search

WCGA / West-Coast-Ocean-Data-Portal

bugs and fixes for the geoportal back end and UI front end of the WCODP
1 stars 0 forks source link

Cannot connect to Anthropecene Institute WAF #63

Open cybersea opened 8 years ago

cybersea commented 8 years ago

The URL is: https://mpa.protectedseas.net/metadata

I can navigate to it in a browser, but when I try to register it in Geoportal as a WAF, I get "Unable to connect to host" error.

In a little bit of browsing of the logs, it looks like it might be an SSL/HTTPS type of error.

looked at /var/log/tomcat6/gpt.2016-07-01.log at around 1:30 PM

cybersea commented 8 years ago

Tried again on 8/3. Log error output:

Aug 03, 2016 9:48:23 AM com.esri.gpt.control.harvest.HarvestController handleTestConnection FINE: Exception raised. com.esri.gpt.catalog.harvest.clients.exceptions.HRConnectionException: Protocol connection exception at com.esri.gpt.catalog.harvest.repository.HrRecord.checkConnection(HrRecord.java:516) at com.esri.gpt.catalog.harvest.repository.HrTestRequest.execute(HrTestRequest.java:71) at com.esri.gpt.control.harvest.HarvestController.handleTestConnection(HarvestController.java:533) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:606) at org.apache.el.parser.AstValue.invoke(AstValue.java:172) at org.apache.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:276) at org.apache.jasper.el.JspMethodExpression.invoke(JspMethodExpression.java:68) at javax.faces.event.MethodExpressionActionListener.processAction(MethodExpressionActionListener.java:144) at javax.faces.event.ActionEvent.processListener(ActionEvent.java:84) at javax.faces.component.UIComponentBase.broadcast(UIComponentBase.java:773) at javax.faces.component.UICommand.broadcast(UICommand.java:296) at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:781) at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1246) at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:77) at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:97) at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:114) at javax.faces.webapp.FacesServlet.service(FacesServlet.java:308) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at com.esri.gpt.control.filter.EncodingFilter.doFilter(EncodingFilter.java:122) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:857) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:588) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489) at java.lang.Thread.run(Thread.java:745) Caused by: java.lang.IllegalArgumentException: Protocol connection exception at com.esri.gpt.control.webharvest.protocol.ProtocolInvoker.ping(ProtocolInvoker.java:57) at com.esri.gpt.catalog.harvest.repository.HrRecord.checkConnection(HrRecord.java:508) ... 34 more Caused by: java.lang.reflect.InvocationTargetException at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:606) at com.esri.gpt.control.webharvest.protocol.ProtocolInvoker.ping(ProtocolInvoker.java:47) ... 35 more Aug 03, 2016 9:48:23 AM com.esri.gpt.control.harvest.HarvestController handleTestConnection FINE: Exception raised. com.esri.gpt.catalog.harvest.clients.exceptions.HRConnectionException: Protocol connection exception at com.esri.gpt.catalog.harvest.repository.HrRecord.checkConnection(HrRecord.java:516) at com.esri.gpt.catalog.harvest.repository.HrTestRequest.execute(HrTestRequest.java:71) at com.esri.gpt.control.harvest.HarvestController.handleTestConnection(HarvestController.java:533) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:606) at org.apache.el.parser.AstValue.invoke(AstValue.java:172) at org.apache.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:276) at org.apache.jasper.el.JspMethodExpression.invoke(JspMethodExpression.java:68) at javax.faces.event.MethodExpressionActionListener.processAction(MethodExpressionActionListener.java:144) at javax.faces.event.ActionEvent.processListener(ActionEvent.java:84) at javax.faces.component.UIComponentBase.broadcast(UIComponentBase.java:773) at javax.faces.component.UICommand.broadcast(UICommand.java:296) at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:781) at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1246) at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:77) at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:97) at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:114) at javax.faces.webapp.FacesServlet.service(FacesServlet.java:308) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at com.esri.gpt.control.filter.EncodingFilter.doFilter(EncodingFilter.java:122) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:857) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:588) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489) at java.lang.Thread.run(Thread.java:745) Caused by: java.lang.IllegalArgumentException: Protocol connection exception at com.esri.gpt.control.webharvest.protocol.ProtocolInvoker.ping(ProtocolInvoker.java:57) at com.esri.gpt.catalog.harvest.repository.HrRecord.checkConnection(HrRecord.java:508) ... 34 more Caused by: java.lang.reflect.InvocationTargetException at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:606) at com.esri.gpt.control.webharvest.protocol.ProtocolInvoker.ping(ProtocolInvoker.java:47) ... 35 more Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: timestamp check failed at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1916) at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:279) at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:273) at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1469) at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:213) at sun.security.ssl.Handshaker.processLoop(Handshaker.java:913) at sun.security.ssl.Handshaker.process_record(Handshaker.java:849) at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1035) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1344) at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:721) at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:122) at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82) at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140) at org.apache.commons.httpclient.HttpConnection.flushRequestOutputStream(HttpConnection.java:828) at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2116) at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323) at com.esri.gpt.framework.http.HttpClientRequest.execute(HttpClientRequest.java:581) at com.esri.gpt.catalog.harvest.protocols.AbstractHTTPHarvestProtocol.ping(AbstractHTTPHarvestProtocol.java:76) ... 40 more Caused by: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: timestamp check failed at sun.security.validator.PKIXValidator.doValidate(PKIXValidator.java:350) at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:249) at sun.security.validator.Validator.validate(Validator.java:260) at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326) at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231) at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126) at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1451) ... 58 more Caused by: java.security.cert.CertPathValidatorException: timestamp check failed at sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(PKIXMasterCertPathValidator.java:159) at sun.security.provider.certpath.PKIXCertPathValidator.doValidate(PKIXCertPathValidator.java:353) at sun.security.provider.certpath.PKIXCertPathValidator.engineValidate(PKIXCertPathValidator.java:191) at java.security.cert.CertPathValidator.validate(CertPathValidator.java:279) at sun.security.validator.PKIXValidator.doValidate(PKIXValidator.java:345) ... 64 more Caused by: java.security.cert.CertificateExpiredException: NotAfter: Tue Aug 25 00:07:10 PDT 2009 at sun.security.x509.CertificateValidity.valid(CertificateValidity.java:273) at sun.security.x509.X509CertImpl.checkValidity(X509CertImpl.java:575) at sun.security.provider.certpath.BasicChecker.verifyTimestamp(BasicChecker.java:184) at sun.security.provider.certpath.BasicChecker.check(BasicChecker.java:136) at sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(PKIXMasterCertPathValidator.java:133) ... 68 more

tchaddad commented 8 years ago

Thanks. Saw your post in the esri repo, which is likely the best place to get help on this. The telltale line seems to be:

PKIX path validation failed: java.security.cert.CertPathValidatorException: timestamp check failed

And I know I've had other types of connections fail when either the connecting machine or the server are not set to the correct time zone, or somehow off on their internal clocks (can happen with virtual machines sometimes). So maybe a clue to explore there...

cybersea commented 8 years ago

Got some feedback in the Geoportal github. passed that info along to the Anthropocene folks to investigate. https://github.com/Esri/geoportal-server/issues/237