tmberthold
commented
2 years ago (DSC: The DSC receives an HTTP Error 500 from the CH as a response to the sent request response-code=(500))
Closed AnaCarolinaChaves closed 2 years ago
tmberthold
commented
2 years ago (DSC: The DSC receives an HTTP Error 500 from the CH as a response to the sent request response-code=(500))
AnaCarolinaChaves
commented
2 years ago The response from the DAPS is a code 200. Is on the CH trusted connector that the error is thrown.
kragall
commented
2 years ago So far this issue seems very similar to #18. Just for background info: the CH uses parts of the Trusted Connector to connect to the DAPS and the Exception you encountered is thrown there by AisecDapsDriver.getToken(). As the cause of the error is a connection exception, it would be great to know what caused the java.net.ConnectException in the first place.
Could you try to add
<log message="### With Cause ${exception.cause.stacktrace} ###"/> to the routes.xml
and see if we can get more information about the ConnectException?
AnaCarolinaChaves
commented
2 years ago The logs presented already had the line. I read the issue and used the lines for the stack trace shown there.
AnaCarolinaChaves
commented
2 years ago I'll send the rest of the logs. It says that the reason is a null value.
2022-06-21 13:06:04.106 DEBUG 1 --- [qtp753549713-39] d.f.a.i.c.m.MultiPartStringParser : Found body with Content-Type "application/ld+json; charset=utf-8"
2022-06-21 13:06:04.168 DEBUG 1 --- [qtp753549713-39] c.ClearingHouseInfomodelParsingProcessor : Using Charset from Content-Type header: utf-8
2022-06-21 13:06:04.324 DEBUG 1 --- [qtp753549713-39] d.f.a.i.i.d.d.a.AisecDapsDriver : AKI: C4:10:D7:AB:4B:F0:81:45:96:06:97:AD:2A:01:47:D0:C5:F0:45:AC:
2022-06-21 13:06:04.327 DEBUG 1 --- [qtp753549713-39] d.f.a.i.i.d.d.a.AisecDapsDriver : SKI: C4:10:D7:AB:4B:F0:81:45:96:06:97:AD:2A:01:47:D0:C5:F0:45:AC:
2022-06-21 13:06:04.473 INFO 1 --- [qtp753549713-39] d.f.a.i.i.d.d.a.AisecDapsDriver : Retrieving Dynamic Attribute Token from DAPS ...
2022-06-21 13:06:04.474 DEBUG 1 --- [qtp753549713-39] d.f.a.i.i.d.d.a.AisecDapsDriver : ConnectorUUID: C4:10:D7:AB:4B:F0:81:45:96:06:97:AD:2A:01:47:D0:C5:F0:45:AC:keyid:C4:10:D7:AB:4B:F0:81:45:96:06:97:AD:2A:01:47:D0:C5:F0:45:AC
2022-06-21 13:06:04.496 INFO 1 --- [qtp753549713-39] CH_MULTIPART_ROUTE : ### Handle class de.fhg.aisec.ids.idscp2.idscp_core.error.DatException ###
2022-06-21 13:06:04.506 INFO 1 --- [qtp753549713-39] CH_MULTIPART_ROUTE : ### Handle de.fhg.aisec.ids.idscp2.idscp_core.error.DatException: Error whilst retrieving DAT ###
2022-06-21 13:06:04.508 INFO 1 --- [qtp753549713-39] CH_MULTIPART_ROUTE : ### With Trace de.fhg.aisec.ids.idscp2.idscp_core.error.DatException: Error whilst retrieving DAT
at de.fhg.aisec.ids.idscp2.default_drivers.daps.aisec_daps.AisecDapsDriver.getToken(AisecDapsDriver.kt:342)
at de.fhg.aisec.ids.clearinghouse.ClearingHouseOutputProcessor$Companion.processClearingHouseOutput(ClearingHouseOutputProcessor.kt:65)
at de.fhg.aisec.ids.clearinghouse.ClearingHouseOutputProcessor.process(ClearingHouseOutputProcessor.kt:40)
at org.apache.camel.support.processor.DelegateSyncProcessor.process(DelegateSyncProcessor.java:65)
at org.apache.camel.support.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:104)
at de.fhg.aisec.ids.dataflowcontrol.PolicyEnforcementPoint.process(PolicyEnforcementPoint.kt:201)
at org.apache.camel.support.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:104)
at org.apache.camel.processor.errorhandler.RedeliveryErrorHandler$RedeliveryTask.doRun(RedeliveryErrorHandler.java:812)
at org.apache.camel.processor.errorhandler.RedeliveryErrorHandler$RedeliveryTask.run(RedeliveryErrorHandler.java:720)
at org.apache.camel.impl.engine.DefaultReactiveExecutor$Worker.schedule(DefaultReactiveExecutor.java:193)
at org.apache.camel.impl.engine.DefaultReactiveExecutor.scheduleMain(DefaultReactiveExecutor.java:64)
at org.apache.camel.processor.Pipeline.process(Pipeline.java:184)
at org.apache.camel.impl.engine.CamelInternalProcessor.process(CamelInternalProcessor.java:399)
at org.apache.camel.component.jetty.CamelContinuationServlet.doService(CamelContinuationServlet.java:245)
at org.apache.camel.http.common.CamelServlet.service(CamelServlet.java:130)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:584)
at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:799)
at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:550)
at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:233)
at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1440)
at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:188)
at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:501)
at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:186)
at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1355)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127)
at org.eclipse.jetty.server.Server.handle(Server.java:516)
at org.eclipse.jetty.server.HttpChannel.lambda$handle$1(HttpChannel.java:487)
at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:732)
at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:479)
at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:277)
at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:311)
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:105)
at org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.onFillable(SslConnection.java:555)
at org.eclipse.jetty.io.ssl.SslConnection.onFillable(SslConnection.java:410)
at org.eclipse.jetty.io.ssl.SslConnection$2.succeeded(SslConnection.java:164)
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:105)
at org.eclipse.jetty.io.ChannelEndPoint$1.run(ChannelEndPoint.java:104)
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:338)
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:315)
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:173)
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:131)
at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:409)
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:883)
at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1034)
at java.base/java.lang.Thread.run(Thread.java:833)
Caused by: java.net.ConnectException
at java.net.http/jdk.internal.net.http.common.Utils.toConnectException(Utils.java:1047)
at java.net.http/jdk.internal.net.http.PlainHttpConnection.connectAsync(PlainHttpConnection.java:198)
at java.net.http/jdk.internal.net.http.PlainHttpConnection.checkRetryConnect(PlainHttpConnection.java:230)
at java.net.http/jdk.internal.net.http.PlainHttpConnection.lambda$connectAsync$1(PlainHttpConnection.java:206)
at java.base/java.util.concurrent.CompletableFuture.uniHandle(CompletableFuture.java:934)
at java.base/java.util.concurrent.CompletableFuture$UniHandle.tryFire(CompletableFuture.java:911)
at java.base/java.util.concurrent.CompletableFuture.postComplete(CompletableFuture.java:510)
at java.base/java.util.concurrent.CompletableFuture$AsyncSupply.run(CompletableFuture.java:1773)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635)
... 1 more
Caused by: java.nio.channels.ClosedChannelException
at java.base/sun.nio.ch.SocketChannelImpl.ensureOpen(SocketChannelImpl.java:195)
at java.base/sun.nio.ch.SocketChannelImpl.beginConnect(SocketChannelImpl.java:760)
at java.base/sun.nio.ch.SocketChannelImpl.connect(SocketChannelImpl.java:848)
at java.net.http/jdk.internal.net.http.PlainHttpConnection.lambda$connectAsync$0(PlainHttpConnection.java:183)
at java.base/java.security.AccessController.doPrivileged(AccessController.java:569)
at java.net.http/jdk.internal.net.http.PlainHttpConnection.connectAsync(PlainHttpConnection.java:185)
... 9 more
###
2022-06-21 13:06:04.512 ERROR 1 --- [qtp753549713-39] o.a.c.p.FatalFallbackErrorHandler : Exception occurred while trying to handle previously thrown exception on exchangeId: 9E36EB4ABFF6EE3-0000000000000013 using: [null]. The previous and the new exception will be logged in the following.
2022-06-21 13:06:04.513 ERROR 1 --- [qtp753549713-39] o.a.c.p.FatalFallbackErrorHandler : \--> Previous exception on exchangeId: 9E36EB4ABFF6EE3-0000000000000013
de.fhg.aisec.ids.idscp2.idscp_core.error.DatException: Error whilst retrieving DAT
at de.fhg.aisec.ids.idscp2.default_drivers.daps.aisec_daps.AisecDapsDriver.getToken(AisecDapsDriver.kt:342) ~[idscp2-0.10.3.jar:na]
at de.fhg.aisec.ids.clearinghouse.ClearingHouseOutputProcessor$Companion.processClearingHouseOutput(ClearingHouseOutputProcessor.kt:65) ~[clearing-house-processors.jar:na]
at de.fhg.aisec.ids.clearinghouse.ClearingHouseOutputProcessor.process(ClearingHouseOutputProcessor.kt:40) ~[clearing-house-processors.jar:na]
at org.apache.camel.support.processor.DelegateSyncProcessor.process(DelegateSyncProcessor.java:65) ~[camel-support-3.16.0.jar:3.16.0]
at org.apache.camel.support.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:104) ~[camel-support-3.16.0.jar:3.16.0]
at de.fhg.aisec.ids.dataflowcontrol.PolicyEnforcementPoint.process(PolicyEnforcementPoint.kt:201) ~[ids-dataflow-control-6.3.0.jar:na]
at org.apache.camel.support.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:104) ~[camel-support-3.16.0.jar:3.16.0]
at org.apache.camel.processor.errorhandler.RedeliveryErrorHandler$RedeliveryTask.doRun(RedeliveryErrorHandler.java:812) ~[camel-core-processor-3.16.0.jar:3.16.0]
at org.apache.camel.processor.errorhandler.RedeliveryErrorHandler$RedeliveryTask.run(RedeliveryErrorHandler.java:720) ~[camel-core-processor-3.16.0.jar:3.16.0]
at org.apache.camel.impl.engine.DefaultReactiveExecutor$Worker.schedule(DefaultReactiveExecutor.java:193) ~[camel-base-engine-3.16.0.jar:3.16.0]
at org.apache.camel.impl.engine.DefaultReactiveExecutor.scheduleMain(DefaultReactiveExecutor.java:64) ~[camel-base-engine-3.16.0.jar:3.16.0]
at org.apache.camel.processor.Pipeline.process(Pipeline.java:184) ~[camel-core-processor-3.16.0.jar:3.16.0]
at org.apache.camel.impl.engine.CamelInternalProcessor.process(CamelInternalProcessor.java:399) ~[camel-base-engine-3.16.0.jar:3.16.0]
at org.apache.camel.component.jetty.CamelContinuationServlet.doService(CamelContinuationServlet.java:245) ~[camel-jetty-common-3.16.0.jar:3.16.0]
at org.apache.camel.http.common.CamelServlet.service(CamelServlet.java:130) ~[camel-http-common-3.16.0.jar:3.16.0]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:584) ~[jakarta.servlet-api-4.0.4.jar:4.0.4]
at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:799) ~[jetty-servlet-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:550) ~[jetty-servlet-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:233) ~[jetty-server-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1440) ~[jetty-server-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:188) ~[jetty-server-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:501) ~[jetty-servlet-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:186) ~[jetty-server-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1355) ~[jetty-server-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) ~[jetty-server-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127) ~[jetty-server-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.server.Server.handle(Server.java:516) ~[jetty-server-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.server.HttpChannel.lambda$handle$1(HttpChannel.java:487) ~[jetty-server-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:732) ~[jetty-server-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:479) ~[jetty-server-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:277) ~[jetty-server-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:311) ~[jetty-io-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:105) ~[jetty-io-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.onFillable(SslConnection.java:555) ~[jetty-io-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.io.ssl.SslConnection.onFillable(SslConnection.java:410) ~[jetty-io-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.io.ssl.SslConnection$2.succeeded(SslConnection.java:164) ~[jetty-io-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:105) ~[jetty-io-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.io.ChannelEndPoint$1.run(ChannelEndPoint.java:104) ~[jetty-io-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:338) ~[jetty-util-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:315) ~[jetty-util-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:173) ~[jetty-util-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:131) ~[jetty-util-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:409) ~[jetty-util-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:883) ~[jetty-util-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1034) ~[jetty-util-9.4.45.v20220203.jar:9.4.45.v20220203]
at java.base/java.lang.Thread.run(Thread.java:833) ~[na:na]
Caused by: java.net.ConnectException: null
at java.net.http/jdk.internal.net.http.common.Utils.toConnectException(Utils.java:1047) ~[java.net.http:na]
at java.net.http/jdk.internal.net.http.PlainHttpConnection.connectAsync(PlainHttpConnection.java:198) ~[java.net.http:na]
at java.net.http/jdk.internal.net.http.PlainHttpConnection.checkRetryConnect(PlainHttpConnection.java:230) ~[java.net.http:na]
at java.net.http/jdk.internal.net.http.PlainHttpConnection.lambda$connectAsync$1(PlainHttpConnection.java:206) ~[java.net.http:na]
at java.base/java.util.concurrent.CompletableFuture.uniHandle(CompletableFuture.java:934) ~[na:na]
at java.base/java.util.concurrent.CompletableFuture$UniHandle.tryFire(CompletableFuture.java:911) ~[na:na]
at java.base/java.util.concurrent.CompletableFuture.postComplete(CompletableFuture.java:510) ~[na:na]
at java.base/java.util.concurrent.CompletableFuture$AsyncSupply.run(CompletableFuture.java:1773) ~[na:na]
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136) ~[na:na]
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635) ~[na:na]
... 1 common frames omitted
Caused by: java.nio.channels.ClosedChannelException: null
at java.base/sun.nio.ch.SocketChannelImpl.ensureOpen(SocketChannelImpl.java:195) ~[na:na]
at java.base/sun.nio.ch.SocketChannelImpl.beginConnect(SocketChannelImpl.java:760) ~[na:na]
at java.base/sun.nio.ch.SocketChannelImpl.connect(SocketChannelImpl.java:848) ~[na:na]
at java.net.http/jdk.internal.net.http.PlainHttpConnection.lambda$connectAsync$0(PlainHttpConnection.java:183) ~[java.net.http:na]
at java.base/java.security.AccessController.doPrivileged(AccessController.java:569) ~[na:na]
at java.net.http/jdk.internal.net.http.PlainHttpConnection.connectAsync(PlainHttpConnection.java:185) ~[java.net.http:na]
... 9 common frames omitted
2022-06-21 13:06:04.514 ERROR 1 --- [qtp753549713-39] o.a.c.p.FatalFallbackErrorHandler : \--> New exception on exchangeId: 9E36EB4ABFF6EE3-0000000000000013
org.apache.camel.language.bean.RuntimeBeanExpressionException: Failed to invoke method: stacktrace on null due to: org.apache.camel.component.bean.MethodNotFoundException: Method with name: stacktrace not found on bean: java.net.ConnectException of type: java.net.ConnectException on the exchange: Exchange[9E36EB4ABFF6EE3-0000000000000013]
at org.apache.camel.language.bean.BeanExpression.invokeOgnlMethod(BeanExpression.java:453) ~[camel-bean-3.16.0.jar:3.16.0]
at org.apache.camel.language.bean.BeanExpression.evaluate(BeanExpression.java:199) ~[camel-bean-3.16.0.jar:3.16.0]
at org.apache.camel.language.bean.BeanExpression.evaluate(BeanExpression.java:214) ~[camel-bean-3.16.0.jar:3.16.0]
at org.apache.camel.language.simple.SimpleExpressionBuilder$31.evaluate(SimpleExpressionBuilder.java:912) ~[camel-core-languages-3.16.0.jar:3.16.0]
at org.apache.camel.support.ExpressionAdapter.evaluate(ExpressionAdapter.java:45) ~[camel-support-3.16.0.jar:3.16.0]
at org.apache.camel.support.builder.ExpressionBuilder$51.evaluate(ExpressionBuilder.java:1560) ~[camel-support-3.16.0.jar:3.16.0]
at org.apache.camel.support.ExpressionAdapter.evaluate(ExpressionAdapter.java:45) ~[camel-support-3.16.0.jar:3.16.0]
at org.apache.camel.processor.LogProcessor.process(LogProcessor.java:71) ~[camel-core-processor-3.16.0.jar:3.16.0]
at org.apache.camel.support.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:104) ~[camel-support-3.16.0.jar:3.16.0]
at de.fhg.aisec.ids.dataflowcontrol.PolicyEnforcementPoint.process(PolicyEnforcementPoint.kt:201) ~[ids-dataflow-control-6.3.0.jar:na]
at org.apache.camel.support.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:104) ~[camel-support-3.16.0.jar:3.16.0]
at org.apache.camel.impl.engine.CamelInternalProcessor.process(CamelInternalProcessor.java:399) ~[camel-base-engine-3.16.0.jar:3.16.0]
at org.apache.camel.processor.Pipeline$PipelineTask.run(Pipeline.java:109) ~[camel-core-processor-3.16.0.jar:3.16.0]
at org.apache.camel.impl.engine.DefaultReactiveExecutor$Worker.schedule(DefaultReactiveExecutor.java:193) ~[camel-base-engine-3.16.0.jar:3.16.0]
at org.apache.camel.impl.engine.DefaultReactiveExecutor.scheduleMain(DefaultReactiveExecutor.java:64) ~[camel-base-engine-3.16.0.jar:3.16.0]
at org.apache.camel.processor.Pipeline.process(Pipeline.java:184) ~[camel-core-processor-3.16.0.jar:3.16.0]
at org.apache.camel.impl.engine.CamelInternalProcessor.process(CamelInternalProcessor.java:399) ~[camel-base-engine-3.16.0.jar:3.16.0]
at org.apache.camel.component.jetty.CamelContinuationServlet.doService(CamelContinuationServlet.java:245) ~[camel-jetty-common-3.16.0.jar:3.16.0]
at org.apache.camel.http.common.CamelServlet.service(CamelServlet.java:130) ~[camel-http-common-3.16.0.jar:3.16.0]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:584) ~[jakarta.servlet-api-4.0.4.jar:4.0.4]
at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:799) ~[jetty-servlet-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:550) ~[jetty-servlet-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:233) ~[jetty-server-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1440) ~[jetty-server-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:188) ~[jetty-server-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:501) ~[jetty-servlet-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:186) ~[jetty-server-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1355) ~[jetty-server-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) ~[jetty-server-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127) ~[jetty-server-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.server.Server.handle(Server.java:516) ~[jetty-server-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.server.HttpChannel.lambda$handle$1(HttpChannel.java:487) ~[jetty-server-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:732) ~[jetty-server-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:479) ~[jetty-server-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:277) ~[jetty-server-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:311) ~[jetty-io-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:105) ~[jetty-io-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.onFillable(SslConnection.java:555) ~[jetty-io-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.io.ssl.SslConnection.onFillable(SslConnection.java:410) ~[jetty-io-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.io.ssl.SslConnection$2.succeeded(SslConnection.java:164) ~[jetty-io-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:105) ~[jetty-io-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.io.ChannelEndPoint$1.run(ChannelEndPoint.java:104) ~[jetty-io-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:338) ~[jetty-util-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:315) ~[jetty-util-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:173) ~[jetty-util-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:131) ~[jetty-util-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:409) ~[jetty-util-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:883) ~[jetty-util-9.4.45.v20220203.jar:9.4.45.v20220203]
at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1034) ~[jetty-util-9.4.45.v20220203.jar:9.4.45.v20220203]
at java.base/java.lang.Thread.run(Thread.java:833) ~[na:na]
Caused by: org.apache.camel.component.bean.MethodNotFoundException: Method with name: stacktrace not found on bean: java.net.ConnectException of type: java.net.ConnectException on the exchange: Exchange[9E36EB4ABFF6EE3-0000000000000013]
at org.apache.camel.component.bean.BeanInfo.createInvocation(BeanInfo.java:263) ~[camel-bean-3.16.0.jar:3.16.0]
at org.apache.camel.component.bean.AbstractBeanProcessor.process(AbstractBeanProcessor.java:126) ~[camel-bean-3.16.0.jar:3.16.0]
at org.apache.camel.impl.engine.DefaultAsyncProcessorAwaitManager.process(DefaultAsyncProcessorAwaitManager.java:83) ~[camel-base-engine-3.16.0.jar:3.16.0]
at org.apache.camel.support.AsyncProcessorSupport.process(AsyncProcessorSupport.java:41) ~[camel-support-3.16.0.jar:3.16.0]
at org.apache.camel.language.bean.BeanExpression.invokeBean(BeanExpression.java:347) ~[camel-bean-3.16.0.jar:3.16.0]
at org.apache.camel.language.bean.BeanExpression.invokeOgnlMethod(BeanExpression.java:449) ~[camel-bean-3.16.0.jar:3.16.0]
... 49 common frames omitted
I'm using the DAPS on port 4567 instead of 80. Do you think that can be the reason for the error? I saw that an older version of the trusted connector could only use port 80.
kragall
commented
2 years ago I saw in the other issue that you are using http instead of https in the DAPS_URL environment variable. Could you try using https instead?
AnaCarolinaChaves
commented
2 years ago I was using http because I was running the DAPS without TLS certificates.
I changed everything to https with the default port and the previous error disappear. I think it was because the trusted connector could not handle defining a port (currently I'm using the 443, meaning I don't define one on the URL)
AnaCarolinaChaves
commented
2 years ago However, using https makes the logging system return an unable to get local issuer certificate.
Do you think that this is because the certificates are not trusted (I used the multistage dockerfiles to insert the new certificate into the ca-certificatesdirectory)?
kragall
commented
2 years ago Did you also mount the certificate as a volume in the docker containers of logging-service, document-api and keyring-api?
AnaCarolinaChaves
commented
2 years ago Yes. My logging service container is instantiated like this:
logging-service:
container_name: "logging-service"
build:
context: ../ids-clearing-house-service
dockerfile: docker/logging-service-multistage.Dockerfile
depends_on:
- document-api
- keyring-api
- logging-service-mongo
environment:
# Allowed levels: Off, Error, Warn, Info, Debug, Trace
- API_LOG_LEVEL=Debug
volumes:
- ./data/Rocket.toml:/server/Rocket.toml
- ./data/keys:/server/keys
- ./data/certs:/server/certs
# - ./data/certificates-daps:/usr/local/share/ca-certificatesCan you connect to the docker container of your logging-service and check if you can connect with your DAPS using openssl?
docker exec -ti logging-service bash to get into the containeropenssl s_client -connect <daps-url>:443 -CAfile /etc/ssl/certs/<daps-pem-file> to connect to your DAPSYou should get Verify return code: 0 (ok)
AnaCarolinaChaves
commented
2 years ago The response is Verify return code: 21 (unable to verify the first certificate).
AnaCarolinaChaves
commented
2 years ago I'm not using a local CA. I created the DAPS certificates using a script provided in the repository. Do you think that could be the reason for the error?
kragall
commented
2 years ago The response says, that it can't validate the certificate, so the truststore in the container does not yet have the required certificate. For the standard DAPS this is done by lines 13 and 14 in the
multi-stage dockerfiles. Be aware that update-ca-certificates expects your certificate to have the ending .crt.
Did you build the containers with your daps-certificate, i.e. you changed line 13?
AnaCarolinaChaves
commented
2 years ago Yes. I updated my certificate's name to be daps_cachain.crt.
kragall
commented
2 years ago With openssl s_client -connect <daps-url>:443 -CAfile /etc/ssl/certs/<daps-pem-file> you should also see the certificate your daps returns. Can you check that this is the same one, you used when building the docker containers?
AnaCarolinaChaves
commented
2 years ago That is it. The certificate is not changing. It still uses the certificate the DAPS created.
When building I use a daps_cachain.crt file. The file used with the line openssl s_client -connect <daps-url>:443 -CA file /etc/ssl/certs/<daps-pem-file> asks for a daps_cachain.pem file. Do you know if it converts it to a pem extension?
kragall
commented
2 years ago No, it will not convert them automatically, you'll have to do that yourself
AnaCarolinaChaves
commented
2 years ago So, I updated my docker-compose to include the pem file in the bind mount.
logging-service:
container_name: "logging-service"
build:
context: ../ids-clearing-house-service
dockerfile: docker/logging-service-multistage.Dockerfile
depends_on:
- document-api
- keyring-api
- logging-service-mongo
environment:
# Allowed levels: Off, Error, Warn, Info, Debug, Trace
- API_LOG_LEVEL=Debug
volumes:
- ./data/Rocket.toml:/server/Rocket.toml
- ./data/keys:/server/keys
- ./data/certs:/server/certs
- ./data/truststore/daps_cachain.pem:/etc/ssl/certs/daps_cachain.pemDespite doing this, the Fraunhofer pem file is not overridden. Am I missing some extra step?
kragall
commented
2 years ago Actually, I don't think you should add this last volume and I may have understood you last question wrong. The /ssl/certs folder is created by ca-certificates and contains all your trusted certificates ready to use with openssl. It also creates one long certificate with all trusted certificates /etc/ssl/certs/ca-certificates.crt.
For the standard DAPS both calls work:
openssl s_client -connect daps.aisec.fraunhofer.de:443 -CAfile /etc/ssl/certs/ca-certificates.crtopenssl s_client -connect daps.aisec.fraunhofer.de:443 -CAfile /etc/ssl/certs/daps_cachain.pemYou have to check with the ca-certificates package how you can get rid of a certificate. But if you only want to add your own certificate it should be enough to copy the certificate to /usr/local/share/ca-certificates/ and run update-ca-certificates in the container
AnaCarolinaChaves
commented
2 years ago That is the problem. However, I'm not able to remove or override the older certificate.
AnaCarolinaChaves
commented
2 years ago I was checking and despite the command openssl s_client -connect <daps-url>:443 -CAfile /etc/ssl/certs/<daps-pem-file> not returning the correct certificate, if I use vi to read file ca-certificate.crt the key appears there.
Also, if I use vim to read the daps_cachain.pem it has the correct certificate inside. However, when I use the openssl s_client -connect <daps-url>:443 -CAfile /etc/ssl/certs/daps_cachain.pem it return the Fraunnofer DAPS.
kragall
commented
2 years ago Just to be clear, you fill <daps-url> with the url of your local DAPS and when you run the command your DAPS sends the Fraunhofer DAPS certificate for the TLS handshake, correct?
This means that your DAPS is not configured correctly, i.e. it doesn't use your own certificates.
Why might this be a problem? I do know that the Trusted Connector checks that the domain certificate matches the domain when opening a connection to another connector. But I don't know for sure that it does the same when communicating with a DAPS, though it does seem likely.
AnaCarolinaChaves
commented
2 years ago I'm sorry. You are saying my DAPS configuration is not correct. You mean the DAPS configuration on my trusted connector and logging system is not correct or that the DAPS itself is not correct?
Because the DSC connectors and the Metadata Broker can communicate with the DAPS without problem.
On the previous comment I also meant that when opening the file /etc/ssl/certs/daps_cachain.pem it shows the correct certificate, but when running the command it send the incorrect. Do you think this could be because of some temporary file or that the certificate tries to complete the information with one simular (they are issued for the same virtual machine)?
kragall
commented
2 years ago What openssl s_client -connect <daps-url>:443 does is that it establishes a SSL/TLS connection with the <daps-url>. The -CAfile option tells openssl where it can find a certificate that might be needed for validating the certificate that is sent by the server.
So if you run this command you will see something like this:
Certificate chain 0 s:/C=DE/O=Fraunhofer/OU=AISEC/CN=7b3df441-e8ad-4d5c-a4a8-9b29f5a330fb i:/C=DE/O=Fraunhofer/CN=IDS Test SubCA 2018
Server certificate -----BEGIN CERTIFICATE-----
This is followed by the server certificate of your DAPS running on
From what I understand the DAPS is still sending another certificate than the one you tried to add to the CH, correct?
AnaCarolinaChaves
commented
2 years ago Correct. It still sends the Fraunhofer DAPS certificate instead of the new one.
kragall
commented
2 years ago This means that your local DAPS is still configured to use the Fraunhofer DAPS certificate (A) instead of your new one (B).
So you have two options:
AnaCarolinaChaves
commented
2 years ago Thank you very much. Sorry for the confusion, I'm still new to working with certificates.
Now, the only step left is making the certificate a trusted certificate.
AnaCarolinaChaves
commented
2 years ago Solved issue. Thank you very much for the support.
To share information, the error was caused because the certificate on directory ids-clearing-house-service/docker was not the one used on DAPS to validate its own identity. This means, I was using, incorrectly, the one created for the machine and that was used on directory data/certs (in der format). The one that should be used is the TLS certificate that DAPS uses on its docker-compose.
Hello. I'm trying to connect the Clearing House with the DSC and a local DAPS. However, when trying to connect these components, the Trusted Connector container of the CH is unable to retrieve the token. The Logging system is working as intended.
The other components (i.e. DSC and Broker) are able to receive the DAT. Could there be a missing part of the setup that causes that?
I show the logs from the Connector and Trusted-connector container below. The logging system says it was able to retrieve the token.
These are the obtained logs of the DSC:
These are the logs from the Trusted Connector
I'm using the stack trace on the routes file.