Closed iansmirlis closed 9 months ago
phax
commented
9 months ago null is definitively a bad explanation ;-)
Do you require an outbound HTTP proxy to access the Internet? If so please make sure the respective configuration properties of the SMP client are set - see https://github.com/phax/peppol-commons#configuration
Otherwise, the log file might give a hint about what's going wrong???
iansmirlis
commented
9 months ago Do you require an outbound HTTP proxy to access the Internet? If so please make sure the respective configuration properties of the SMP client are set - see https://github.com/phax/peppol-commons#configuration
A proxy is not needed and everything proxy related is commented out in the configuration. I also did the following curl request from the same machine, which succeeds.
$ curl http://B-c0b6b41e25355fa5c8d2a568a0ac68f3.iso6523-actorid-upis.acc.edelivery.tech.ec.europa.eu/iso6523-actorid-upis%3A%3A9922%3Angtbcntrlp1001/services/busdox-docid-qns%3A%3Aurn%3Aoasis%3Anames%3Aspecification%3Aubl%3Aschema%3Axsd%3AInvoice-2%3A%3AInvoice%23%23urn%3Acen.eu%3Aen16931%3A2017%23compliant%23urn%3Afdc%3Apeppol.eu%3A2017%3Apoacc%3Abilling%3A3.0%3A%3A2.1Otherwise, the log file might give a hint about what's going wrong???
This is the only thing that I can see in the logs. If I understand correctly, before requesting the SMP the client has already made an SML request which succeeded?
I set the global.debug=true and production=true and false and I modified the example from here https://github.com/phax/phase4/blob/7c4e27a6d13d707d0a160eaf66d4dd44059bdbf6/phase4-peppol-client/src/test/java/com/helger/phase4/peppol/MainPhase4PeppolSenderSbdh.java#L70-L77 since I have an sbd header
Running on linux, maybe some issue with the request construction and CR LF in the headers, system default encoding and such things? (OpenJDK 17 by the way) Is there a way to enforce more detailed logging?
phax
commented
9 months ago Okay, thanks for the info. As this error directly comes from Apache HttpClient I can only do some additional guessing.
Ah Java 17: please add smpClient.setSecureValidation (false) as SHA-1 is forbidden for XMLDsig since Java 17 (you need to extract SMPClientReadOnly into a local variable)
Should be no issue with Linux, system encoding etc. phase4 is running on multiple different OS without issues.
Regarding the extended logging: when you use SpringBoot, it uses Logback in the background - please consult the SpringBoot documentation for how to increase the log level there. I guess https://www.baeldung.com/spring-boot-logging is a good start. Otherwise let me know from what example you started.
Quick info: the "SML" is not really queried. It's an immediate DNS CNAME lookup. It's just a dynamically created DNS record. See dig B-c0b6b41e25355fa5c8d2a568a0ac68f3.iso6523-actorid-upis.acc.edelivery.tech.ec.europa.eu:
; <<>> DiG 9.16.1-Ubuntu <<>> B-c0b6b41e25355fa5c8d2a568a0ac68f3.iso6523-actorid-upis.acc.edelivery.tech.ec.europa.eu
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11823
;; flags: qr rd ad; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;B-c0b6b41e25355fa5c8d2a568a0ac68f3.iso6523-actorid-upis.acc.edelivery.tech.ec.europa.eu. IN A
;; ANSWER SECTION:
B-c0b6b41e25355fa5c8d2a568a0ac68f3.iso6523-actorid-upis.acc.edelivery.tech.ec.europa.eu. 0 IN CNAME PP-PROD-SMP.publisher.acc.edelivery.tech.ec.europa.eu.
PP-PROD-SMP.publisher.acc.edelivery.tech.ec.europa.eu. 0 IN CNAME smp.playground.peppol.eu.
smp.playground.peppol.eu. 0 IN CNAME playground-alb-production-210063210.eu-west-1.elb.amazonaws.com.
playground-alb-production-210063210.eu-west-1.elb.amazonaws.com. 0 IN A 54.77.207.120
playground-alb-production-210063210.eu-west-1.elb.amazonaws.com. 0 IN A 52.50.58.198
playground-alb-production-210063210.eu-west-1.elb.amazonaws.com. 0 IN A 34.252.219.29
;; Query time: 330 msec
;; SERVER: 172.31.128.1#53(172.31.128.1)
;; WHEN: Wed Nov 15 20:16:18 CET 2023
;; MSG SIZE rcvd: 562And btw. please use the "Subject CN" from your certificate as the value of senderParty.
iansmirlis
commented
9 months ago Thanks I will check these tomorrow as I don't have access to this machine anymore.
If everything fails, I will dump the http traffic to see what's wrong. I will revert
Thanks again.
phax
commented
9 months ago Okay, good luck with that. If you send me an email (see pom.xml) I can invite you to my Slack for quicker communication
iansmirlis
commented
9 months ago Ah Java 17: please add smpClient.setSecureValidation (false) as SHA-1 is forbidden for XMLDsig since Java 17 (you need to extract SMPClientReadOnly into a local variable)
Yes that did the trick, thanks.
I really appreciate your invitation to slack, I will definitely send you. I won't bother you with such issues, but I might need help in the future with any protocol specific details.
Thanks again
I get the following error during testbed:
I am able to do the SMP query with curl correctly from a terminal, however there is something wrong when I use the Phase4PeppolSender
Any ideas what to check?
Thanks