Closed AnaCarolinaChaves closed 2 years ago
(DSC: The DSC receives an HTTP Error 500 from the CH as a response to the sent request response-code=(500)
)
The response from the DAPS is a code 200. Is on the CH trusted connector that the error is thrown.
So far this issue seems very similar to #18. Just for background info: the CH uses parts of the Trusted Connector to connect to the DAPS and the Exception you encountered is thrown there by AisecDapsDriver.getToken()
. As the cause of the error is a connection exception, it would be great to know what caused the java.net.ConnectException
in the first place.
Could you try to add
<log message="### With Cause ${exception.cause.stacktrace} ###"/>
to the routes.xml
and see if we can get more information about the ConnectException?
The logs presented already had the line. I read the issue and used the lines for the stack trace shown there.
I'll send the rest of the logs. It says that the reason is a null value.
2022-06-21 13:06:04.106 DEBUG 1 --- [qtp753549713-39] d.f.a.i.c.m.MultiPartStringParser : Found body with Content-Type "application/ld+json; charset=utf-8"
2022-06-21 13:06:04.168 DEBUG 1 --- [qtp753549713-39] c.ClearingHouseInfomodelParsingProcessor : Using Charset from Content-Type header: utf-8
2022-06-21 13:06:04.324 DEBUG 1 --- [qtp753549713-39] d.f.a.i.i.d.d.a.AisecDapsDriver : AKI: C4:10:D7:AB:4B:F0:81:45:96:06:97:AD:2A:01:47:D0:C5:F0:45:AC:
2022-06-21 13:06:04.327 DEBUG 1 --- [qtp753549713-39] d.f.a.i.i.d.d.a.AisecDapsDriver : SKI: C4:10:D7:AB:4B:F0:81:45:96:06:97:AD:2A:01:47:D0:C5:F0:45:AC:
2022-06-21 13:06:04.473 INFO 1 --- [qtp753549713-39] d.f.a.i.i.d.d.a.AisecDapsDriver : Retrieving Dynamic Attribute Token from DAPS ...
2022-06-21 13:06:04.474 DEBUG 1 --- [qtp753549713-39] d.f.a.i.i.d.d.a.AisecDapsDriver : ConnectorUUID: C4:10:D7:AB:4B:F0:81:45:96:06:97:AD:2A:01:47:D0:C5:F0:45:AC:keyid:C4:10:D7:AB:4B:F0:81:45:96:06:97:AD:2A:01:47:D0:C5:F0:45:AC
2022-06-21 13:06:04.496 INFO 1 --- [qtp753549713-39] CH_MULTIPART_ROUTE : ### Handle class de.fhg.aisec.ids.idscp2.idscp_core.error.DatException ###
2022-06-21 13:06:04.506 INFO 1 --- [qtp753549713-39] CH_MULTIPART_ROUTE : ### Handle de.fhg.aisec.ids.idscp2.idscp_core.error.DatException: Error whilst retrieving DAT ###
2022-06-21 13:06:04.508 INFO 1 --- [qtp753549713-39] CH_MULTIPART_ROUTE : ### With Trace de.fhg.aisec.ids.idscp2.idscp_core.error.DatException: Error whilst retrieving DAT
at de.fhg.aisec.ids.idscp2.default_drivers.daps.aisec_daps.AisecDapsDriver.getToken(AisecDapsDriver.kt:342)
at de.fhg.aisec.ids.clearinghouse.ClearingHouseOutputProcessor$Companion.processClearingHouseOutput(ClearingHouseOutputProcessor.kt:65)
at de.fhg.aisec.ids.clearinghouse.ClearingHouseOutputProcessor.process(ClearingHouseOutputProcessor.kt:40)
at org.apache.camel.support.processor.DelegateSyncProcessor.process(DelegateSyncProcessor.java:65)
at org.apache.camel.support.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:104)
at de.fhg.aisec.ids.dataflowcontrol.PolicyEnforcementPoint.process(PolicyEnforcementPoint.kt:201)
at org.apache.camel.support.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:104)
at org.apache.camel.processor.errorhandler.RedeliveryErrorHandler$RedeliveryTask.doRun(RedeliveryErrorHandler.java:812)
at org.apache.camel.processor.errorhandler.RedeliveryErrorHandler$RedeliveryTask.run(RedeliveryErrorHandler.java:720)
at org.apache.camel.impl.engine.DefaultReactiveExecutor$Worker.schedule(DefaultReactiveExecutor.java:193)
at org.apache.camel.impl.engine.DefaultReactiveExecutor.scheduleMain(DefaultReactiveExecutor.java:64)
at org.apache.camel.processor.Pipeline.process(Pipeline.java:184)
at org.apache.camel.impl.engine.CamelInternalProcessor.process(CamelInternalProcessor.java:399)
at org.apache.camel.component.jetty.CamelContinuationServlet.doService(CamelContinuationServlet.java:245)
at org.apache.camel.http.common.CamelServlet.service(CamelServlet.java:130)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:584)
at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:799)
at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:550)
at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:233)
at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1440)
at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:188)
at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:501)
at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:186)
at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1355)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127)
at org.eclipse.jetty.server.Server.handle(Server.java:516)
at org.eclipse.jetty.server.HttpChannel.lambda$handle$1(HttpChannel.java:487)
at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:732)
at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:479)
at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:277)
at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:311)
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:105)
at org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.onFillable(SslConnection.java:555)
at org.eclipse.jetty.io.ssl.SslConnection.onFillable(SslConnection.java:410)
at org.eclipse.jetty.io.ssl.SslConnection$2.succeeded(SslConnection.java:164)
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:105)
at org.eclipse.jetty.io.ChannelEndPoint$1.run(ChannelEndPoint.java:104)
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:338)
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:315)
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:173)
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:131)
at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:409)
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:883)
at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1034)
at java.base/java.lang.Thread.run(Thread.java:833)
Caused by: java.net.ConnectException
at java.net.http/jdk.internal.net.http.common.Utils.toConnectException(Utils.java:1047)
at java.net.http/jdk.internal.net.http.PlainHttpConnection.connectAsync(PlainHttpConnection.java:198)
at java.net.http/jdk.internal.net.http.PlainHttpConnection.checkRetryConnect(PlainHttpConnection.java:230)
at java.net.http/jdk.internal.net.http.PlainHttpConnection.lambda$connectAsync$1(PlainHttpConnection.java:206)
at java.base/java.util.concurrent.CompletableFuture.uniHandle(CompletableFuture.java:934)
at java.base/java.util.concurrent.CompletableFuture$UniHandle.tryFire(CompletableFuture.java:911)
at java.base/java.util.concurrent.CompletableFuture.postComplete(CompletableFuture.java:510)
at java.base/java.util.concurrent.CompletableFuture$AsyncSupply.run(CompletableFuture.java:1773)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635)
... 1 more
Caused by: java.nio.channels.ClosedChannelException
at java.base/sun.nio.ch.SocketChannelImpl.ensureOpen(SocketChannelImpl.java:195)
at java.base/sun.nio.ch.SocketChannelImpl.beginConnect(SocketChannelImpl.java:760)
at java.base/sun.nio.ch.SocketChannelImpl.connect(SocketChannelImpl.java:848)
at java.net.http/jdk.internal.net.http.PlainHttpConnection.lambda$connectAsync$0(PlainHttpConnection.java:183)
at java.base/java.security.AccessController.doPrivileged(AccessController.java:569)
at java.net.http/jdk.internal.net.http.PlainHttpConnection.connectAsync(PlainHttpConnection.java:185)
... 9 more
###
2022-06-21 13:06:04.512 ERROR 1 --- [qtp753549713-39] o.a.c.p.FatalFallbackErrorHandler : Exception occurred while trying to handle previously thrown exception on exchangeId: 9E36EB4ABFF6EE3-0000000000000013 using: [null]. The previous and the new exception will be logged in the following.
2022-06-21 13:06:04.513 ERROR 1 --- [qtp753549713-39] o.a.c.p.FatalFallbackErrorHandler : \--> Previous exception on exchangeId: 9E36EB4ABFF6EE3-0000000000000013
de.fhg.aisec.ids.idscp2.idscp_core.error.DatException: Error whilst retrieving DAT
at de.fhg.aisec.ids.idscp2.default_drivers.daps.aisec_daps.AisecDapsDriver.getToken(AisecDapsDriver.kt:342) ~[idscp2-0.10.3.jar:na]
at de.fhg.aisec.ids.clearinghouse.ClearingHouseOutputProcessor$Companion.processClearingHouseOutput(ClearingHouseOutputProcessor.kt:65) ~[clearing-house-processors.jar:na]
at de.fhg.aisec.ids.clearinghouse.ClearingHouseOutputProcessor.process(ClearingHouseOutputProcessor.kt:40) ~[clearing-house-processors.jar:na]
at org.apache.camel.support.processor.DelegateSyncProcessor.process(DelegateSyncProcessor.java:65) ~[camel-support-3.16.0.jar:3.16.0]
at org.apache.camel.support.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:104) ~[camel-support-3.16.0.jar:3.16.0]
at de.fhg.aisec.ids.dataflowcontrol.PolicyEnforcementPoint.process(PolicyEnforcementPoint.kt:201) ~[ids-dataflow-control-6.3.0.jar:na]
at org.apache.camel.support.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:104) ~[camel-support-3.16.0.jar:3.16.0]
at org.apache.camel.processor.errorhandler.RedeliveryErrorHandler$RedeliveryTask.doRun(RedeliveryErrorHandler.java:812) ~[camel-core-processor-3.16.0.jar:3.16.0]
at org.apache.camel.processor.errorhandler.RedeliveryErrorHandler$RedeliveryTask.run(RedeliveryErrorHandler.java:720) ~[camel-core-processor-3.16.0.jar:3.16.0]
at org.apache.camel.impl.engine.DefaultReactiveExecutor$Worker.schedule(DefaultReactiveExecutor.java:193) ~[camel-base-engine-3.16.0.jar:3.16.0]
at org.apache.camel.impl.engine.DefaultReactiveExecutor.scheduleMain(DefaultReactiveExecutor.java:64) ~[camel-base-engine-3.16.0.jar:3.16.0]
at org.apache.camel.processor.Pipeline.process(Pipeline.java:184) ~[camel-core-processor-3.16.0.jar:3.16.0]
at org.apache.camel.impl.engine.CamelInternalProcessor.process(CamelInternalProcessor.java:399) ~[camel-base-engine-3.16.0.jar:3.16.0]
at org.apache.camel.component.jetty.CamelContinuationServlet.doService(CamelContinuationServlet.java:245) ~[camel-jetty-common-3.16.0.jar:3.16.0]
at org.apache.camel.http.common.CamelServlet.service(CamelServlet.java:130) ~[camel-http-common-3.16.0.jar:3.16.0]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:584) ~[jakarta.servlet-api-4.0.4.jar:4.0.4]
at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:799) ~[jetty-servlet-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:550) ~[jetty-servlet-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:233) ~[jetty-server-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1440) ~[jetty-server-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:188) ~[jetty-server-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:501) ~[jetty-servlet-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:186) ~[jetty-server-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1355) ~[jetty-server-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) ~[jetty-server-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127) ~[jetty-server-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.server.Server.handle(Server.java:516) ~[jetty-server-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.server.HttpChannel.lambda$handle$1(HttpChannel.java:487) ~[jetty-server-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:732) ~[jetty-server-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:479) ~[jetty-server-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:277) ~[jetty-server-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:311) ~[jetty-io-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:105) ~[jetty-io-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.onFillable(SslConnection.java:555) ~[jetty-io-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.io.ssl.SslConnection.onFillable(SslConnection.java:410) ~[jetty-io-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.io.ssl.SslConnection$2.succeeded(SslConnection.java:164) ~[jetty-io-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:105) ~[jetty-io-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.io.ChannelEndPoint$1.run(ChannelEndPoint.java:104) ~[jetty-io-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:338) ~[jetty-util-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:315) ~[jetty-util-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:173) ~[jetty-util-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:131) ~[jetty-util-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:409) ~[jetty-util-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:883) ~[jetty-util-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1034) ~[jetty-util-9.4.45.v20220203.jar:9.4.45.v20220203]
at java.base/java.lang.Thread.run(Thread.java:833) ~[na:na]
Caused by: java.net.ConnectException: null
at java.net.http/jdk.internal.net.http.common.Utils.toConnectException(Utils.java:1047) ~[java.net.http:na]
at java.net.http/jdk.internal.net.http.PlainHttpConnection.connectAsync(PlainHttpConnection.java:198) ~[java.net.http:na]
at java.net.http/jdk.internal.net.http.PlainHttpConnection.checkRetryConnect(PlainHttpConnection.java:230) ~[java.net.http:na]
at java.net.http/jdk.internal.net.http.PlainHttpConnection.lambda$connectAsync$1(PlainHttpConnection.java:206) ~[java.net.http:na]
at java.base/java.util.concurrent.CompletableFuture.uniHandle(CompletableFuture.java:934) ~[na:na]
at java.base/java.util.concurrent.CompletableFuture$UniHandle.tryFire(CompletableFuture.java:911) ~[na:na]
at java.base/java.util.concurrent.CompletableFuture.postComplete(CompletableFuture.java:510) ~[na:na]
at java.base/java.util.concurrent.CompletableFuture$AsyncSupply.run(CompletableFuture.java:1773) ~[na:na]
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136) ~[na:na]
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635) ~[na:na]
... 1 common frames omitted
Caused by: java.nio.channels.ClosedChannelException: null
at java.base/sun.nio.ch.SocketChannelImpl.ensureOpen(SocketChannelImpl.java:195) ~[na:na]
at java.base/sun.nio.ch.SocketChannelImpl.beginConnect(SocketChannelImpl.java:760) ~[na:na]
at java.base/sun.nio.ch.SocketChannelImpl.connect(SocketChannelImpl.java:848) ~[na:na]
at java.net.http/jdk.internal.net.http.PlainHttpConnection.lambda$connectAsync$0(PlainHttpConnection.java:183) ~[java.net.http:na]
at java.base/java.security.AccessController.doPrivileged(AccessController.java:569) ~[na:na]
at java.net.http/jdk.internal.net.http.PlainHttpConnection.connectAsync(PlainHttpConnection.java:185) ~[java.net.http:na]
... 9 common frames omitted
2022-06-21 13:06:04.514 ERROR 1 --- [qtp753549713-39] o.a.c.p.FatalFallbackErrorHandler : \--> New exception on exchangeId: 9E36EB4ABFF6EE3-0000000000000013
org.apache.camel.language.bean.RuntimeBeanExpressionException: Failed to invoke method: stacktrace on null due to: org.apache.camel.component.bean.MethodNotFoundException: Method with name: stacktrace not found on bean: java.net.ConnectException of type: java.net.ConnectException on the exchange: Exchange[9E36EB4ABFF6EE3-0000000000000013]
at org.apache.camel.language.bean.BeanExpression.invokeOgnlMethod(BeanExpression.java:453) ~[camel-bean-3.16.0.jar:3.16.0]
at org.apache.camel.language.bean.BeanExpression.evaluate(BeanExpression.java:199) ~[camel-bean-3.16.0.jar:3.16.0]
at org.apache.camel.language.bean.BeanExpression.evaluate(BeanExpression.java:214) ~[camel-bean-3.16.0.jar:3.16.0]
at org.apache.camel.language.simple.SimpleExpressionBuilder$31.evaluate(SimpleExpressionBuilder.java:912) ~[camel-core-languages-3.16.0.jar:3.16.0]
at org.apache.camel.support.ExpressionAdapter.evaluate(ExpressionAdapter.java:45) ~[camel-support-3.16.0.jar:3.16.0]
at org.apache.camel.support.builder.ExpressionBuilder$51.evaluate(ExpressionBuilder.java:1560) ~[camel-support-3.16.0.jar:3.16.0]
at org.apache.camel.support.ExpressionAdapter.evaluate(ExpressionAdapter.java:45) ~[camel-support-3.16.0.jar:3.16.0]
at org.apache.camel.processor.LogProcessor.process(LogProcessor.java:71) ~[camel-core-processor-3.16.0.jar:3.16.0]
at org.apache.camel.support.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:104) ~[camel-support-3.16.0.jar:3.16.0]
at de.fhg.aisec.ids.dataflowcontrol.PolicyEnforcementPoint.process(PolicyEnforcementPoint.kt:201) ~[ids-dataflow-control-6.3.0.jar:na]
at org.apache.camel.support.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:104) ~[camel-support-3.16.0.jar:3.16.0]
at org.apache.camel.impl.engine.CamelInternalProcessor.process(CamelInternalProcessor.java:399) ~[camel-base-engine-3.16.0.jar:3.16.0]
at org.apache.camel.processor.Pipeline$PipelineTask.run(Pipeline.java:109) ~[camel-core-processor-3.16.0.jar:3.16.0]
at org.apache.camel.impl.engine.DefaultReactiveExecutor$Worker.schedule(DefaultReactiveExecutor.java:193) ~[camel-base-engine-3.16.0.jar:3.16.0]
at org.apache.camel.impl.engine.DefaultReactiveExecutor.scheduleMain(DefaultReactiveExecutor.java:64) ~[camel-base-engine-3.16.0.jar:3.16.0]
at org.apache.camel.processor.Pipeline.process(Pipeline.java:184) ~[camel-core-processor-3.16.0.jar:3.16.0]
at org.apache.camel.impl.engine.CamelInternalProcessor.process(CamelInternalProcessor.java:399) ~[camel-base-engine-3.16.0.jar:3.16.0]
at org.apache.camel.component.jetty.CamelContinuationServlet.doService(CamelContinuationServlet.java:245) ~[camel-jetty-common-3.16.0.jar:3.16.0]
at org.apache.camel.http.common.CamelServlet.service(CamelServlet.java:130) ~[camel-http-common-3.16.0.jar:3.16.0]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:584) ~[jakarta.servlet-api-4.0.4.jar:4.0.4]
at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:799) ~[jetty-servlet-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:550) ~[jetty-servlet-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:233) ~[jetty-server-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1440) ~[jetty-server-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:188) ~[jetty-server-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:501) ~[jetty-servlet-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:186) ~[jetty-server-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1355) ~[jetty-server-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) ~[jetty-server-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127) ~[jetty-server-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.server.Server.handle(Server.java:516) ~[jetty-server-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.server.HttpChannel.lambda$handle$1(HttpChannel.java:487) ~[jetty-server-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:732) ~[jetty-server-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:479) ~[jetty-server-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:277) ~[jetty-server-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:311) ~[jetty-io-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:105) ~[jetty-io-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.onFillable(SslConnection.java:555) ~[jetty-io-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.io.ssl.SslConnection.onFillable(SslConnection.java:410) ~[jetty-io-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.io.ssl.SslConnection$2.succeeded(SslConnection.java:164) ~[jetty-io-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:105) ~[jetty-io-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.io.ChannelEndPoint$1.run(ChannelEndPoint.java:104) ~[jetty-io-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:338) ~[jetty-util-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:315) ~[jetty-util-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:173) ~[jetty-util-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:131) ~[jetty-util-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:409) ~[jetty-util-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:883) ~[jetty-util-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1034) ~[jetty-util-9.4.45.v20220203.jar:9.4.45.v20220203]
at java.base/java.lang.Thread.run(Thread.java:833) ~[na:na]
Caused by: org.apache.camel.component.bean.MethodNotFoundException: Method with name: stacktrace not found on bean: java.net.ConnectException of type: java.net.ConnectException on the exchange: Exchange[9E36EB4ABFF6EE3-0000000000000013]
at org.apache.camel.component.bean.BeanInfo.createInvocation(BeanInfo.java:263) ~[camel-bean-3.16.0.jar:3.16.0]
at org.apache.camel.component.bean.AbstractBeanProcessor.process(AbstractBeanProcessor.java:126) ~[camel-bean-3.16.0.jar:3.16.0]
at org.apache.camel.impl.engine.DefaultAsyncProcessorAwaitManager.process(DefaultAsyncProcessorAwaitManager.java:83) ~[camel-base-engine-3.16.0.jar:3.16.0]
at org.apache.camel.support.AsyncProcessorSupport.process(AsyncProcessorSupport.java:41) ~[camel-support-3.16.0.jar:3.16.0]
at org.apache.camel.language.bean.BeanExpression.invokeBean(BeanExpression.java:347) ~[camel-bean-3.16.0.jar:3.16.0]
at org.apache.camel.language.bean.BeanExpression.invokeOgnlMethod(BeanExpression.java:449) ~[camel-bean-3.16.0.jar:3.16.0]
... 49 common frames omitted
I'm using the DAPS on port 4567 instead of 80. Do you think that can be the reason for the error? I saw that an older version of the trusted connector could only use port 80.
I saw in the other issue that you are using http
instead of https
in the DAPS_URL
environment variable. Could you try using https
instead?
I was using http
because I was running the DAPS without TLS certificates.
I changed everything to https
with the default port and the previous error disappear. I think it was because the trusted connector could not handle defining a port (currently I'm using the 443, meaning I don't define one on the URL)
However, using https
makes the logging system
return an unable to get local issuer certificate
.
Do you think that this is because the certificates are not trusted (I used the multistage dockerfiles to insert the new certificate into the ca-certificates
directory)?
Did you also mount the certificate as a volume in the docker containers of logging-service
, document-api
and keyring-api
?
Yes. My logging service container is instantiated like this:
logging-service:
container_name: "logging-service"
build:
context: ../ids-clearing-house-service
dockerfile: docker/logging-service-multistage.Dockerfile
depends_on:
- document-api
- keyring-api
- logging-service-mongo
environment:
# Allowed levels: Off, Error, Warn, Info, Debug, Trace
- API_LOG_LEVEL=Debug
volumes:
- ./data/Rocket.toml:/server/Rocket.toml
- ./data/keys:/server/keys
- ./data/certs:/server/certs
# - ./data/certificates-daps:/usr/local/share/ca-certificates
Can you connect to the docker container of your logging-service and check if you can connect with your DAPS using openssl?
docker exec -ti logging-service bash
to get into the containeropenssl s_client -connect <daps-url>:443 -CAfile /etc/ssl/certs/<daps-pem-file>
to connect to your DAPSYou should get Verify return code: 0 (ok)
The response is Verify return code: 21 (unable to verify the first certificate)
.
I'm not using a local CA. I created the DAPS certificates using a script provided in the repository. Do you think that could be the reason for the error?
The response says, that it can't validate the certificate, so the truststore in the container does not yet have the required certificate. For the standard DAPS this is done by lines 13 and 14 in the
multi-stage dockerfiles. Be aware that update-ca-certificates expects your certificate to have the ending .crt
.
Did you build the containers with your daps-certificate, i.e. you changed line 13?
Yes. I updated my certificate's name to be daps_cachain.crt
.
With openssl s_client -connect <daps-url>:443 -CAfile /etc/ssl/certs/<daps-pem-file>
you should also see the certificate your daps returns. Can you check that this is the same one, you used when building the docker containers?
That is it. The certificate is not changing. It still uses the certificate the DAPS created.
When building I use a daps_cachain.crt
file. The file used with the line openssl s_client -connect <daps-url>:443 -CA file /etc/ssl/certs/<daps-pem-file>
asks for a daps_cachain.pem
file. Do you know if it converts it to a pem extension?
No, it will not convert them automatically, you'll have to do that yourself
So, I updated my docker-compose to include the pem file in the bind mount.
logging-service:
container_name: "logging-service"
build:
context: ../ids-clearing-house-service
dockerfile: docker/logging-service-multistage.Dockerfile
depends_on:
- document-api
- keyring-api
- logging-service-mongo
environment:
# Allowed levels: Off, Error, Warn, Info, Debug, Trace
- API_LOG_LEVEL=Debug
volumes:
- ./data/Rocket.toml:/server/Rocket.toml
- ./data/keys:/server/keys
- ./data/certs:/server/certs
- ./data/truststore/daps_cachain.pem:/etc/ssl/certs/daps_cachain.pem
Despite doing this, the Fraunhofer pem
file is not overridden. Am I missing some extra step?
Actually, I don't think you should add this last volume and I may have understood you last question wrong. The /ssl/certs
folder is created by ca-certificates and contains all your trusted certificates ready to use with openssl. It also creates one long certificate with all trusted certificates /etc/ssl/certs/ca-certificates.crt
.
For the standard DAPS both calls work:
openssl s_client -connect daps.aisec.fraunhofer.de:443 -CAfile /etc/ssl/certs/ca-certificates.crt
openssl s_client -connect daps.aisec.fraunhofer.de:443 -CAfile /etc/ssl/certs/daps_cachain.pem
You have to check with the ca-certificates
package how you can get rid of a certificate. But if you only want to add your own certificate it should be enough to copy the certificate to /usr/local/share/ca-certificates/
and run update-ca-certificates
in the container
That is the problem. However, I'm not able to remove or override the older certificate.
I was checking and despite the command openssl s_client -connect <daps-url>:443 -CAfile /etc/ssl/certs/<daps-pem-file>
not returning the correct certificate, if I use vi
to read file ca-certificate.crt
the key appears there.
Also, if I use vim
to read the daps_cachain.pem
it has the correct certificate inside. However, when I use the openssl s_client -connect <daps-url>:443 -CAfile /etc/ssl/certs/daps_cachain.pem
it return the Fraunnofer DAPS.
Just to be clear, you fill <daps-url>
with the url of your local DAPS and when you run the command your DAPS sends the Fraunhofer DAPS certificate for the TLS handshake, correct?
This means that your DAPS is not configured correctly, i.e. it doesn't use your own certificates.
Why might this be a problem? I do know that the Trusted Connector checks that the domain certificate matches the domain when opening a connection to another connector. But I don't know for sure that it does the same when communicating with a DAPS, though it does seem likely.
I'm sorry. You are saying my DAPS configuration is not correct. You mean the DAPS configuration on my trusted connector and logging system is not correct or that the DAPS itself is not correct?
Because the DSC connectors and the Metadata Broker can communicate with the DAPS without problem.
On the previous comment I also meant that when opening the file /etc/ssl/certs/daps_cachain.pem
it shows the correct certificate, but when running the command it send the incorrect. Do you think this could be because of some temporary file or that the certificate tries to complete the information with one simular (they are issued for the same virtual machine)?
What openssl s_client -connect <daps-url>:443
does is that it establishes a SSL/TLS connection with the <daps-url>
. The -CAfile
option tells openssl where it can find a certificate that might be needed for validating the certificate that is sent by the server.
So if you run this command you will see something like this:
Certificate chain 0 s:/C=DE/O=Fraunhofer/OU=AISEC/CN=7b3df441-e8ad-4d5c-a4a8-9b29f5a330fb i:/C=DE/O=Fraunhofer/CN=IDS Test SubCA 2018
Server certificate -----BEGIN CERTIFICATE-----
This is followed by the server certificate of your DAPS running on
From what I understand the DAPS is still sending another certificate than the one you tried to add to the CH, correct?
Correct. It still sends the Fraunhofer DAPS certificate instead of the new one.
This means that your local DAPS is still configured to use the Fraunhofer DAPS certificate (A) instead of your new one (B).
So you have two options:
Thank you very much. Sorry for the confusion, I'm still new to working with certificates.
Now, the only step left is making the certificate a trusted certificate.
Solved issue. Thank you very much for the support.
To share information, the error was caused because the certificate on directory ids-clearing-house-service/docker
was not the one used on DAPS to validate its own identity. This means, I was using, incorrectly, the one created for the machine and that was used on directory data/certs
(in der format). The one that should be used is the TLS certificate that DAPS uses on its docker-compose.
Hello. I'm trying to connect the Clearing House with the DSC and a local DAPS. However, when trying to connect these components, the Trusted Connector container of the CH is unable to retrieve the token. The Logging system is working as intended.
The other components (i.e. DSC and Broker) are able to receive the DAT. Could there be a missing part of the setup that causes that?
I show the logs from the Connector and Trusted-connector container below. The logging system says it was able to retrieve the token.
These are the obtained logs of the DSC:
These are the logs from the Trusted Connector
I'm using the stack trace on the routes file.