How to deploy connectora,connectorb,and broker on three computers separately?

fcm2000105 commented 10 months ago

I have three computers, and I want to deploy connectora as A provider on computer A, connector b as a consumer on computer B, and broker on computer c. I encountered the following error when registering connectors in the broker: connectora | 2023-10-30T10:39:06,407 [http-nio-8080-exec-3] INFO - Cached DAPS DAT expired or no expiration set. [expiration=(2023-10-30T09:27:18.000+0000), code=(IMSCOI0052)] omejdn-server | 172.28.0.2 - - [30/Oct/2023:10:39:06 +0000] "POST /token HTTP/1.1" 200 1575 0.0123 omejdn | 172.28.0.6 - - [30/Oct/2023:10:39:06 +0000] "POST /auth/token HTTP/1.1" 200 1575 "-" "okhttp/4.10.0" "-" connectora | 2023-10-30T10:39:06,511 [http-nio-8080-exec-3] INFO - Successfully received DAT from DAPS. [code=(IMSCOI0054)] connectora | 2023-10-30T10:39:06,589 [http-nio-8080-exec-3] INFO - Successfully loaded Keystore. [code=(IMSCOI0049)] connectora | 2023-10-30T10:39:06,664 [http-nio-8080-exec-3] INFO - Successfully loaded Truststore. [code=(IMSCOI0049)] connectora | 2023-10-30T10:39:06,673 [http-nio-8080-exec-3] INFO - Using cached DAPS DAT. [expiration=(2023-10-30T11:39:06.000+0000), code=(IMSCOI0053)] connectora | 2023-10-30T10:39:06,705 [http-nio-8080-exec-3] INFO - Sending request to https://100.75.144.100:444/infrastructure ... [code=(IMSMEI0065)] connectora | 2023-10-30T10:39:06,740 [http-nio-8080-exec-3] DEBUG - Message sending failed. [exception=(javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target)] connectora | ids.messaging.protocol.http.SendMessageException: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

jfernandezsqs commented 9 months ago

Hello @fcm2000105,

Please, ensure that you have configured correctly the following steps:

Ensure that for the DAPS all the MDB and DSC “.cert” certificates are registered and that the DAPS’s certificate contains the appropriate Subject Alternative Name DNS name of the corresponding IP (e.g. 100.75.144.102).
Ensure that for the .env file you have the correct configuration: OMEJDN_DOMAIN="100.75.144.102”
For the DSC make sure that each of them has as Subject Alternative Name the DNS name of the corresponding IP (e.g. 100.75.144.101).
For the creation of the MDB image follow the IDS-testbed guide (https://github.com/International-Data-Spaces-Association/IDS-testbed/blob/master/InstallationGuide.md#metadata-broker)

At the application.properties define correctly your DAPS’s url: daps.url=https://100.75.144.102/auth/token
Ensure that the used MDB certificate when creating the image of the MDB has the Subject Alternative Name DNS name: 100.75.144.100

With all these configurations correct you should be able to deploy in different computers the DAPS, DSCA, DSCB and MDB.

fcm2000105 commented 9 months ago

I am trying to follow the IDS-testbed guide (https://github.com/International-Data-Spaces-Association/IDS-testbed/blob/master/InstallationGuide.md#metadata-broker) to create the MDB image.

I have modified the following content in the application.properties file： daps.url=https://100.75.144.102/auth/token daps.validateIncoming=true jwks.trustedHosts=daps.aisec.fraunhofer.de,omejdn,100.75.144.102 ssl.certificatePath=/home/fuchangmei/IDS/IDS-testbed-1.1.0/metadata-broker-open-core-5.0.4/cert/server.crt ssl.javakeystore=/home/fuchangmei/IDS/IDS-testbed-1.1.0/metadata-broker-open-core-5.0.4/cert/isstbroker-keystore.jks

I added the certificate provided by the local Certificate Authority following the steps below:

Next, I updated the server.cert and isstbroker-keystore.jks files located at the following path: "/home/fuchangmei/IDS/IDS-testbed-1.1.0/metadata-broker-open-core-5.0.4/cert". Additionally, I added testbed3.p12 to isstbroker-keystore.jks.

Then, I tried to build the project, but encountered the following error: [INFO] ------------------------------------------------------------------------ [INFO] Reactor Summary for broker-open-core 5.0.4: [INFO] [INFO] broker-open-core ................................... SUCCESS [ 1.479 s] [INFO] open-index-common .................................. FAILURE [01:52 min] [INFO] open-broker-common ................................. SKIPPED [INFO] broker-core ........................................ SKIPPED [INFO] ------------------------------------------------------------------------ [INFO] BUILD FAILURE [INFO] ------------------------------------------------------------------------ [INFO] Total time: 01:54 min [INFO] Finished at: 2023-11-29T15:21:33+08:00 [INFO] ------------------------------------------------------------------------ [ERROR] Failed to execute goal on project open-index-common: Could not resolve dependencies for project de.fraunhofer.iais.eis.ids:open-index-common:jar:5.0.4: Failed to collect dependencies at de.fraunhofer.iais.eis.ids:core:jar:5.0.4: Failed to read artifact descriptor for de.fraunhofer.iais.eis.ids:core:jar:5.0.4: Could not transfer artifact de.fraunhofer.iais.eis.ids:core:pom:5.0.4 from/to eis-public-repo (https://maven.iais.fraunhofer.de/artifactory/eis-ids-public): Transfer failed for https://maven.iais.fraunhofer.de/artifactory/eis-ids-public/de/fraunhofer/iais/eis/ids/core/5.0.4/core-5.0.4.pom: 没有到主机的路由 -> [Help 1] [ERROR] [ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch. [ERROR] Re-run Maven using the -X switch to enable full debug logging. [ERROR] [ERROR] For more information about the errors and possible solutions, please read the following articles: [ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/DependencyResolutionException [ERROR] [ERROR] After correcting the problems, you can resume the build with the command [ERROR] mvn -rf :open-index-common

The error message indicates that I cannot access the Maven repository at "https://maven.iais.fraunhofer.de/artifactory/eis-ids-public."

jfernandezsqs commented 9 months ago

Hello @fcm2000105,

There are some missing dependencies for version 5.0.4 of MDB. At InstallationGuide.md documentation it has been generated MDB image using MDB previous version 5.0.3. Please, try it with this version 5.0.3 of the MDB and you should be able to generate the MDB image.

cd IDS-testbed
git clone -b 5.0.3 https://github.com/International-Data-Spaces-Association/metadata-broker-open-core.git

Note: for the MDB application.properties file do not change lines 42 and 43, because it could give later on an error when trying to find the certificate.

ssl.certificatePath=/etc/cert/server.crt
ssl.javakeystore=/etc/cert/isstbroker-keystore.jks

fcm2000105 commented 9 months ago

I rebuilt the image based on your advice, but encountered the same error:

[INFO] ------------------------------------------------------------------------ [INFO] Reactor Summary for broker-open-core 5.0.3: [INFO] [INFO] broker-open-core ................................... SUCCESS [ 1.583 s] [INFO] open-index-common .................................. FAILURE [02:24 min] [INFO] open-broker-common ................................. SKIPPED [INFO] broker-core ........................................ SKIPPED [INFO] ------------------------------------------------------------------------ [INFO] BUILD FAILURE [INFO] ------------------------------------------------------------------------ [INFO] Total time: 02:26 min [INFO] Finished at: 2023-11-29T16:52:21+08:00 [INFO] ------------------------------------------------------------------------ [ERROR] Failed to execute goal on project open-index-common: Could not resolve dependencies for project de.fraunhofer.iais.eis.ids:open-index-common:jar:5.0.3: Failed to collect dependencies at de.fraunhofer.iais.eis.ids:core:jar:5.0.3: Failed to read artifact descriptor for de.fraunhofer.iais.eis.ids:core:jar:5.0.3: Could not transfer artifact de.fraunhofer.iais.eis.ids:core:pom:5.0.3 from/to eis-public-repo (https://maven.iais.fraunhofer.de/artifactory/eis-ids-public): Transfer failed for https://maven.iais.fraunhofer.de/artifactory/eis-ids-public/de/fraunhofer/iais/eis/ids/core/5.0.3/core-5.0.3.pom: 没有到主机的路由 -> [Help 1] [ERROR] [ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch. [ERROR] Re-run Maven using the -X switch to enable full debug logging. [ERROR] [ERROR] For more information about the errors and possible solutions, please read the following articles: [ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/DependencyResolutionException [ERROR] [ERROR] After correcting the problems, you can resume the build with the command [ERROR] mvn -rf :open-index-common

jfernandezsqs commented 7 months ago

Hello @fcm2000105,

I have installed a new machine and replicated the scenario where the error occurs and indeed the command "mvn clean package" does not run correctly. I have been with the team analysing the issue and seeing where it comes from to find a solution.

Finally, we have found a workaround that solves this problem. With the following attachment in your machine Home path (.m2/repository/) the issue is fixed and the command "mvn clean package" for MDB version 5.0.3 is correctly executed.

fix_to_issue_132.zip

The MDB developers have already been informed of this error and for the moment I provide you with this solution that we have tested that works with the scenario that you detail in this issue.

If you have any additional problems or issues, please do not hesitate to contact.

fcm2000105 commented 7 months ago

Through the solution you provided, I successfully solved the problem. Thank you very much for your help!

International-Data-Spaces-Association / IDS-testbed

How to deploy connectora,connectorb,and broker on three computers separately? #132