search

airbytehq / airbyte

The leading data integration platform for ETL / ELT data pipelines from APIs, databases & files to data warehouses, data lakes & data lakehouses. Both self-hosted and Cloud-hosted.
https://airbyte.com
Other
16.05k stars 4.11k forks source link

[source-mongodb-v2] `java.security.cert.CertificateException` No subject alternative names present #34731

Open Sampad-Hegde opened 9 months ago

Sampad-Hegde commented 9 months ago

Connector Name

source-mongodb-v2

Connector Version

1.2.4

What step the error happened?

Configuring a new connector

Relevant information

I am using Self-Managed Replica Set with 1 primary and 1 secondary both are deployed in separate VMs. and both VMs are accessible from my airbyte VM. This has a ssl enabled and it is self signed as well.

I was able to connect from studio3T, mongosh as well as from Mongodb Compas by giving these ca.pem and client.pem files

Mongo1 : 20.42.3.5:7688 Mongo2 : 20.42.3.6:7688

mongo-uri: mongodb://<usr_name>:<pwd>@20.42.3.5:7688,20.42.3.6:7688/<my_db>?replicaSet=asimongodevc1

added necessary data in username, password, Authentication Source etc.

I tried with and without these url params: ssl = true/false tls = true/false tlsAllowInvalidHostnames = true sslAllowInvalidHostnames = true

I Built the custom docker image, which is the extension of airbyte/source-mongodb-v2 and adding my ca certificate to truststore/keystore.

here is my custom image Dockerfile content:

FROM airbyte/source-mongodb-v2
ENV JAVA_OPTS="-Dcom.sun.jndi.ldap.object.disableEndpointIdentification=true"
ENV com_sun_jndi_ldap_object_disableEndpointIdentification=true
COPY ca.pem /local/
RUN $JAVA_HOME/bin/keytool -import -noprompt -trustcacerts -alias VymoProdDSCA -file /local/ca.pem -keystore $JAVA_HOME/lib/security/cacerts -storepass changeit

building the image with this command: docker build -t airbyte/source-mongodb-v2:1.2.4 . --no-cache --progress=plain

I have added SAN manually while adding to keystore but issue still persist: cmd used : RUN $JAVA_HOME/bin/keytool -import -noprompt -trustcacerts -alias VymoProdDSCA -file /local/ca.pem -keystore $JAVA_HOME/lib/security/cacerts -storepass changeit -ext SAN=DNS:mongo1.vymo-priv.net,DNS:mongo2.vymo-priv.net,IP:20.42.3.5,IP:20.42.3.6

Error: With DNS

Timed out after 30000 ms while waiting for a server that matches ReadPreferenceServerSelector{readPreference=primary}. Client view of cluster state is {type=REPLICA_SET, servers=[{address=20.42.3.6:7688, type=UNKNOWN, state=CONNECTING, exception={com.mongodb.MongoSocketWriteException: Exception sending message}, caused by {javax.net.ssl.SSLHandshakeException: No subject alternative names present}, caused by {java.security.cert.CertificateException: No subject alternative names present}}, {address=20.42.3.5:7688, type=UNKNOWN, state=CONNECTING, exception={com.mongodb.MongoSocketWriteException: Exception sending message}, caused by {javax.net.ssl.SSLHandshakeException: No subject alternative names present}, caused by {java.security.cert.CertificateException: No subject alternative names present}}]

With IP:

Timed out after 30000 ms while waiting for a server that matches ReadPreferenceServerSelector{readPreference=primary}. Client view of cluster state is {type=REPLICA_SET, servers=[{address=20.42.3.6:7688, type=UNKNOWN, state=CONNECTING, exception={com.mongodb.MongoSocketWriteException: Exception sending message}, caused by {javax.net.ssl.SSLHandshakeException: No subject alternative names present}, caused by {java.security.cert.CertificateException: No subject alternative names present}}, {address=20.42.3.5:7688, type=UNKNOWN, state=CONNECTING, exception={com.mongodb.MongoSocketWriteException: Exception sending message}, caused by {javax.net.ssl.SSLHandshakeException: No subject alternative names present}, caused by {java.security.cert.CertificateException: No subject alternative names present}}]

Tried these as well none of them worked:

  1. Adding dns name and adding them to /etc/hosts for these ips to wrap (also tried with setting nginx rp in between)
  2. Stunnel: Mongo m/c to Airbyte running m/c (mongo1 -> localhost:27020 and mongo2 -> localhost:27021)

COMPLETE LOG IS ATTACHED

Relevant log output

2024-02-01 09:35:58 platform > Docker volume job log path: /tmp/workspace/8238408e-4420-4286-95d3-674f0d35edef/0/logs.log
2024-02-01 09:35:58 platform > Executing worker wrapper. Airbyte version: 0.50.43
2024-02-01 09:35:58 platform > Attempt 0 to save workflow id for cancellation
2024-02-01 09:35:58 platform > 
2024-02-01 09:35:58 platform > ----- START CHECK -----
2024-02-01 09:35:58 platform > 
2024-02-01 09:35:58 platform > Using default value for environment variable SIDECAR_KUBE_CPU_LIMIT: '2.0'
2024-02-01 09:35:58 platform > Using default value for environment variable SOCAT_KUBE_CPU_LIMIT: '2.0'
2024-02-01 09:35:58 platform > Using default value for environment variable SIDECAR_KUBE_CPU_REQUEST: '0.1'
2024-02-01 09:35:58 platform > Using default value for environment variable SOCAT_KUBE_CPU_REQUEST: '0.1'
2024-02-01 09:35:58 platform > Using default value for environment variable LAUNCHDARKLY_KEY: ''
2024-02-01 09:35:58 platform > Checking if airbyte/source-mongodb-v2:1.2.4 exists...
2024-02-01 09:35:59 platform > airbyte/source-mongodb-v2:1.2.4 was found locally.
2024-02-01 09:35:59 platform > Creating docker container = source-mongodb-v2-check-8238408e-4420-4286-95d3-674f0d35edef-0-mcpla with resources io.airbyte.config.ResourceRequirements@57abb2ac[cpuRequest=,cpuLimit=,memoryRequest=,memoryLimit=,additionalProperties={}] and allowedHosts null
2024-02-01 09:35:59 platform > Preparing command: docker run --rm --init -i -w /data/8238408e-4420-4286-95d3-674f0d35edef/0 --log-driver none --name source-mongodb-v2-check-8238408e-4420-4286-95d3-674f0d35edef-0-mcpla --network host -v airbyte_workspace:/data -v /tmp/airbyte_local:/local -e DEPLOYMENT_MODE=OSS -e WORKER_CONNECTOR_IMAGE=airbyte/source-mongodb-v2:1.2.4 -e AUTO_DETECT_SCHEMA=true -e LAUNCHDARKLY_KEY= -e SOCAT_KUBE_CPU_REQUEST=0.1 -e SOCAT_KUBE_CPU_LIMIT=2.0 -e FIELD_SELECTION_WORKSPACES= -e USE_STREAM_CAPABLE_STATE=true -e WORKER_ENVIRONMENT=DOCKER -e AIRBYTE_ROLE= -e APPLY_FIELD_SELECTION=false -e WORKER_JOB_ATTEMPT=0 -e OTEL_COLLECTOR_ENDPOINT=http://host.docker.internal:4317 -e FEATURE_FLAG_CLIENT=config -e AIRBYTE_VERSION=0.50.43 -e WORKER_JOB_ID=8238408e-4420-4286-95d3-674f0d35edef airbyte/source-mongodb-v2:1.2.4 check --config source_config.json
2024-02-01 09:35:59 platform > Reading messages from protocol version 0.2.0
2024-02-01 09:36:12 platform > WARN StatusConsoleListener The use of package scanning to locate plugins is deprecated and will be removed in a future release
2024-02-01 09:36:12 platform > WARN StatusConsoleListener The use of package scanning to locate plugins is deprecated and will be removed in a future release
2024-02-01 09:36:12 platform > WARN StatusConsoleListener The use of package scanning to locate plugins is deprecated and will be removed in a future release
2024-02-01 09:36:12 platform > WARN StatusConsoleListener The use of package scanning to locate plugins is deprecated and will be removed in a future release
2024-02-01 09:36:13 platform > 2024-02-01 09:36:13 INFO i.a.i.s.m.MongoDbSource(main):44 - starting source: class io.airbyte.integrations.source.mongodb.MongoDbSource
2024-02-01 09:36:13 platform > 2024-02-01 09:36:13 INFO i.a.c.i.b.IntegrationCliParser(parseOptions):126 - integration args: {check=null, config=source_config.json}
2024-02-01 09:36:13 platform > 2024-02-01 09:36:13 INFO i.a.c.i.b.IntegrationRunner(runInternal):132 - Running integration: io.airbyte.integrations.source.mongodb.MongoDbSource
2024-02-01 09:36:13 platform > 2024-02-01 09:36:13 INFO i.a.c.i.b.IntegrationRunner(runInternal):133 - Command: CHECK
2024-02-01 09:36:13 platform > 2024-02-01 09:36:13 INFO i.a.c.i.b.IntegrationRunner(runInternal):134 - Integration config: IntegrationConfig{command=CHECK, configPath='source_config.json', catalogPath='null', statePath='null'}
2024-02-01 09:36:13 platform > 2024-02-01 09:36:13 WARN c.n.s.JsonMetaSchema(newValidator):278 - Unknown keyword groups - you should define your own Meta Schema. If the keyword is irrelevant for validation, just use a NonValidationKeyword
2024-02-01 09:36:13 platform > 2024-02-01 09:36:13 WARN c.n.s.JsonMetaSchema(newValidator):278 - Unknown keyword order - you should define your own Meta Schema. If the keyword is irrelevant for validation, just use a NonValidationKeyword
2024-02-01 09:36:13 platform > 2024-02-01 09:36:13 WARN c.n.s.JsonMetaSchema(newValidator):278 - Unknown keyword group - you should define your own Meta Schema. If the keyword is irrelevant for validation, just use a NonValidationKeyword
2024-02-01 09:36:13 platform > 2024-02-01 09:36:13 WARN c.n.s.JsonMetaSchema(newValidator):278 - Unknown keyword display_type - you should define your own Meta Schema. If the keyword is irrelevant for validation, just use a NonValidationKeyword
2024-02-01 09:36:13 platform > 2024-02-01 09:36:13 WARN c.n.s.JsonMetaSchema(newValidator):278 - Unknown keyword airbyte_secret - you should define your own Meta Schema. If the keyword is irrelevant for validation, just use a NonValidationKeyword
2024-02-01 09:36:13 platform > 2024-02-01 09:36:13 WARN c.n.s.JsonMetaSchema(newValidator):278 - Unknown keyword always_show - you should define your own Meta Schema. If the keyword is irrelevant for validation, just use a NonValidationKeyword
2024-02-01 09:36:13 platform > 2024-02-01 09:36:13 WARN c.n.s.JsonMetaSchema(newValidator):278 - Unknown keyword min - you should define your own Meta Schema. If the keyword is irrelevant for validation, just use a NonValidationKeyword
2024-02-01 09:36:13 platform > 2024-02-01 09:36:13 WARN c.n.s.JsonMetaSchema(newValidator):278 - Unknown keyword max - you should define your own Meta Schema. If the keyword is irrelevant for validation, just use a NonValidationKeyword
2024-02-01 09:36:13 platform > 2024-02-01 09:36:13 WARN c.m.i.d.l.SLF4JLogger(warn):86 - Ignoring unrecognized boolean value 'true?retrywrites=false' in the connection string for 'tlsAllowInvalidHostnames'. Replace with either 'true' or 'false'
2024-02-01 09:36:13 platform > 2024-02-01 09:36:13 WARN c.m.i.d.l.SLF4JLogger(warn):86 - Connection string contains unsupported option 'provider'.
2024-02-01 09:36:13 platform > 2024-02-01 09:36:13 INFO c.m.i.d.l.SLF4JLogger(info):71 - Adding discovered server 20.42.3.5:7688 to client view of cluster
2024-02-01 09:36:14 platform > 2024-02-01 09:36:13 INFO c.m.i.d.l.SLF4JLogger(info):71 - Adding discovered server 20.42.3.6:7688 to client view of cluster
2024-02-01 09:36:14 platform > 2024-02-01 09:36:14 INFO c.m.i.d.l.SLF4JLogger(info):71 - MongoClient with metadata {"driver": {"name": "mongo-java-driver|sync|Airbyte", "version": "4.10.2"}, "os": {"type": "Linux", "name": "Linux", "architecture": "aarch64", "version": "6.4.16-linuxkit"}, "platform": "Java/Amazon.com Inc./17.0.8.1+8-LTS"} created with settings MongoClientSettings{readPreference=ReadPreference{name=secondaryPreferred, hedgeOptions=null}, writeConcern=WriteConcern{w=null, wTimeout=null ms, journal=null}, retryWrites=true, retryReads=true, readConcern=ReadConcern{level=null}, credential=MongoCredential{mechanism=null, userName='vymo-lms', source='vymo-lms', password=<hidden>, mechanismProperties=<hidden>}, streamFactoryFactory=null, commandListeners=[], codecRegistry=ProvidersCodecRegistry{codecProviders=[ValueCodecProvider{}, BsonValueCodecProvider{}, DBRefCodecProvider{}, DBObjectCodecProvider{}, DocumentCodecProvider{}, CollectionCodecProvider{}, IterableCodecProvider{}, MapCodecProvider{}, GeoJsonCodecProvider{}, GridFSFileCodecProvider{}, Jsr310CodecProvider{}, JsonObjectCodecProvider{}, BsonCodecProvider{}, EnumCodecProvider{}, com.mongodb.client.model.mql.ExpressionCodecProvider@39ab59f8, com.mongodb.Jep395RecordCodecProvider@64e92d61, com.mongodb.KotlinCodecProvider@111610e6]}, loggerSettings=LoggerSettings{maxDocumentLength=1000}, clusterSettings={hosts=[20.42.3.5:7688, 20.42.3.6:7688], srvServiceName=mongodb, mode=MULTIPLE, requiredClusterType=REPLICA_SET, requiredReplicaSetName='asimongodevc1', serverSelector='null', clusterListeners='[]', serverSelectionTimeout='30000 ms', localThreshold='30000 ms'}, socketSettings=SocketSettings{connectTimeoutMS=10000, readTimeoutMS=0, receiveBufferSize=0, sendBufferSize=0}, heartbeatSocketSettings=SocketSettings{connectTimeoutMS=10000, readTimeoutMS=10000, receiveBufferSize=0, sendBufferSize=0}, connectionPoolSettings=ConnectionPoolSettings{maxSize=100, minSize=0, maxWaitTimeMS=120000, maxConnectionLifeTimeMS=0, maxConnectionIdleTimeMS=0, maintenanceInitialDelayMS=0, maintenanceFrequencyMS=60000, connectionPoolListeners=[], maxConnecting=2}, serverSettings=ServerSettings{heartbeatFrequencyMS=10000, minHeartbeatFrequencyMS=500, serverListeners='[]', serverMonitorListeners='[]'}, sslSettings=SslSettings{enabled=true, invalidHostNameAllowed=false, context=null}, applicationName='null', compressorList=[], uuidRepresentation=UNSPECIFIED, serverApi=null, autoEncryptionSettings=null, dnsClient=null, inetAddressResolver=null, contextProvider=null}
2024-02-01 09:36:14 platform > 2024-02-01 09:36:14 INFO c.m.i.d.l.SLF4JLogger(info):71 - No server chosen by ReadPreferenceServerSelector{readPreference=primary} from cluster description ClusterDescription{type=REPLICA_SET, connectionMode=MULTIPLE, serverDescriptions=[ServerDescription{address=20.42.3.6:7688, type=UNKNOWN, state=CONNECTING}, ServerDescription{address=20.42.3.5:7688, type=UNKNOWN, state=CONNECTING}]}. Waiting for 30000 ms before timing out
2024-02-01 09:36:15 platform > 2024-02-01 09:36:15 INFO c.m.i.d.l.SLF4JLogger(info):76 - Exception in monitor thread while connecting to server 20.42.3.5:7688
2024-02-01 09:36:15 platform > com.mongodb.MongoSocketWriteException: Exception sending message
2024-02-01 09:36:15 platform >     at com.mongodb.internal.connection.InternalStreamConnection.translateWriteException(InternalStreamConnection.java:708) ~[mongodb-driver-core-4.10.2.jar:?]
2024-02-01 09:36:15 platform >     at com.mongodb.internal.connection.InternalStreamConnection.sendMessage(InternalStreamConnection.java:585) ~[mongodb-driver-core-4.10.2.jar:?]
2024-02-01 09:36:15 platform >     at com.mongodb.internal.connection.InternalStreamConnection.sendCommandMessage(InternalStreamConnection.java:416) ~[mongodb-driver-core-4.10.2.jar:?]
2024-02-01 09:36:15 platform >     at com.mongodb.internal.connection.InternalStreamConnection.sendAndReceive(InternalStreamConnection.java:362) ~[mongodb-driver-core-4.10.2.jar:?]
2024-02-01 09:36:15 platform >     at com.mongodb.internal.connection.CommandHelper.sendAndReceive(CommandHelper.java:102) ~[mongodb-driver-core-4.10.2.jar:?]
2024-02-01 09:36:15 platform >     at com.mongodb.internal.connection.CommandHelper.executeCommand(CommandHelper.java:49) ~[mongodb-driver-core-4.10.2.jar:?]
2024-02-01 09:36:15 platform >     at com.mongodb.internal.connection.InternalStreamConnectionInitializer.initializeConnectionDescription(InternalStreamConnectionInitializer.java:129) ~[mongodb-driver-core-4.10.2.jar:?]
2024-02-01 09:36:15 platform >     at com.mongodb.internal.connection.InternalStreamConnectionInitializer.startHandshake(InternalStreamConnectionInitializer.java:77) ~[mongodb-driver-core-4.10.2.jar:?]
2024-02-01 09:36:15 platform >     at com.mongodb.internal.connection.InternalStreamConnection.open(InternalStreamConnection.java:211) ~[mongodb-driver-core-4.10.2.jar:?]
2024-02-01 09:36:15 platform >     at com.mongodb.internal.connection.DefaultServerMonitor$ServerMonitorRunnable.lookupServerDescription(DefaultServerMonitor.java:199) [mongodb-driver-core-4.10.2.jar:?]
2024-02-01 09:36:15 platform >     at com.mongodb.internal.connection.DefaultServerMonitor$ServerMonitorRunnable.run(DefaultServerMonitor.java:159) [mongodb-driver-core-4.10.2.jar:?]
2024-02-01 09:36:15 platform >     at java.base/java.lang.Thread.run(Thread.java:833) [?:?]
2024-02-01 09:36:15 platform > Caused by: javax.net.ssl.SSLHandshakeException: No subject alternative names present
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:378) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:321) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:316) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.checkServerCerts(CertificateMessage.java:654) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.onCertificate(CertificateMessage.java:473) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.consume(CertificateMessage.java:369) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:396) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:480) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:458) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:201) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:172) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1510) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1425) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:455) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.SSLSocketImpl.ensureNegotiated(SSLSocketImpl.java:925) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.SSLSocketImpl$AppOutputStream.write(SSLSocketImpl.java:1295) ~[?:?]
2024-02-01 09:36:15 platform >     at com.mongodb.internal.connection.SocketStream.write(SocketStream.java:102) ~[mongodb-driver-core-4.10.2.jar:?]
2024-02-01 09:36:15 platform >     at com.mongodb.internal.connection.InternalStreamConnection.sendMessage(InternalStreamConnection.java:582) ~[mongodb-driver-core-4.10.2.jar:?]
2024-02-01 09:36:15 platform >     ... 10 more
2024-02-01 09:36:15 platform > Caused by: java.security.cert.CertificateException: No subject alternative names present
2024-02-01 09:36:15 platform >     at java.base/sun.security.util.HostnameChecker.matchIP(HostnameChecker.java:142) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.util.HostnameChecker.match(HostnameChecker.java:101) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:458) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:432) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:238) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:132) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.checkServerCerts(CertificateMessage.java:638) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.onCertificate(CertificateMessage.java:473) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.consume(CertificateMessage.java:369) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:396) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:480) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:458) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:201) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:172) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1510) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1425) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:455) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.SSLSocketImpl.ensureNegotiated(SSLSocketImpl.java:925) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.SSLSocketImpl$AppOutputStream.write(SSLSocketImpl.java:1295) ~[?:?]
2024-02-01 09:36:15 platform >     at com.mongodb.internal.connection.SocketStream.write(SocketStream.java:102) ~[mongodb-driver-core-4.10.2.jar:?]
2024-02-01 09:36:15 platform >     at com.mongodb.internal.connection.InternalStreamConnection.sendMessage(InternalStreamConnection.java:582) ~[mongodb-driver-core-4.10.2.jar:?]
2024-02-01 09:36:15 platform >     ... 10 more
2024-02-01 09:36:15 platform > 2024-02-01 09:36:15 INFO c.m.i.d.l.SLF4JLogger(info):76 - Exception in monitor thread while connecting to server 20.42.3.6:7688
2024-02-01 09:36:15 platform > com.mongodb.MongoSocketWriteException: Exception sending message
2024-02-01 09:36:15 platform >     at com.mongodb.internal.connection.InternalStreamConnection.translateWriteException(InternalStreamConnection.java:708) ~[mongodb-driver-core-4.10.2.jar:?]
2024-02-01 09:36:15 platform >     at com.mongodb.internal.connection.InternalStreamConnection.sendMessage(InternalStreamConnection.java:585) ~[mongodb-driver-core-4.10.2.jar:?]
2024-02-01 09:36:15 platform >     at com.mongodb.internal.connection.InternalStreamConnection.sendCommandMessage(InternalStreamConnection.java:416) ~[mongodb-driver-core-4.10.2.jar:?]
2024-02-01 09:36:15 platform >     at com.mongodb.internal.connection.InternalStreamConnection.sendAndReceive(InternalStreamConnection.java:362) ~[mongodb-driver-core-4.10.2.jar:?]
2024-02-01 09:36:15 platform >     at com.mongodb.internal.connection.CommandHelper.sendAndReceive(CommandHelper.java:102) ~[mongodb-driver-core-4.10.2.jar:?]
2024-02-01 09:36:15 platform >     at com.mongodb.internal.connection.CommandHelper.executeCommand(CommandHelper.java:49) ~[mongodb-driver-core-4.10.2.jar:?]
2024-02-01 09:36:15 platform >     at com.mongodb.internal.connection.InternalStreamConnectionInitializer.initializeConnectionDescription(InternalStreamConnectionInitializer.java:129) ~[mongodb-driver-core-4.10.2.jar:?]
2024-02-01 09:36:15 platform >     at com.mongodb.internal.connection.InternalStreamConnectionInitializer.startHandshake(InternalStreamConnectionInitializer.java:77) ~[mongodb-driver-core-4.10.2.jar:?]
2024-02-01 09:36:15 platform >     at com.mongodb.internal.connection.InternalStreamConnection.open(InternalStreamConnection.java:211) ~[mongodb-driver-core-4.10.2.jar:?]
2024-02-01 09:36:15 platform >     at com.mongodb.internal.connection.DefaultServerMonitor$ServerMonitorRunnable.lookupServerDescription(DefaultServerMonitor.java:199) [mongodb-driver-core-4.10.2.jar:?]
2024-02-01 09:36:15 platform >     at com.mongodb.internal.connection.DefaultServerMonitor$ServerMonitorRunnable.run(DefaultServerMonitor.java:159) [mongodb-driver-core-4.10.2.jar:?]
2024-02-01 09:36:15 platform >     at java.base/java.lang.Thread.run(Thread.java:833) [?:?]
2024-02-01 09:36:15 platform > Caused by: javax.net.ssl.SSLHandshakeException: No subject alternative names present
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:378) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:321) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:316) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.checkServerCerts(CertificateMessage.java:654) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.onCertificate(CertificateMessage.java:473) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.consume(CertificateMessage.java:369) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:396) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:480) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:458) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:201) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:172) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1510) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1425) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:455) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.SSLSocketImpl.ensureNegotiated(SSLSocketImpl.java:925) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.SSLSocketImpl$AppOutputStream.write(SSLSocketImpl.java:1295) ~[?:?]
2024-02-01 09:36:15 platform >     at com.mongodb.internal.connection.SocketStream.write(SocketStream.java:102) ~[mongodb-driver-core-4.10.2.jar:?]
2024-02-01 09:36:15 platform >     at com.mongodb.internal.connection.InternalStreamConnection.sendMessage(InternalStreamConnection.java:582) ~[mongodb-driver-core-4.10.2.jar:?]
2024-02-01 09:36:15 platform >     ... 10 more
2024-02-01 09:36:15 platform > Caused by: java.security.cert.CertificateException: No subject alternative names present
2024-02-01 09:36:15 platform >     at java.base/sun.security.util.HostnameChecker.matchIP(HostnameChecker.java:142) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.util.HostnameChecker.match(HostnameChecker.java:101) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:458) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:432) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:238) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:132) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.checkServerCerts(CertificateMessage.java:638) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.onCertificate(CertificateMessage.java:473) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.consume(CertificateMessage.java:369) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:396) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:480) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:458) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:201) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:172) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1510) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1425) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:455) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.SSLSocketImpl.ensureNegotiated(SSLSocketImpl.java:925) ~[?:?]
2024-02-01 09:36:15 platform >     at java.base/sun.security.ssl.SSLSocketImpl$AppOutputStream.write(SSLSocketImpl.java:1295) ~[?:?]
2024-02-01 09:36:15 platform >     at com.mongodb.internal.connection.SocketStream.write(SocketStream.java:102) ~[mongodb-driver-core-4.10.2.jar:?]
2024-02-01 09:36:15 platform >     at com.mongodb.internal.connection.InternalStreamConnection.sendMessage(InternalStreamConnection.java:582) ~[mongodb-driver-core-4.10.2.jar:?]
2024-02-01 09:36:15 platform >     ... 10 more
2024-02-01 09:36:44 platform > 2024-02-01 09:36:44 ERROR i.a.i.s.m.MongoDbSource(check):84 - Unable to perform source check operation.
2024-02-01 09:36:44 platform > com.mongodb.MongoTimeoutException: Timed out after 30000 ms while waiting for a server that matches ReadPreferenceServerSelector{readPreference=primary}. Client view of cluster state is {type=REPLICA_SET, servers=[{address=20.42.3.6:7688, type=UNKNOWN, state=CONNECTING, exception={com.mongodb.MongoSocketWriteException: Exception sending message}, caused by {javax.net.ssl.SSLHandshakeException: No subject alternative names present}, caused by {java.security.cert.CertificateException: No subject alternative names present}}, {address=20.42.3.5:7688, type=UNKNOWN, state=CONNECTING, exception={com.mongodb.MongoSocketWriteException: Exception sending message}, caused by {javax.net.ssl.SSLHandshakeException: No subject alternative names present}, caused by {java.security.cert.CertificateException: No subject alternative names present}}]
2024-02-01 09:36:44 platform >     at com.mongodb.internal.connection.BaseCluster.createTimeoutException(BaseCluster.java:430) ~[mongodb-driver-core-4.10.2.jar:?]
2024-02-01 09:36:44 platform >     at com.mongodb.internal.connection.BaseCluster.selectServer(BaseCluster.java:125) ~[mongodb-driver-core-4.10.2.jar:?]
2024-02-01 09:36:44 platform >     at com.mongodb.internal.connection.AbstractMultiServerCluster.selectServer(AbstractMultiServerCluster.java:54) ~[mongodb-driver-core-4.10.2.jar:?]
2024-02-01 09:36:44 platform >     at com.mongodb.internal.binding.ClusterBinding.getReadConnectionSource(ClusterBinding.java:116) ~[mongodb-driver-core-4.10.2.jar:?]
2024-02-01 09:36:44 platform >     at com.mongodb.client.internal.ClientSessionBinding.getReadConnectionSource(ClientSessionBinding.java:92) ~[mongodb-driver-sync-4.10.2.jar:?]
2024-02-01 09:36:44 platform >     at com.mongodb.internal.operation.OperationHelper.withSuppliedResource(OperationHelper.java:362) ~[mongodb-driver-core-4.10.2.jar:?]
2024-02-01 09:36:44 platform >     at com.mongodb.internal.operation.OperationHelper.withSourceAndConnection(OperationHelper.java:343) ~[mongodb-driver-core-4.10.2.jar:?]
2024-02-01 09:36:44 platform >     at com.mongodb.internal.operation.CommandOperationHelper.lambda$executeRetryableRead$7(CommandOperationHelper.java:225) ~[mongodb-driver-core-4.10.2.jar:?]
2024-02-01 09:36:44 platform >     at com.mongodb.internal.operation.CommandOperationHelper.lambda$decorateReadWithRetries$3(CommandOperationHelper.java:192) ~[mongodb-driver-core-4.10.2.jar:?]
2024-02-01 09:36:44 platform >     at com.mongodb.internal.async.function.RetryingSyncSupplier.get(RetryingSyncSupplier.java:67) ~[mongodb-driver-core-4.10.2.jar:?]
2024-02-01 09:36:44 platform >     at com.mongodb.internal.operation.CommandOperationHelper.executeRetryableRead(CommandOperationHelper.java:230) ~[mongodb-driver-core-4.10.2.jar:?]
2024-02-01 09:36:44 platform >     at com.mongodb.internal.operation.CommandOperationHelper.executeRetryableRead(CommandOperationHelper.java:212) ~[mongodb-driver-core-4.10.2.jar:?]
2024-02-01 09:36:44 platform >     at com.mongodb.internal.operation.ListDatabasesOperation.execute(ListDatabasesOperation.java:124) ~[mongodb-driver-core-4.10.2.jar:?]
2024-02-01 09:36:44 platform >     at com.mongodb.internal.operation.ListDatabasesOperation.execute(ListDatabasesOperation.java:51) ~[mongodb-driver-core-4.10.2.jar:?]
2024-02-01 09:36:44 platform >     at com.mongodb.client.internal.MongoClientDelegate$DelegateOperationExecutor.execute(MongoClientDelegate.java:153) ~[mongodb-driver-sync-4.10.2.jar:?]
2024-02-01 09:36:44 platform >     at com.mongodb.client.internal.MongoIterableImpl.execute(MongoIterableImpl.java:130) ~[mongodb-driver-sync-4.10.2.jar:?]
2024-02-01 09:36:44 platform >     at com.mongodb.client.internal.MongoIterableImpl.iterator(MongoIterableImpl.java:90) ~[mongodb-driver-sync-4.10.2.jar:?]
2024-02-01 09:36:44 platform >     at com.mongodb.client.internal.MappingIterable.iterator(MappingIterable.java:42) ~[mongodb-driver-sync-4.10.2.jar:?]
2024-02-01 09:36:44 platform >     at com.mongodb.client.internal.MappingIterable.iterator(MappingIterable.java:30) ~[mongodb-driver-sync-4.10.2.jar:?]
2024-02-01 09:36:44 platform >     at java.base/java.lang.Iterable.spliterator(Iterable.java:101) ~[?:?]
2024-02-01 09:36:44 platform >     at io.airbyte.integrations.source.mongodb.MongoUtil.checkDatabaseExists(MongoUtil.java:84) ~[io.airbyte.airbyte-integrations.connectors-source-mongodb-v2-0.50.45.jar:?]
2024-02-01 09:36:44 platform >     at io.airbyte.integrations.source.mongodb.MongoDbSource.check(MongoDbSource.java:56) [io.airbyte.airbyte-integrations.connectors-source-mongodb-v2-0.50.45.jar:?]
2024-02-01 09:36:44 platform >     at io.airbyte.cdk.integrations.base.IntegrationRunner.runInternal(IntegrationRunner.java:153) [airbyte-cdk-core-0.16.3.jar:?]
2024-02-01 09:36:44 platform >     at io.airbyte.cdk.integrations.base.IntegrationRunner.run(IntegrationRunner.java:125) [airbyte-cdk-core-0.16.3.jar:?]
2024-02-01 09:36:44 platform >     at io.airbyte.integrations.source.mongodb.MongoDbSource.main(MongoDbSource.java:45) [io.airbyte.airbyte-integrations.connectors-source-mongodb-v2-0.50.45.jar:?]
2024-02-01 09:36:44 platform > 2024-02-01 09:36:44 INFO i.a.c.i.b.IntegrationRunner(runInternal):231 - Completed integration: io.airbyte.integrations.source.mongodb.MongoDbSource
2024-02-01 09:36:44 platform > 2024-02-01 09:36:44 INFO i.a.i.s.m.MongoDbSource(main):46 - completed source: class io.airbyte.integrations.source.mongodb.MongoDbSource
2024-02-01 09:36:44 platform > Check connection job received output: io.airbyte.config.StandardCheckConnectionOutput@7d598ac9[status=failed,message=Timed out after 30000 ms while waiting for a server that matches ReadPreferenceServerSelector{readPreference=primary}. Client view of cluster state is {type=REPLICA_SET, servers=[{address=20.42.3.6:7688, type=UNKNOWN, state=CONNECTING, exception={com.mongodb.MongoSocketWriteException: Exception sending message}, caused by {javax.net.ssl.SSLHandshakeException: No subject alternative names present}, caused by {java.security.cert.CertificateException: No subject alternative names present}}, {address=20.42.3.5:7688, type=UNKNOWN, state=CONNECTING, exception={com.mongodb.MongoSocketWriteException: Exception sending message}, caused by {javax.net.ssl.SSLHandshakeException: No subject alternative names present}, caused by {java.security.cert.CertificateException: No subject alternative names present}}],additionalProperties={}]
2024-02-01 09:36:45 platform > 
2024-02-01 09:36:45 platform > ----- END CHECK -----
2024-02-01 09:36:45 platform >

ON ORIGINAL DOCKER IMAGE (airbyte/source-mongodb-v2:1.2.4): I am Getting This error:


Timed out after 30000 ms while waiting for a server that matches ReadPreferenceServerSelector{readPreference=primary}. Client view of cluster state is {type=REPLICA_SET, servers=[{address=20.42.3.6:7688, type=UNKNOWN, state=CONNECTING, exception={com.mongodb.MongoSocketWriteException: Exception sending message}, caused by {javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target}, caused by {sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target}, caused by {sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target}}, {address=20.42.3.5:7688, type=UNKNOWN, state=CONNECTING, exception={com.mongodb.MongoSocketWriteException: Exception sending message}, caused by {javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target}, caused by {sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target}, caused by {sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target}}]

Contribute

marcosmarxm commented 9 months ago

@Sampad-Hegde I'd strongly recommend to tag your new version as dev instead of an official version. I found this discussion about the error you got and maybe there are some code changes needed to be done to make the connector work properly with certificates. Maybe took a look in other connectors that support certifies how they're doing the implementation.

sspakush commented 8 months ago

Unfortunately we encountered the same problem. I wanted to disable verification in the form -Dcom.sun.jndi.ldap.object.disableEndpointIdentification=true but did not find an vmoption to start the connector

Sampad-Hegde commented 8 months ago

Yes @sskhandek, I have tried setting it in JAVA_OPTS, as well as tried to set it in the env variable still it didn't get disabled.

@marcosmarxm I agree with you; but It's ok to give any tag to docker image while building/running in local, moreover I just want to test the connection and working piece of this connector, Then I would have done proper naming and setup. That stack overflow methods are tried already except changing the source code approach. You can see in my docker image build process.