-
Bug
-
Resolution: Done
-
Medium
-
Frankfurt Release
installCerts.py Script Corrupt SDNC-ODL Keystore/Truststore when process multiple set of Certificates.
While Puting changes for INT-1295 (Update E2E integration test for NETCONF/TLS configuration in R6) issue occured when installCert.py script was invoked to add client Cert, Client Key and CA cert to SDNC-ODL keystore.
Once the Certs are added Simulater Node is connected over TLS and Node connection failed with below Exception :
{{javax.net.ssl.SSLException: Connection has been shutdown: javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.checkEOF(SSLSocketImpl.java:1172) at com.sun.net.ssl.internal.ssl.AppInputStream.read(AppInputStream.java:65) at net.schubart.fixme.internal.MessageInput.readExactly(MessageInput.java:166) at net.schubart.fixme.internal.MessageInput.readMessage(MessageInput.java:78) at cc.aot.itsWeb.ClientWriterThread.run(ClientWriterThread.java:241) at java.lang.Thread.run(Thread.java:619)clientWriter.readyCaused by: javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174) at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:136) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1586) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:865) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1029) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:621) at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59) at java.io.OutputStream.write(OutputStream.java:58) at net.schubart.fixme.internal.Message.write(Message.java:267) at net.schubart.fixme.internal.MessageOutput.writeMessage(MessageOutput.java:53)}}
java ssl
*Note*
If SDNC-ODL keystore is manually populated using the same JKS/PEM files Node is connected without any issue.
- blocks
-
INT-1295 Update e2e integration test for NETCONF/TLS configuration in R6
- Closed