search

OxalisCommunity / oxalis

Oxalis - PEPPOL Access Point open source implementation - Core component
Other
129 stars 91 forks source link

Could not start oxalis in offline mode #335

Closed artjomsk closed 6 years ago

artjomsk commented 6 years ago

We're using oxalis-4.0.0-RC3 with test certificate in test mode. With no internet connection whole oxalis is failing to start:

Error in custom provider, no.difi.vefa.peppol.common.lang.PeppolLoadingException: Unable to detect mode for certificate 'CN=APP_100..., O=..., C=NO'.
  at no.difi.oxalis.commons.mode.ModeModule.providesMode(ModeModule.java:53)
  at no.difi.oxalis.commons.mode.ModeModule.providesMode(ModeModule.java:53)
  while locating no.difi.vefa.peppol.mode.Mode
    for the 1st parameter of no.difi.oxalis.outbound.lookup.LookupModule.getLookupService(LookupModule.java:59)

With debugger I see the exception is caused by no.difi.vefa.peppol.security.lang.PeppolSecurityException -> UnknownHostException: pilot-ocsp.verisign.com

Is it normal scenario or a bug? For our project it's quite annoying, because oxalis war is inside ear and whole app cannot be started locally without internet connection only because of oxalis is unable to detect mode for certificate.

artjomsk commented 6 years ago

The only option I've found so far is to edit peppol-security-0.9.9.jar->pki/peppol-test.xml and remove

<OCSP>
    <IntermediateBucketReference>intermediate</IntermediateBucketReference>
</OCSP>

from the file. Would be nice to have some control over it like runtime option ex. -D....peppol-security.enableOCSP=true/false

PeterOlausson65 commented 6 years ago

I encountered a similar problem when running Oxalis 4.0.2 behind a proxy server. The proxy settings in oxalis.conf seems not be used by the OCSP validator? Is there any way to define a proxy for OCSP?

aaron-kumar commented 5 years ago

Still problem with "oxalis-4.0.2" even after making changes as mentioned in "https://github.com/difi/oxalis/commit/abca3d87b14a4b32197da9f27bf4de2397e418af".

We need this fix for this issue in "oxalis-4.0.2".

Also test-case "ModeModuleTest.simple()" is failing:

[ERROR] 1) No implementation for org.apache.http.impl.client.CloseableHttpClient was bound. [ERROR] while locating com.google.inject.Provider [ERROR] for field at no.difi.oxalis.commons.mode.OxalisCrlFetcher.httpClientProvider(OxalisCrlFetcher.java:56) [ERROR] at no.difi.oxalis.commons.mode.ModeModule.configure(ModeModule.java:56) (via modules: no.difi.oxalis.commons.guice.GuiceModuleLoader -> no.difi.oxalis.commons.mode.ModeModule) [ERROR] [ERROR] 2) No implementation for org.apache.http.impl.client.CloseableHttpClient was bound. [ERROR] while locating com.google.inject.Provider [ERROR] for field at no.difi.oxalis.commons.mode.OxalisOcspFetcher.httpClientProvider(OxalisOcspFetcher.java:45) [ERROR] at no.difi.oxalis.commons.mode.ModeModule.configure(ModeModule.java:54) (via modules: no.difi.oxalis.commons.guice.GuiceModuleLoader -> no.difi.oxalis.commons.mode.ModeModule)

aaron-kumar commented 5 years ago

Opened issue: https://github.com/difi/oxalis/issues/391 to reflect above problem