-
Bug
-
Resolution: Done
-
High
-
Beijing Release
-
None
-
SB-07 HEAT
-
Policy Beijing RC1
Testing of control loop with fake data in AAI.
DMaaP event from VES to TCA to Policy.
Drools query to AAI fails at SSL handshake level.
Error message below on Cert path.
[2018-04-18T20:55:10.056+00:00|INFO|ControlLoopEventManager|Session org.onap.policy-engine.drools.amsterdam:policy-amsterdam-rules:0.4.0:closedloop-amsterdam] AAI Host URL by VNF name: https://aai.api.simpledemo.openecomp.org:8443/aai/v11/network/generic-vnfs/generic-vnf?vnf-name=
[2018-04-18T20:55:10.075+00:00|ERROR|RESTManager|Session org.onap.policy-engine.drools.amsterdam:policy-amsterdam-rules:0.4.0:closedloop-amsterdam] Failed to GET to https://aai.api.simpledemo.openecomp.org:8443/aai/v11/network/generic-vnfs/generic-vnf?vnf-name=vFWCntlLoopHealth1
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1964)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:328)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:322)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1614)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1052)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:987)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1072)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1385)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1413)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1397)
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:396)
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:355)
at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142)
at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:373)
at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:381)
at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:237)
at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:185)
at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89)
at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:111)
at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:108)
at org.onap.policy.rest.RESTManager.get(RESTManager.java:132)
at org.onap.policy.aai.AaiManager.getQuery(AaiManager.java:171)
at org.onap.policy.aai.AaiManager.getQueryByVnfName(AaiManager.java:145)
at org.onap.policy.controlloop.eventmanager.ControlLoopEventManager.getAAIVnfInfo(ControlLoopEventManager.java:782)
at org.onap.policy.controlloop.eventmanager.ControlLoopEventManager.queryAai(ControlLoopEventManager.java:654)
at org.onap.policy.controlloop.eventmanager.ControlLoopEventManager.onNewEvent(ControlLoopEventManager.java:513)
at org.onap.policy.controlloop.Rule_com$u46$Config_BRMS_Param_BRMSParamvFirewall$u46$EVENT$u46$MANAGER843398118.defaultConsequence(Rule_com$u46$Config_BRMS_Param_BRMSParamvFirewall$u46$EVENT$u46$MANAGER843398118.java:16)
at org.onap.policy.controlloop.Rule_com$u46$Config_BRMS_Param_BRMSParamvFirewall$u46$EVENT$u46$MANAGER843398118DefaultConsequenceInvokerGenerated.evaluate(Unknown Source)
at org.onap.policy.controlloop.Rule_com$u46$Config_BRMS_Param_BRMSParamvFirewall$u46$EVENT$u46$MANAGER843398118DefaultConsequenceInvoker.evaluate(Unknown Source)
at org.drools.core.common.DefaultAgenda.fireActivation(DefaultAgenda.java:1052)
at org.drools.core.phreak.RuleExecutor.fire(RuleExecutor.java:121)
at org.drools.core.phreak.RuleExecutor.evaluateNetworkAndFire(RuleExecutor.java:74)
at org.drools.core.common.DefaultAgenda.fireNextItem(DefaultAgenda.java:970)
at org.drools.core.common.DefaultAgenda.fireLoop(DefaultAgenda.java:1312)
at org.drools.core.common.DefaultAgenda.fireUntilHalt(DefaultAgenda.java:1232)
at org.drools.core.impl.StatefulKnowledgeSessionImpl.fireUntilHalt(StatefulKnowledgeSessionImpl.java:1398)
at org.drools.core.impl.StatefulKnowledgeSessionImpl.fireUntilHalt(StatefulKnowledgeSessionImpl.java:1377)
at org.onap.policy.drools.core.PolicySession$DefaultThreadModel.run(PolicySession.java:563)
at java.lang.Thread.run(Thread.java:748)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:397)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:302)
at sun.security.validator.Validator.validate(Validator.java:260)
at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1596)
... 38 common frames omitted
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:392)
... 44 common frames omitted