AngledLuffa
commented
1 year ago Would you back up a bit and explain what you did to run the application?
Open mmeytin opened 1 year ago
AngledLuffa
commented
1 year ago Would you back up a bit and explain what you did to run the application?
Illumin80
commented
6 months ago I have the same issue.
I build this dockerfile:
#Use an Ubuntu base image
FROM ubuntu:latest
#Update packages
RUN apt-get update
#Install Java
RUN apt-get install -y default-jre
#Install wget to download files
RUN apt-get install -y wget
#Download Stanford CoreNLP
RUN wget https://nlp.stanford.edu/software/stanford-corenlp-4.5.6.zip
#Unzip Stanford CoreNLP
RUN apt-get install -y unzip
RUN unzip stanford-corenlp-4.5.6.zip
#Set the working directory to the unzipped CoreNLP directory
WORKDIR /stanford-corenlp-4.5.6
#Expose port 9000 for CoreNLP server
EXPOSE 9000
#Start Stanford CoreNLP server
CMD java -cp "*" edu.stanford.nlp.pipeline.StanfordCoreNLPServer -port 9000 -timeout 15000 -ssl -key /tmp/corenlp/corenlp.jksAnd run it with:
sudo docker run -i -p 9000:9000 -v /home/path/to/jksfile/directory:/tmp/corenlp corenlp:latest
With a jks-file at the location
/home/path/to/jksfile/directory/corenlp.jks
I beforehand created this jks-file with this command:
keytool -importcert -file "mycertificate.cer" -keystore corenlp.jks -alias "corenlp"
Running this command, I was required to enter a password to secure this .jks file.
Then, when trying to run the docker container, I get the same Error as @mmeytin :
[main] INFO CoreNLP - --- StanfordCoreNLPServer#main() called ---
[main] INFO CoreNLP - Server default properties:
(Note: unspecified annotator properties are English defaults)
inputFormat = text
outputFormat = json
prettyPrint = false
[main] INFO CoreNLP - Threads: 2
[main] INFO CoreNLP - Starting server...
[main] INFO CoreNLP - Adding SSL context to server; key=/tmp/corenlp/corenlp.jks
Exception in thread "main" java.lang.RuntimeException: java.io.IOException: keystore password was incorrect
at edu.stanford.nlp.pipeline.StanfordCoreNLPServer.addSSLContext(StanfordCoreNLPServer.java:1644)
at edu.stanford.nlp.pipeline.StanfordCoreNLPServer.run(StanfordCoreNLPServer.java:1734)
at edu.stanford.nlp.pipeline.StanfordCoreNLPServer.launchServer(StanfordCoreNLPServer.java:1834)
at edu.stanford.nlp.pipeline.StanfordCoreNLPServer.main(StanfordCoreNLPServer.java:1841)
Caused by: java.io.IOException: keystore password was incorrect
at java.base/sun.security.pkcs12.PKCS12KeyStore.engineLoad(PKCS12KeyStore.java:2097)
at java.base/sun.security.util.KeyStoreDelegator.engineLoad(KeyStoreDelegator.java:249)
at java.base/java.security.KeyStore.load(KeyStore.java:1500)
at edu.stanford.nlp.pipeline.StanfordCoreNLPServer.addSSLContext(StanfordCoreNLPServer.java:1619)
... 3 more
Caused by: java.security.UnrecoverableKeyException: failed to decrypt safe contents entry: javax.crypto.BadPaddingException: Given final block not properly padded. Such issues can arise if a bad key is used during decryption.
... 7 more
[Thread-0] INFO CoreNLP - CoreNLP Server is shutting down.
Update: I found a temporary workaround:
It seems, that the line that throws the exception is trying to open the .jks file with the hard coded password "corenlp"
This means that when you set the password of your .jks file also to "corenlp", it executes correctly.
However, I would propose to either include this information into the documentation of the API or to add a way to provide the password of the .jks file somewhere in the command
I hope this helped
We attempted to use -ssl and -key options to establish SSL communication with the CoreNLP server per the documentation. The application crashes with exception below because it's not possible to pass a password for a password-protected Java keystore file. Is there another recommended method for enabling SSL-protected communication with the CoreNLP server? Thank you!