search

OxalisCommunity / Oxalis-AS4

PEPPOL AS4 pMode plugin for Oxalis
32 stars 25 forks source link

Oxalis-standalone with AS4 extensions - ERROR: Unable to detect mode (Exception when reading AIA) #171

Closed thaapaniemi closed 2 years ago

thaapaniemi commented 2 years ago

Hi,

I have a problem for getting AS4 extensions working with Oxalis-standalone. When using AS4 extensions, certificate check will fail:

2866  INFO  n.o.v.peppol.security.ModeDetector - Detection error (TEST): Validation of subject principal(CN) failed.
2871  INFO  n.o.v.peppol.security.ModeDetector - Detection error (LOCAL): Certificate should be self-signed.
2880  INFO  n.o.v.peppol.security.ModeDetector - Detection error (PRODUCTION): Exception when reading AIA: 'org.bouncycastle.asn1.DLTaggedObject cannot be cast to org.bouncycastle.asn1.DERTaggedObject'.
2893  ERROR n.o.commons.guice.GuiceModuleLoader - Unable to detect mode.
network.oxalis.api.lang.OxalisLoadingException: Unable to detect mode.
    at network.oxalis.commons.mode.ModeProvider.get(ModeProvider.java:74)
    at network.oxalis.commons.mode.ModeProvider.get(ModeProvider.java:46)
    at com.google.inject.internal.ProviderInternalFactory.provision(ProviderInternalFactory.java:85)
    at com.google.inject.internal.BoundProviderFactory.provision(BoundProviderFactory.java:77)
    at com.google.inject.internal.ProviderInternalFactory.circularGet(ProviderInternalFactory.java:59)
    at com.google.inject.internal.BoundProviderFactory.get(BoundProviderFactory.java:61)
    at com.google.inject.internal.ProviderToInternalFactoryAdapter.get(ProviderToInternalFactoryAdapter.java:40)
    at com.google.inject.internal.SingletonScope$1.get(SingletonScope.java:168)
    at com.google.inject.internal.InternalFactoryToProviderAdapter.get(InternalFactoryToProviderAdapter.java:39)
    at com.google.inject.internal.InternalInjectorCreator.loadEagerSingletons(InternalInjectorCreator.java:211)
    at com.google.inject.internal.InternalInjectorCreator.injectDynamically(InternalInjectorCreator.java:182)
    at com.google.inject.internal.InternalInjectorCreator.build(InternalInjectorCreator.java:109)
    at com.google.inject.Guice.createInjector(Guice.java:87)
    at com.google.inject.Guice.createInjector(Guice.java:69)
    at network.oxalis.commons.guice.GuiceModuleLoader.initiate(GuiceModuleLoader.java:66)
    at network.oxalis.outbound.OxalisOutboundComponent.<init>(OxalisOutboundComponent.java:45)
    at eu.sendregning.oxalis.Main.main(Main.java:114)
Caused by: network.oxalis.vefa.peppol.common.lang.PeppolLoadingException: Unable to detect mode for certificate 'C=FI, O=<redacted>, OU=PEPPOL PRODUCTION AP, CN=<redacted>'.
    at network.oxalis.vefa.peppol.security.ModeDetector.detect(ModeDetector.java:61)
    at network.oxalis.commons.mode.ModeProvider.get(ModeProvider.java:72)
    ... 16 common frames omitted
Exception in thread "main" network.oxalis.api.lang.OxalisLoadingException: Unable to load Oxalis due to errors during loading.
    at network.oxalis.commons.guice.GuiceModuleLoader.initiate(GuiceModuleLoader.java:76)
    at network.oxalis.outbound.OxalisOutboundComponent.<init>(OxalisOutboundComponent.java:45)
    at eu.sendregning.oxalis.Main.main(Main.java:114)

For easier reproduction I have used the version that were built from Docker image found from master branch (https://raw.githubusercontent.com/OxalisCommunity/Oxalis-AS4/master/Dockerfile) injected with certificate and test xml:

+WORKDIR /oxalis
+
+COPY custom-conf/ ./
+RUN apk add bash

and executed this image with following docker run:

docker run -it --entrypoint /bin/bash <local_container_id>

bash-4.4# OXALIS_HOME=/oxalis java -classpath "lib-standalone/*:lib/*:ext/*" eu.sendregning.oxalis.Main -f test.xml  
3293  INFO  n.o.v.peppol.security.ModeDetector - Detection error (PRODUCTION): Exception when reading AIA: 'org.bouncycastle.asn1.DLTaggedObject cannot be cast to org.bouncycastle.asn1.DERTaggedObject'.
3334  ERROR n.o.commons.guice.GuiceModuleLoader - Unable to detect mode.
network.oxalis.api.lang.OxalisLoadingException: Unable to detect mode.
...

This same behaviour is found from binaries found in maven repositories and executed with local java version (openjdk version "1.8.0_292"). This was tested and built from commit 81130894b77c9b286db84535aa4c131b96baf2ad (HEAD, tag: v5.0.3)

Oxalis-standalone without AS4 extensions does work with AP:s with legacy AS2 support as expected.

Is this problem with our certificate / keystore (certificate Creation date: Oct 21, 2020; Keystore type and provider jks/SUN) or is there something else that we can do to resolve this?

Update 2021-10-18: This seems to be related with the latest release, I got it working with earlier version just fine. Used keystore type did not matter and certificate type (PRODUCTION / TEST) did not matter.

francescodiperna commented 2 years ago

Hi @thaapaniemi which version did you use? I have a similar problem (https://github.com/OxalisCommunity/oxalis/discussions/566)

thaapaniemi commented 2 years ago

Hi @thaapaniemi which version did you use? I have a similar problem (OxalisCommunity/oxalis#566)

Hi, It probably had Oxalis 5.0.5 and Axalis-AS4 5.0.3 or something similar. If I remember correctly, downgrading the oxalis to match oxalis-as4 version fixed the proble.

francescodiperna commented 2 years ago

Thanks @thaapaniemi , I solved the issues (https://github.com/OxalisCommunity/oxalis/issues/567)

Ciao

aaron-kumar commented 2 years ago

@thaapaniemi and @francescodiperna from you conversation, I can concluded that issue is resolved for both of you. This issue happen when there are different version of bouncycastle library available in classpath. Let me know if you have still face challenges with any release.

Note: Issue will be automatically closed if we do not hear anything from you soon.

francescodiperna commented 2 years ago

Hi @arun, the issue is solved for me.

Di Perna Francesco

Il giorno ven 11 feb 2022 alle ore 14:38 Arun Kumar < @.***> ha scritto:

@thaapaniemi https://github.com/thaapaniemi and @francescodiperna https://github.com/francescodiperna from you conversation, I can concluded that issue is resolved for both of you. This issue happen when there are different version of bouncycastle library available in classpath. Let me know if you have still face challenges with any release.

Note: Issue will be automatically closed if we do not hear anything from you soon.

— Reply to this email directly, view it on GitHub https://github.com/OxalisCommunity/Oxalis-AS4/issues/171#issuecomment-1036222858, or unsubscribe https://github.com/notifications/unsubscribe-auth/AV5ERW7T5VAH3BOVXTYVL2LU2UGPDANCNFSM5FYERPWA . Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.

You are receiving this because you were mentioned.Message ID: @.***>