Uploaded image for project: 'Common Controller SDK'
  1. Common Controller SDK
  2. CCSDK-624

PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

    XMLWordPrintable

Details

    Description

      2018-10-24T12:22:14,405 | INFO | qtp1098839729-85 | RequestValidatorImpl | 447 - appc-common-bundle - 1.4.1.SNAPSHOT | AAIService from bundlecontext
      2018-10-24T12:22:14,423 | INFO | qtp1098839729-85 | AAIService | 205 - org.onap.ccsdk.sli.adaptors.aai-service-provider - 0.3.0 | AAI Deprecation - the format of request key is no longer supported. Please rewrite this key : vnf-id = 'vCPE_Infrastructure_vGMUX_demo_app'
      2018-10-24T12:22:14,424 | INFO | qtp1098839729-85 | AAIService | 205 - org.onap.ccsdk.sli.adaptors.aai-service-provider - 0.3.0 | Input - vnf-id : vCPE_Infrastructure_vGMUX_demo_app
      2018-10-24T12:22:14,429 | INFO | qtp1098839729-85 | AAIService | 205 - org.onap.ccsdk.sli.adaptors.aai-service-provider - 0.3.0 | A&AI transaction :
      2018-10-24T12:22:14,430 | INFO | qtp1098839729-85 | AAIService | 205 - org.onap.ccsdk.sli.adaptors.aai-service-provider - 0.3.0 | Request Time : 2018-10-24T12:22:14.429Z, Method : GET
      2018-10-24T12:22:14,430 | INFO | qtp1098839729-85 | AAIService | 205 - org.onap.ccsdk.sli.adaptors.aai-service-provider - 0.3.0 | Request URL : https://aai.onap:8443/aai/v14/network/generic-vnfs/generic-vnf/vCPE_Infrastructure_vGMUX_demo_app
      2018-10-24T12:22:14,439 | INFO | qtp1098839729-85 | AAIService | 205 - org.onap.ccsdk.sli.adaptors.aai-service-provider - 0.3.0 | Missing requestID. Assigned bfbe965d-7e5c-4cd1-9883-50d07c70b4f7
      2018-10-24T12:22:14,458 | WARN | qtp1098839729-85 | AAIService | 205 - org.onap.ccsdk.sli.adaptors.aai-service-provider - 0.3.0 |
      javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
      at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) [?:?]
      at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1964) [?:?]
      at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:328) [?:?]
      at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:322) [?:?]
      at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1614) [?:?]
      at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216) [?:?]
      at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1052) [?:?]
      at sun.security.ssl.Handshaker.process_record(Handshaker.java:987) [?:?]
      at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1072) [?:?]
      at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1385) [?:?]
      at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1413) [?:?]
      at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1397) [?:?]
      at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559) [?:?]
      at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) [?:?]
      at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1564) [?:?]
      at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1492) [?:?]
      at java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:480) [?:?]
      at sun.net.www.protocol.https.HttpsURLConnectionImpl.getResponseCode(HttpsURLConnectionImpl.java:347) [?:?]
      at org.onap.ccsdk.sli.adaptors.aai.AAIClientRESTExecutor.get(AAIClientRESTExecutor.java:243) [205:org.onap.ccsdk.sli.adaptors.aai-service-provider:0.3.0]
      at org.onap.ccsdk.sli.adaptors.aai.AAIDeclarations.newModelQuery(AAIDeclarations.java:789) [205:org.onap.ccsdk.sli.adaptors.aai-service-provider:0.3.0]
      at org.onap.ccsdk.sli.adaptors.aai.AAIDeclarations.query(AAIDeclarations.java:186) [205:org.onap.ccsdk.sli.adaptors.aai-service-provider:0.3.0]
      at org.onap.ccsdk.sli.adaptors.aai.AAIService.query(AAIService.java:1398) [205:org.onap.ccsdk.sli.adaptors.aai-service-provider:0.3.0]
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:?]
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:?]
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:?]
      at java.lang.reflect.Method.invoke(Method.java:498) ~[?:?]
      at org.apache.aries.proxy.impl.ProxyHandler$1.invoke(ProxyHandler.java:54) [97:org.apache.aries.proxy:1.1.1]
      at org.apache.aries.proxy.impl.ProxyHandler.invoke(ProxyHandler.java:119) [97:org.apache.aries.proxy:1.1.1]
      at org.onap.ccsdk.sli.adaptors.aai.$AAIService470608880.query(Unknown Source) [205:org.onap.ccsdk.sli.adaptors.aai-service-provider:0.3.0]
      at org.onap.appc.requesthandler.impl.RequestValidatorImpl.getVnfdata(RequestValidatorImpl.java:449) [529:appc-request-handler-core:1.4.1.SNAPSHOT]
      at org.onap.appc.requesthandler.impl.RequestValidatorImpl.queryAAI(RequestValidatorImpl.java:432) [529:appc-request-handler-core:1.4.1.SNAPSHOT]
      at org.onap.appc.requesthandler.impl.RequestValidatorImpl.validateRequest(RequestValidatorImpl.java:203) [529:appc-request-handler-core:1.4.1.SNAPSHOT]
      at org.onap.appc.requesthandler.impl.AbstractRequestHandlerImpl.handleRequest(AbstractRequestHandlerImpl.java:153) [529:appc-request-handler-core:1.4.1.SNAPSHOT]
      at Proxy5702221d_525c_4a4f_badf_827d0d8270e8.handleRequest(Unknown Source) [?:?]
      at org.onap.appc.provider.lcm.service.RequestExecutor.executeRequest(RequestExecutor.java:84) [537:org.onap.appc.provider-bundle:1.4.1.SNAPSHOT]
      at org.onap.appc.provider.AppcProviderLcm.executeRequest(AppcProviderLcm.java:1181) [537:org.onap.appc.provider-bundle:1.4.1.SNAPSHOT]
      at org.onap.appc.provider.AppcProviderLcm.restart(AppcProviderLcm.java:197) [537:org.onap.appc.provider-bundle:1.4.1.SNAPSHOT]
      at org.opendaylight.yangtools.yang.binding.util.RpcMethodInvokerWithInput.invokeOn(RpcMethodInvokerWithInput.java:32) [330:org.opendaylight.mdsal.yang-binding:0.12.3]
      at org.opendaylight.yangtools.yang.binding.util.AbstractMappedRpcInvoker.invokeRpc(AbstractMappedRpcInvoker.java:53) [330:org.opendaylight.mdsal.yang-binding:0.12.3]
      at org.opendaylight.controller.md.sal.binding.impl.BindingDOMRpcImplementationAdapter.invoke(BindingDOMRpcImplementationAdapter.java:83) [254:org.opendaylight.controller.sal-binding-broker-impl:1.7.3]
      at org.opendaylight.controller.md.sal.binding.impl.BindingDOMRpcImplementationAdapter.invokeRpc(BindingDOMRpcImplementationAdapter.java:70) [254:org.opendaylight.controller.sal-binding-broker-impl:1.7.3]
      at org.opendaylight.controller.md.sal.dom.broker.impl.GlobalDOMRpcRoutingTableEntry.invokeRpc(GlobalDOMRpcRoutingTableEntry.java:41) [257:org.opendaylight.controller.sal-broker-impl:1.7.3]
      at org.opendaylight.controller.md.sal.dom.broker.impl.DOMRpcRoutingTable.invokeRpc(DOMRpcRoutingTable.java:178) [257:org.opendaylight.controller.sal-broker-impl:1.7.3]
      at org.opendaylight.controller.md.sal.dom.broker.impl.DOMRpcRouter.invokeRpc(DOMRpcRouter.java:102) [257:org.opendaylight.controller.sal-broker-impl:1.7.3]
      at Proxy5fa43acd_9aa6_46c3_9954_9ff881c8afd0.invokeRpc(Unknown Source) [?:?]
      at Proxy54764413_9146_40be_9b24_8968a48012b7.invokeRpc(Unknown Source) [?:?]
      at org.opendaylight.netconf.sal.restconf.impl.BrokerFacade.invokeRpc(BrokerFacade.java:523) [336:org.opendaylight.netconf.restconf-nb-bierman02:1.7.3]
      at org.opendaylight.netconf.sal.restconf.impl.RestconfImpl.invokeRpc(RestconfImpl.java:463) [336:org.opendaylight.netconf.restconf-nb-bierman02:1.7.3]
      at org.opendaylight.netconf.sal.restconf.impl.StatisticsRestconfServiceWrapper.invokeRpc(StatisticsRestconfServiceWrapper.java:86) [336:org.opendaylight.netconf.restconf-nb-bierman02:1.7.3]
      at org.opendaylight.netconf.sal.rest.impl.RestconfCompositeWrapper.invokeRpc(RestconfCompositeWrapper.java:64) [336:org.opendaylight.netconf.restconf-nb-bierman02:1.7.3]
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:?]
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:?]
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:?]
      at java.lang.reflect.Method.invoke(Method.java:498) ~[?:?]
      at com.sun.jersey.spi.container.JavaMethodInvokerFactory$1.invoke(JavaMethodInvokerFactory.java:60) [17:com.sun.jersey.jersey-server:1.19.4]
      at com.sun.jersey.server.impl.model.method.dispatch.AbstractResourceMethodDispatchProvider$TypeOutInvoker._dispatch(AbstractResourceMethodDispatchProvider.java:185) [17:com.sun.jersey.jersey-server:1.19.4]
      at com.sun.jersey.server.impl.model.method.dispatch.ResourceJavaMethodDispatcher.dispatch(ResourceJavaMethodDispatcher.java:75) [17:com.sun.jersey.jersey-server:1.19.4]
      at com.sun.jersey.server.impl.uri.rules.HttpMethodRule.accept(HttpMethodRule.java:302) [17:com.sun.jersey.jersey-server:1.19.4]
      at com.sun.jersey.server.impl.uri.rules.RightHandPathRule.accept(RightHandPathRule.java:147) [17:com.sun.jersey.jersey-server:1.19.4]
      at com.sun.jersey.server.impl.uri.rules.ResourceObjectRule.accept(ResourceObjectRule.java:100) [17:com.sun.jersey.jersey-server:1.19.4]
      at com.sun.jersey.server.impl.uri.rules.RightHandPathRule.accept(RightHandPathRule.java:147) [17:com.sun.jersey.jersey-server:1.19.4]
      at com.sun.jersey.server.impl.uri.rules.RootResourceClassesRule.accept(RootResourceClassesRule.java:84) [17:com.sun.jersey.jersey-server:1.19.4]
      at com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(WebApplicationImpl.java:1542) [17:com.sun.jersey.jersey-server:1.19.4]
      at com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(WebApplicationImpl.java:1473) [17:com.sun.jersey.jersey-server:1.19.4]
      at com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(WebApplicationImpl.java:1419) [17:com.sun.jersey.jersey-server:1.19.4]
      at com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(WebApplicationImpl.java:1409) [17:com.sun.jersey.jersey-server:1.19.4]
      at com.sun.jersey.spi.container.servlet.WebComponent.service(WebComponent.java:409) [18:com.sun.jersey.servlet:1.19.4]
      at com.sun.jersey.spi.container.servlet.ServletContainer.service(ServletContainer.java:558) [18:com.sun.jersey.servlet:1.19.4]
      at com.sun.jersey.spi.container.servlet.ServletContainer.service(ServletContainer.java:733) [18:com.sun.jersey.servlet:1.19.4]
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) [79:javax.servlet-api:3.1.0]
      at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:848) [174:org.eclipse.jetty.servlet:9.3.21.v20170918]
      at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1772) [174:org.eclipse.jetty.servlet:9.3.21.v20170918]
      at org.eclipse.jetty.websocket.server.WebSocketUpgradeFilter.doFilter(WebSocketUpgradeFilter.java:205) [184:org.eclipse.jetty.websocket.server:9.3.21.v20170918]
      at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1759) [174:org.eclipse.jetty.servlet:9.3.21.v20170918]
      at org.eclipse.jetty.servlets.CrossOriginFilter.handle(CrossOriginFilter.java:308) [175:org.eclipse.jetty.servlets:9.3.21.v20170918]
      at org.eclipse.jetty.servlets.CrossOriginFilter.doFilter(CrossOriginFilter.java:262) [175:org.eclipse.jetty.servlets:9.3.21.v20170918]
      at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1759) [174:org.eclipse.jetty.servlet:9.3.21.v20170918]
      at org.eclipse.jetty.servlets.GzipFilter.doFilter(GzipFilter.java:51) [175:org.eclipse.jetty.servlets:9.3.21.v20170918]
      at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1759) [174:org.eclipse.jetty.servlet:9.3.21.v20170918]
      at org.opendaylight.aaa.filterchain.filters.CustomFilterAdapter.doFilter(CustomFilterAdapter.java:103) [231:org.opendaylight.aaa.filterchain:0.7.3]
      at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1759) [174:org.eclipse.jetty.servlet:9.3.21.v20170918]
      at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:61) [153:org.apache.shiro.web:1.3.2]
      at org.apache.shiro.web.servlet.AdviceFilter.executeChain(AdviceFilter.java:108) [153:org.apache.shiro.web:1.3.2]
      at org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:137) [153:org.apache.shiro.web:1.3.2]
      at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125) [153:org.apache.shiro.web:1.3.2]
      at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:66) [153:org.apache.shiro.web:1.3.2]
      at org.apache.shiro.web.servlet.AdviceFilter.executeChain(AdviceFilter.java:108) [153:org.apache.shiro.web:1.3.2]
      at org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:137) [153:org.apache.shiro.web:1.3.2]
      at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125) [153:org.apache.shiro.web:1.3.2]
      at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:66) [153:org.apache.shiro.web:1.3.2]
      at org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java:449) [153:org.apache.shiro.web:1.3.2]
      at org.apache.shiro.web.servlet.AbstractShiroFilter$1.call(AbstractShiroFilter.java:365) [153:org.apache.shiro.web:1.3.2]
      at org.apache.shiro.subject.support.SubjectCallable.doCall(SubjectCallable.java:90) [152:org.apache.shiro.core:1.3.2]
      at org.apache.shiro.subject.support.SubjectCallable.call(SubjectCallable.java:83) [152:org.apache.shiro.core:1.3.2]
      at org.apache.shiro.subject.support.DelegatingSubject.execute(DelegatingSubject.java:383) [152:org.apache.shiro.core:1.3.2]
      at org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:362) [153:org.apache.shiro.web:1.3.2]
      at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125) [153:org.apache.shiro.web:1.3.2]
      at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1751) [174:org.eclipse.jetty.servlet:9.3.21.v20170918]
      at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:582) [174:org.eclipse.jetty.servlet:9.3.21.v20170918]
      at org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler.doHandle(HttpServiceServletHandler.java:71) [372:org.ops4j.pax.web.pax-web-jetty:6.0.9]
      at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143) [173:org.eclipse.jetty.server:9.3.21.v20170918]
      at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:548) [171:org.eclipse.jetty.security:9.3.21.v20170918]
      at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:226) [173:org.eclipse.jetty.server:9.3.21.v20170918]
      at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1180) [173:org.eclipse.jetty.server:9.3.21.v20170918]
      at org.ops4j.pax.web.service.jetty.internal.HttpServiceContext.doHandle(HttpServiceContext.java:284) [372:org.ops4j.pax.web.pax-web-jetty:6.0.9]
      at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:512) [174:org.eclipse.jetty.servlet:9.3.21.v20170918]
      at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185) [173:org.eclipse.jetty.server:9.3.21.v20170918]
      at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1112) [173:org.eclipse.jetty.server:9.3.21.v20170918]
      at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) [173:org.eclipse.jetty.server:9.3.21.v20170918]
      at org.ops4j.pax.web.service.jetty.internal.JettyServerHandlerCollection.handle(JettyServerHandlerCollection.java:80) [372:org.ops4j.pax.web.pax-web-jetty:6.0.9]
      at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:134) [173:org.eclipse.jetty.server:9.3.21.v20170918]
      at org.eclipse.jetty.server.Server.handle(Server.java:534) [173:org.eclipse.jetty.server:9.3.21.v20170918]
      at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:333) [173:org.eclipse.jetty.server:9.3.21.v20170918]
      at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:251) [173:org.eclipse.jetty.server:9.3.21.v20170918]
      at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:283) [165:org.eclipse.jetty.io:9.3.21.v20170918]
      at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:108) [165:org.eclipse.jetty.io:9.3.21.v20170918]
      at org.eclipse.jetty.io.SelectChannelEndPoint$2.run(SelectChannelEndPoint.java:93) [165:org.eclipse.jetty.io:9.3.21.v20170918]
      at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.executeProduceConsume(ExecuteProduceConsume.java:303) [176:org.eclipse.jetty.util:9.3.21.v20170918]
      at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.produceConsume(ExecuteProduceConsume.java:148) [176:org.eclipse.jetty.util:9.3.21.v20170918]
      at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.run(ExecuteProduceConsume.java:136) [176:org.eclipse.jetty.util:9.3.21.v20170918]
      at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:671) [176:org.eclipse.jetty.util:9.3.21.v20170918]
      at org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:589) [176:org.eclipse.jetty.util:9.3.21.v20170918]
      at java.lang.Thread.run(Thread.java:748) [?:?]
      Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
      at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:397) ~[?:?]
      at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:302) ~[?:?]
      at sun.security.validator.Validator.validate(Validator.java:262) ~[?:?]
      at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324) ~[?:?]
      at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229) ~[?:?]
      at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124) ~[?:?]
      at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1596) ~[?:?]
      ... 118 more
      Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
      at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141) ~[?:?]
      at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126) ~[?:?]
      at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280) ~[?:?]
      at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:392) ~[?:?]
      at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:302) ~[?:?]
      at sun.security.validator.Validator.validate(Validator.java:262) ~[?:?]
      at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324) ~[?:?]
      at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229) ~[?:?]
      at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124) ~[?:?]
      at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1596) ~[?:?]
      ... 118 more

       

      Using the same truststore, openssl verifies the certificate chain successfully:

      root@dev-appc-1:/opt/onap/appc/data/stores# openssl s_client -CAfile truststoreONAPall.pem -connect aai.onap:8443
      CONNECTED(00000003)
      depth=2 OU = OSAAF, O = ONAP, C = US
      verify return:1
      depth=1 C = US, O = ONAP, OU = OSAAF, CN = intermediateCA_1
      verify return:1
      depth=0 C = US, O = ONAP, OU = aai@aai.onap.org, OU = OSAAF, CN = aai
      verify return:1

      Certificate chain
      0 s:/C=US/O=ONAP/OU=aai@aai.onap.org/OU=OSAAF/CN=aai
      i:/C=US/O=ONAP/OU=OSAAF/CN=intermediateCA_1
      1 s:/C=US/O=ONAP/OU=OSAAF/CN=intermediateCA_1
      i:/OU=OSAAF/O=ONAP/C=US

      Server certificate
      ----BEGIN CERTIFICATE----
      MIIFEjCCA/qgAwIBAgIBBjANBgkqhkiG9w0BAQsFADBHMQswCQYDVQQGEwJVUzEN
      MAsGA1UECgwET05BUDEOMAwGA1UECwwFT1NBQUYxGTAXBgNVBAMMEGludGVybWVk
      aWF0ZUNBXzEwHhcNMTgwNjA1MTIxOTU5WhcNMTkwNTMxMTIxOTU5WjBVMQswCQYD
      VQQGEwJVUzENMAsGA1UECgwET05BUDEZMBcGA1UECwwQYWFpQGFhaS5vbmFwLm9y
      ZzEOMAwGA1UECwwFT1NBQUYxDDAKBgNVBAMMA2FhaTCCASIwDQYJKoZIhvcNAQEB
      BQADggEPADCCAQoCggEBAMqVPBjn6pxPhAwRov+ApKxJkuSo/UNbwmc7eYC+eYiY
      SB35uI7Bt8UHWxxBNZdHpFbZUOuL2wWb7JYycML8gbsY2YF440K+X+TVTiVGSkv0
      L8MYwDTuCOn9YtlTEkKE6Wth4WPyEN3ZrQD7j7YGNr/3tK61Eeq/A/qhhksbpuTu
      ReRDdsXzXTwX2sjZXdixv25YJUStH1pSrAHLzM/meeuRoGxq29lj2b5HUW5epc+Y
      D9hd4sKn7Irsv+cLQ1fVtYUSm/kFdygJQGiyi9Bst5ysY2/h+4AWVxzLQ4jjd1NJ
      LM6v8wfV4eTw2qO5+Gd1Bjax13YySKIRnlOffySOtZ0CAwEAAaOCAfkwggH1MAkG
      A1UdEwQCMAAwEQYJYIZIAYb4QgEBBAQDAgbAMDMGCWCGSAGG+EIBDQQmFiRPcGVu
      U1NMIEdlbmVyYXRlZCBTZXJ2ZXIgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFL+SSLja
      c4UNR6q1VUmj+jcRNbeJMFQGA1UdIwRNMEuAFBrUV3JwStNnqevh3GIxsofQ/u+q
      oTCkLjAsMQ4wDAYDVQQLDAVPU0FBRjENMAsGA1UECgwET05BUDELMAkGA1UEBhMC
      VVOCAQIwDgYDVR0PAQH/BAQDAgXgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF
      BQcDAjCB+wYDVR0RBIHzMIHwgghhYWkub25hcIIXYWFpLnNpbXBsZWRlbW8ub25h
      cC5vcmeCG2FhaS5hcGkuc2ltcGxlZGVtby5vbmFwLm9yZ4IaYWFpLnVpLnNpbXBs
      ZWRlbW8ub25hcC5vcmeCJWFhaS5zZWFyY2hzZXJ2aWNlLnNpbXBsZWRlbW8ub25h
      cC5vcmeCHWFhaS5oYmFzZS5zaW1wbGVkZW1vLm9uYXAub3JngiVhYWkuZ3JlbWxp
      bnNlcnZlci5zaW1wbGVkZW1vLm9uYXAub3JngiVhYWkuZWxhc3RpY3NlYXJjaC5z
      aW1wbGVkZW1vLm9uYXAub3JnMA0GCSqGSIb3DQEBCwUAA4IBAQAXeS3TQ9gtJxxz
      vSXrfXdTnCLWMD7qGJqTKpMxDymBrUyyfb630ndGXaU1JVUNgKBD3PufOFxwlR1C
      QH5SLAEnbY+53tUYBeN2NQXwEkX/iReHIKAMGHOuY8IglE7DxBQRhj3v29E6dgQj
      6GlRaDOIvrM9W+rUiQ7xG9ge8S9xo6hkXMvwIuecoUmlHB4/JV3VTeoguxlYhQfz
      f+hetvmOm082i9ZBh7w6KjSUpg8i+zFp1O1l/AbvgKZWwngrNX/MYkSFwZkPWVuD
      D8+Bi7ZQdHOT6anGrK4zGATGkkrPJjhWj7oiEVdgOeOPU8J0v5jZbAJV2e9y7wjp
      ohqJpNC2
      ----END CERTIFICATE----
      subject=/C=US/O=ONAP/OU=aai@aai.onap.org/OU=OSAAF/CN=aai
      issuer=/C=US/O=ONAP/OU=OSAAF/CN=intermediateCA_1

      No client certificate CA names sent
      Peer signing digest: SHA512
      Server Temp Key: ECDH, P-256, 256 bits

      SSL handshake has read 3076 bytes and written 431 bytes

      New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384
      Server public key is 2048 bit
      Secure Renegotiation IS supported
      Compression: NONE
      Expansion: NONE
      No ALPN negotiated
      SSL-Session:
      Protocol : TLSv1.2
      Cipher : ECDHE-RSA-AES256-GCM-SHA384
      Session-ID: B18148009EAF9A692D9F0AB8DBB42BFA03BF98BCF014EA7393A1DEAEF25C6A4A
      Session-ID-ctx:
      Master-Key: 12013168E3E5A4AF1B7C7ACE570546384E725CE5EE7C95D62566F8FA51BA8BBA521E091123F10D42B4FC9C55CEA737F0
      Key-Arg : None
      PSK identity: None
      PSK identity hint: None
      SRP username: None
      TLS session ticket lifetime hint: 300 (seconds)
      TLS session ticket:
      0000 - 93 ae 6a 3a d0 0e cf 3a-29 e3 7e 53 27 38 5b 5d ..j:....~S'8[]
      0010 - e4 c2 be 27 53 b7 10 b0-78 9d 50 81 f8 b3 e5 80 ...'S...x.P.....
      0020 - 8f 8c 30 bd 98 1a 5f 2d-52 88 6c 56 73 0b ea 98 ..0..._-R.lVs...
      0030 - a6 40 29 ba 8e 55 84 57-8c 7e 64 b0 24 8f fc 2e .@)..U.W.~d.$...
      0040 - 3a ce 1d b9 aa 26 05 4d-d4 e9 af 22 8b e4 55 2a :....&.M..."..U*
      0050 - 8d e0 a9 45 47 2b 98 da-39 e2 5b 27 bb a3 8d c6 ...EG+..9.['....
      0060 - 1a 2b 41 60 9f dd fd c2-c9 1b 7b d8 f3 dd d2 52 .+A`......

      {....R 0070 - dd 00 a2 72 0c f8 ae b0-e0 23 e8 fc e5 f8 f5 f2 ...r.....#...... 0080 - 34 d7 1f 90 d9 0d b3 a3-f9 ef 04 a3 d0 7d cc bb 4............}

      ..
      0090 - 26 17 fc 53 a8 8d d5 30-b6 54 63 8d ea 42 3f 4d &..S...0.Tc..B?M

      Start Time: 1540384149
      Timeout : 300 (sec)
      Verify return code: 0 (ok)

      Q
      DONE

       

      Attachments

        Issue Links

          No reviews matched the request. Check your Options in the drop-down menu of this sections header.

          Activity

            People

              richtabedzki Rich Tabedzki
              ah415j Aaron Hay
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: