get(RegionIdsFromRegionIdToURIKeySet.java:49) >>>>> at >>>>> org.jclouds.location.suppliers.derived.RegionIdsFromRegionIdToURIKeySet.get(RegionIdsFromRegionIdToURIKeySet.java:36) >>>>> at >>>>> com.google.common.base.Suppliers$SupplierComposition.get(Suppliers.java:67) >>>>> at >>>>> org.jclouds.rest.suppliers.MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier$SetAndThrowAuthorizationExceptionSupplierBackedLoader.load(MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier.java:73) >>>>> at >>>>> org.jclouds.rest.suppliers.MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier$SetAndThrowAuthorizationExceptionSupplierBackedLoader.load(MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier.java:57) >>>>> at >>>>> com.google.common.cache.LocalCache$LoadingValueReference.loadFuture(LocalCache.java:3524) >>>>> at >>>>> com.google.common.cache.LocalCache$Segment.loadSync(LocalCache.java:2317) >>>>> at >>>>> com.google.common.cache.LocalCache$Segment.lockedGetOrLoad(LocalCache.java:2280) >>>>> at com.google.common.cache.LocalCache$Segment.get(LocalCache.java:2195) >>>>> at com.google.common.cache.LocalCache.get(LocalCache.java:3934) >>>>> at com.google.common.cache.LocalCache.getOrLoad(LocalCache.java:3938) >>>>> at >>>>> com.google.common.cache.LocalCache$LocalLoadingCache.get(LocalCache.java:4821) >>>>> at >>>>> org.jclouds.rest.suppliers.MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier.get(MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier.java:119) >>>>> at >>>>> org.jclouds.location.suppliers.all.RegionToProviderOrJustProvider.get(RegionToProviderOrJustProvider.java:56) >>>>> at >>>>> org.jclouds.location.suppliers.all.ZoneToRegionToProviderOrJustProvider.get(ZoneToRegionToProviderOrJustProvider.java:71) >>>>> at >>>>> org.jclouds.location.suppliers.all.ZoneToRegionToProviderOrJustProvider.get(ZoneToRegionToProviderOrJustProvider.java:46) >>>>> at >>>>> org.jclouds.rest.suppliers.MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier$SetAndThrowAuthorizationExceptionSupplierBackedLoader.load(MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier.java:73) >>>>> at >>>>> org.jclouds.rest.suppliers.MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier$SetAndThrowAuthorizationExceptionSupplierBackedLoader.load(MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier.java:57) >>>>> at >>>>> com.google.common.cache.LocalCache$LoadingValueReference.loadFuture(LocalCache.java:3524) >>>>> at >>>>> com.google.common.cache.LocalCache$Segment.loadSync(LocalCache.java:2317) >>>>> at >>>>> com.google.common.cache.LocalCache$Segment.lockedGetOrLoad(LocalCache.java:2280) >>>>> at com.google.common.cache.LocalCache$Segment.get(LocalCache.java:2195) >>>>> at com.google.common.cache.LocalCache.get(LocalCache.java:3934) >>>>> at com.google.common.cache.LocalCache.getOrLoad(LocalCache.java:3938) >>>>> at >>>>> com.google.common.cache.LocalCache$LocalLoadingCache.get(LocalCache.java:4821) >>>>> at >>>>> org.jclouds.rest.suppliers.MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier.get(MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier.java:119) >>>>> at >>>>> org.jclouds.compute.internal.BaseComputeService.listAssignableLocations(BaseComputeService.java:385) >>>>> at >>>>> org.apache.stratos.cloud.controller.iaases.JcloudsEC2Iaas.buildTemplate(JcloudsEC2Iaas.java:101) >>>>> at >>>>> org.apache.stratos.cloud.controller.iaases.JcloudsEC2Iaas.buildComputeServiceAndTemplate(JcloudsEC2Iaas.java:79) >>>>> at >>>>> org.apache.stratos.cloud.controller.iaases.JcloudsIaasUtil.buildComputeServiceAndTemplateFromImage(JcloudsIaasUtil.java:46) >>>>> at >>>>> org.apache.stratos.cloud.controller.iaases.JcloudsIaasUtil.buildComputeServiceAndTemplate(JcloudsIaasUtil.java:37) >>>>> at >>>>> org.apache.stratos.cloud.controller.iaases.JcloudsIaas.initialize(JcloudsIaas.java:95) >>>>> at >>>>> org.apache.stratos.cloud.controller.domain.IaasProvider.getIaas(IaasProvider.java:224) >>>>> at >>>>> org.apache.stratos.cloud.controller.services.impl.CloudControllerServiceUtil.buildIaas(CloudControllerServiceUtil.java:51) >>>>> at >>>>> org.apache.stratos.cloud.controller.services.impl.CloudControllerServiceImpl.deployCartridgeDefinition(CloudControllerServiceImpl.java:113) >>>>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >>>>> at >>>>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) >>>>> at >>>>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) >>>>> at java.lang.reflect.Method.invoke(Method.java:606) >>>>> at >>>>> org.apache.axis2.rpc.receivers.RPCUtil.invokeServiceClass(RPCUtil.java:212) >>>>> at >>>>> org.apache.axis2.rpc.receivers.RPCMessageReceiver.invokeBusinessLogic(RPCMessageReceiver.java:117) >>>>> at >>>>> org.apache.axis2.receivers.AbstractInOutMessageReceiver.invokeBusinessLogic(AbstractInOutMessageReceiver.java:40) >>>>> at >>>>> org.apache.axis2.receivers.AbstractMessageReceiver.receive(AbstractMessageReceiver.java:110) >>>>> at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180) >>>>> at >>>>> org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:172) >>>>> at >>>>> org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:146) >>>>> at >>>>> org.wso2.carbon.core.transports.CarbonServlet.doPost(CarbonServlet.java:231) >>>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:755) >>>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:848) >>>>> at >>>>> org.eclipse.equinox.http.servlet.internal.ServletRegistration.service(ServletRegistration.java:61) >>>>> at >>>>> org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:128) >>>>> at >>>>> org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:68) >>>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:848) >>>>> at >>>>> org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:68) >>>>> at >>>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305) >>>>> at >>>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210) >>>>> at >>>>> org.wso2.carbon.tomcat.ext.filter.CharacterSetFilter.doFilter(CharacterSetFilter.java:61) >>>>> at >>>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243) >>>>> at >>>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210) >>>>> at >>>>> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222) >>>>> at >>>>> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123) >>>>> at >>>>> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472) >>>>> at >>>>> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171) >>>>> at >>>>> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99) >>>>> at >>>>> org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(CompositeValve.java:178) >>>>> at >>>>> org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve$1.invoke(CarbonTomcatValve.java:47) >>>>> at >>>>> org.wso2.carbon.webapp.mgt.TenantLazyLoaderValve.invoke(TenantLazyLoaderValve.java:56) >>>>> at >>>>> org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invokeValves(TomcatValveContainer.java:47) >>>>> at >>>>> org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:141) >>>>> at >>>>> org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:156) >>>>> at >>>>> org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:936) >>>>> at >>>>> org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:52) >>>>> at >>>>> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118) >>>>> at >>>>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407) >>>>> at >>>>> org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1004) >>>>> at >>>>> org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:589) >>>>> at >>>>> org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1653) >>>>> at >>>>> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) >>>>> at >>>>> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) >>>>> at java.lang.Thread.run(Thread.java:744) >>>>> Caused by: javax.net.ssl.SSLHandshakeException: >>>>> sun.security.validator.ValidatorException: PKIX path building failed: >>>>> sun.security.provider.certpath.SunCertPathBuilderException: unable to find >>>>> valid certification path to requested target >>>>> at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) >>>>> at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1884) >>>>> at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:276) >>>>> at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:270) >>>>> at >>>>> sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1341) >>>>> at >>>>> sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:153) >>>>> at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868) >>>>> at sun.security.ssl.Handshaker.process_record(Handshaker.java:804) >>>>> at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1016) >>>>> at >>>>> sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312) >>>>> at >>>>> sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339) >>>>> at >>>>> sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323) >>>>> at >>>>> sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563) >>>>> at >>>>> sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) >>>>> at >>>>> sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1091) >>>>> at >>>>> sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:250) >>>>> at >>>>> org.jclouds.http.internal.JavaUrlHttpCommandExecutorService.writePayloadToConnection(JavaUrlHttpCommandExecutorService.java:303) >>>>> at >>>>> org.jclouds.http.internal.JavaUrlHttpCommandExecutorService.convert(JavaUrlHttpCommandExecutorService.java:190) >>>>> at >>>>> org.jclouds.http.internal.JavaUrlHttpCommandExecutorService.convert(JavaUrlHttpCommandExecutorService.java:71) >>>>> at >>>>> org.jclouds.http.internal.BaseHttpCommandExecutorService.invoke(BaseHttpCommandExecutorService.java:88) >>>>> ... 98 more >>>>> Caused by: sun.security.validator.ValidatorException: PKIX path >>>>> building failed: >>>>> sun.security.provider.certpath.SunCertPathBuilderException: unable to find >>>>> valid certification path to requested target >>>>> at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:385) >>>>> at >>>>> sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292) >>>>> at sun.security.validator.Validator.validate(Validator.java:260) >>>>> at >>>>> sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326) >>>>> at >>>>> sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231) >>>>> at >>>>> sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126) >>>>> at >>>>> sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1323) >>>>> ... 113 more >>>>> Caused by: sun.security.provider.certpath.SunCertPathBuilderException: >>>>> unable to find valid certification path to requested target >>>>> at >>>>> sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:196) >>>>> at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:268) >>>>> at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:380) >>>>> ... 119 more >>>>> TID: [0] [STRATOS] [2014-12-19 06:18:56,385] ERROR >>>>> {org.apache.stratos.cloud.controller.iaases.JcloudsIaas} - Could not >>>>> initialize jclouds IaaS >>>>> org.apache.stratos.cloud.controller.exception.InvalidIaasProviderException: >>>>> Could not build iaas of type: ec2 >>>>> at >>>>> org.apache.stratos.cloud.controller.iaases.JcloudsIaasUtil.buildComputeServiceAndTemplateFromImage(JcloudsIaasUtil.java:50) >>>>> at >>>>> org.apache.stratos.cloud.controller.iaases.JcloudsIaasUtil.buildComputeServiceAndTemplate(JcloudsIaasUtil.java:37) >>>>> at >>>>> org.apache.stratos.cloud.controller.iaases.JcloudsIaas.initialize(Jclo >>>>> -- >>>>> >>>>> Udara Liyanage >>>>> Software Engineer >>>>> WSO2, Inc.: http://wso2.com >>>>> lean. enterprise. middleware >>>>> >>>>> web: http://udaraliyanage.wordpress.com >>>>> phone: +94 71 443 6897 >>>>> >>>> >>>> >>>> -- >>>> Rajkumar Rajaratnam >>>> Committer & PMC Member, Apache Stratos >>>> Software Engineer, WSO2 >>>> >>>> Mobile : +94777568639 >>>> Blog : rajkumarr.com >>>> >>> >>> >>> -- >>> >>> Udara Liyanage >>> Software Engineer >>> WSO2, Inc.: http://wso2.com >>> lean. enterprise. middleware >>> >>> web: http://udaraliyanage.wordpress.com >>> phone: +94 71 443 6897 >>> >> >> >> -- >> >> Udara Liyanage >> Software Engineer >> WSO2, Inc.: http://wso2.com >> lean. enterprise. middleware >> >> web: http://udaraliyanage.wordpress.com >> phone: +94 71 443 6897 >> > > > -- > Regards, > Manula Chathurika Thantriwatte > Software Engineer > WSO2 Inc. : http://wso2.com > lean . enterprise . middleware > > email : manu...@wso2.com / man...@apache.org > phone : +94 772492511 > blog : http://manulachathurika.blogspot.com/ > > > > -- *Sajith Kariyawasam* *Committer and PMC member, Apache Stratos,WSO2 Inc., http://wso2.com <http://wso2.com>AMIE (SL)Mobile: +94772269575*