search

OSGP / Documentation

This repository contains documentation for the Open Smart Grid Platform project. This repository is built as a GitBook, therefore all content has to be written using markdown syntax. See the latest GitBook:
https://documentation.gxf.lfenergy.org/
Apache License 2.0
24 stars 15 forks source link

Run the Demo app as a separate application (on a different machine) by calling functionalities on OSGP platform #210

Closed Sanu153 closed 4 years ago

Sanu153 commented 4 years ago

Hi,

I was trying to run the Demo app as a separate application (on a different machine) by calling functionalities on OSGP platform. But unfortunately Exception is being thrown. The error message is hostname in certificate didn't match: <sanu-pc> != <localhost>.

In order to run the application, I have changed the baseURL from localhost to the computer name in the fileweb-demo-app.properties. In my case the computer name is sanu-pc.

Kindly help me to resolve the issue. The screenshot and the generated logs are attached below. HTTP Status 500 – Internal Server Error 3

Sep 05, 2019 2:16:48 PM org.springframework.oxm.jaxb.Jaxb2Marshaller createJaxbContextFromContextPath INFO: Creating JAXBContext with context path [org.opensmartgridplatform.adapter.ws.schema.publiclighting.adhocmanagement] Sep 05, 2019 2:16:48 PM org.apache.catalina.core.StandardWrapperValve invoke SEVERE: Servlet.service() for servlet [dispatcher] in context with path [/web-demo-app] threw exception [Request processing failed; nested exception is org.springframework.ws.client.WebServiceIOException: I/O error: hostname in certificate didn't match: <sanu-pc> != <localhost>; nested exception is javax.net.ssl.SSLException: hostname in certificate didn't match: <sanu-pc> != <localhost>] with root cause javax.net.ssl.SSLException: hostname in certificate didn't match: <sanu-pc> != <localhost> at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:238) at org.apache.http.conn.ssl.BrowserCompatHostnameVerifier.verify(BrowserCompatHostnameVerifier.java:54) at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:159) at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:140) at org.apache.http.conn.ssl.SSLConnectionSocketFactory.verifyHostname(SSLConnectionSocketFactory.java:286) at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:276) at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:254) at org.apache.http.impl.conn.HttpClientConnectionOperator.connect(HttpClientConnectionOperator.java:123) at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:318) at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:363) at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:219) at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:195) at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:86) at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:108) at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:184) at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82) at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:106) at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:57) at org.springframework.ws.transport.http.HttpComponentsConnection.onSendAfterWrite(HttpComponentsConnection.java:121) at org.springframework.ws.transport.AbstractWebServiceConnection.send(AbstractWebServiceConnection.java:48) at org.springframework.ws.client.core.WebServiceTemplate.sendRequest(WebServiceTemplate.java:658) at org.springframework.ws.client.core.WebServiceTemplate.doSendAndReceive(WebServiceTemplate.java:606) at org.springframework.ws.client.core.WebServiceTemplate.sendAndReceive(WebServiceTemplate.java:555) at org.springframework.ws.client.core.WebServiceTemplate.marshalSendAndReceive(WebServiceTemplate.java:390) at org.springframework.ws.client.core.WebServiceTemplate.marshalSendAndReceive(WebServiceTemplate.java:383) at org.springframework.ws.client.core.WebServiceTemplate.marshalSendAndReceive(WebServiceTemplate.java:373) at org.opensmartgridplatform.webdemoapp.application.services.OsgpPublicLightingClientSoapService.findAllDevicesRequest(OsgpPublicLightingClientSoapService.java:57) at org.opensmartgridplatform.webdemoapp.web.controller.PublicLightingController.showDeviceList(PublicLightingController.java:58) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:220) at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:134) at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:116) at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:827) at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:738) at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:85) at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:963) at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:897) at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:970) at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:861) at javax.servlet.http.HttpServlet.service(HttpServlet.java:635) at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:846) at javax.servlet.http.HttpServlet.service(HttpServlet.java:742) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:198) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:478) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:80) at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:650) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342) at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:799) at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66) at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:868) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1457) at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.lang.Thread.run(Thread.java:748)

Screenshot from 2019-09-05 19-52-12

kevinsmeets commented 4 years ago

Hello Sanu153,

Thank you for reporting an issue. The exception is being thrown because the server certificate does not match the hostname of the server/machine you are running OSGP on. Besides changing the URL in the demo application properties file, as you described, you will also need a server certificate for the hostname. We are using a self-made Certificate Authority, which can be found here: https://github.com/OSGP/Config/tree/development/certificates

There are some scripts which can be used to create a server and/or client certificates. I created a server certificate and private key for you:

dev@dev-box:/home/dev/Sources/OSGP/Config/certificates$ ./create_server_cert.sh sanu-pc 1234 1234
+ REQUESTS=osgp-ca/requests
+ PRIVATE=osgp-ca/private
+ CERTS=osgp-ca/certs
+ CERT_TYPE=v3_req
+ COMMON_NAME=sanu-pc
+ CA_PASS=1234
+ PKCS12_PASS=1234
+ export OPENSSL_CONF=osgp-ca.cfg
+ OPENSSL_CONF=osgp-ca.cfg
+ echo

+ echo

+ echo

+ openssl req -config osgp-ca.cfg -new -sha256 -reqexts v3_req -nodes -out osgp-ca/requests/sanu-pc.req.pem -keyout osgp-ca/private/sanu-pc.key.pem -subj /commonName=sanu-pc
Generating a 2048 bit RSA private key
............................................................+++
...............+++
writing new private key to 'osgp-ca/private/sanu-pc.key.pem'
-----
+ echo

+ echo

+ echo

+ openssl ca -config osgp-ca.cfg -days 1095 -md sha256 -extensions v3_req -batch -passin pass:1234 -out osgp-ca/certs/sanu-pc.cert.pem -infiles osgp-ca/requests/sanu-pc.req.pem
Using configuration from osgp-ca.cfg
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
commonName            :ASN.1 12:'sanu-pc'
Certificate is to be certified until Sep  5 14:29:25 2022 GMT (1095 days)

Write out database with 1 new entries
Data Base Updated
+ echo

+ echo

+ echo

+ openssl pkcs12 -export -inkey osgp-ca/private/sanu-pc.key.pem -in osgp-ca/certs/sanu-pc.cert.pem -certfile osgp-ca/certs/cacert.cer -out osgp-ca/certs/sanu-pc.pfx -passout pass:1234

Please find the server certificate and the private key attached to this issue (I'm not going to commit these files to our OSGP/Config repository):

sanu-pc-server-certificate-and-private-key.zip

The server certificate and private key will have to be placed somewhere, I suggest /etc/ssl/certs/ for the server certificate and /etc/ssl/private/ for the private key.

The server certificate and private key will have to be configured in your Apache HTTPD. See this example of the Apache HTTPD configuration file (see /etc/apache2/sites-enabled/vhost.conf):

ServerName localhost

<VirtualHost *:80>

  Redirect permanent /osgp-adapter-ws-publiclighting https://localhost/osgp-adapter-ws-publiclighting
  Redirect permanent /osgp-adapter-ws-tariffswitching https://localhost/osgp-adapter-ws-tariffswitching
  Redirect permanent /osgp-adapter-ws-admin https://localhost/osgp-adapter-ws-admin
  Redirect permanent /osgp-adapter-ws-core https://localhost/osgp-adapter-ws-core

...

<IfModule mod_ssl.c>
    <VirtualHost *:443>

...

        SSLEngine on

        SSLCertificateFile    /etc/ssl/certs/localhost.cert.pem
        SSLCertificateKeyFile /etc/ssl/private/localhost.key.pem

...
    </VirtualHost>
</IfModule>

This example has to be adapted by changing localhost to sanu-pc for the ServerName, the Redirect permanent statements and the SSLCertificateFile/SSLCertificateKeyFile statements.

Restart Apache HTTPD after changing the configuration file:

dev@dev-box:/home/dev$ sudo systemctl restart apache2.service 

dev@dev-box:/home/dev$ sudo systemctl status apache2.service 
● apache2.service - LSB: Apache2 web server
   Loaded: loaded (/etc/init.d/apache2; bad; vendor preset: enabled)
  Drop-In: /lib/systemd/system/apache2.service.d
           └─apache2-systemd.conf
   Active: active (running) since Fri 2019-09-06 14:59:15 UTC; 6s ago
     Docs: man:systemd-sysv-generator(8)
  Process: 10052 ExecStop=/etc/init.d/apache2 stop (code=exited, status=0/SUCCESS)
  Process: 17255 ExecReload=/etc/init.d/apache2 reload (code=exited, status=0/SUCCESS)
  Process: 10077 ExecStart=/etc/init.d/apache2 start (code=exited, status=0/SUCCESS)
   CGroup: /system.slice/apache2.service
           ├─10094 /usr/sbin/apache2 -k start
           ├─10097 /usr/sbin/apache2 -k start
           └─10098 /usr/sbin/apache2 -k start

Sep 06 14:59:14 dev-box systemd[1]: Starting LSB: Apache2 web server...
Sep 06 14:59:14 dev-box apache2[10077]:  * Starting Apache httpd web server apache2
Sep 06 14:59:15 dev-box apache2[10077]:  *
Sep 06 14:59:15 dev-box systemd[1]: Started LSB: Apache2 web server.

I think you should be able to issue requests from the demo application to OSGP at this point. Please let us know if you experience any other issues.

Kind regards, Kevin

Sanu153 commented 4 years ago

Thank you for your help and time.

I'm closing this issue and will be raising another in case I encounter any.