You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@airavata.apache.org by "Marcus Christie (Jira)" <ji...@apache.org> on 2021/03/01 21:29:00 UTC

[jira] [Comment Edited] (AIRAVATA-3405) Error invoking Keycloak REST: InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty

    [ https://issues.apache.org/jira/browse/AIRAVATA-3405?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17293181#comment-17293181 ] 

Marcus Christie edited comment on AIRAVATA-3405 at 3/1/21, 9:28 PM:
--------------------------------------------------------------------

In case this was caused by a JDK upgrade, I've switched our server to only automatically download and apply security updates (setting {{update_cmd = security}} in {{/etc/yum/yum-cron.conf}}). This could in theory include JDK upgrades as well, but at least it will be less frequent. In general I would argue for only automatically applying security updates and not general updates, to minimize the chance of breakage.



was (Author: marcuschristie):
In case this was caused by a JDK upgrade, I've switched our server to only automatically download and apply security updates. This could in theory include JDK upgrades as well, but at least it will be less frequent. In general I would argue for only automatically applying security updates and not general updates, to minimize the chance of breakage.

> Error invoking Keycloak REST: InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
> --------------------------------------------------------------------------------------------------------------
>
>                 Key: AIRAVATA-3405
>                 URL: https://issues.apache.org/jira/browse/AIRAVATA-3405
>             Project: Airavata
>          Issue Type: Bug
>          Components: Keycloak Authentication, Security
>            Reporter: Marcus Christie
>            Assignee: Marcus Christie
>            Priority: Major
>
> {code}
> 2021-01-27 09:09:35,433 [pool-38-thread-10295] ERROR o.a.a.s.p.h.IamAdminServicesHandler  - Error while retrieving user
>  profile from IAM backend, reason: RESTEASY004655: Unable to invoke request
> javax.ws.rs.ProcessingException: RESTEASY004655: Unable to invoke request
>         at org.jboss.resteasy.client.jaxrs.engines.ApacheHttpClient4Engine.invoke(ApacheHttpClient4Engine.java:287)
>         at org.jboss.resteasy.client.jaxrs.internal.ClientInvocation.invoke(ClientInvocation.java:436)
>         at org.jboss.resteasy.client.jaxrs.internal.proxy.ClientInvoker.invoke(ClientInvoker.java:102)
>         at org.jboss.resteasy.client.jaxrs.internal.proxy.ClientProxy.invoke(ClientProxy.java:64)
>         at com.sun.proxy.$Proxy55.search(Unknown Source)
>         at org.apache.airavata.service.profile.iam.admin.services.core.impl.TenantManagementKeycloakImpl.getUsers(Tenan
> tManagementKeycloakImpl.java:499)
>         at org.apache.airavata.service.profile.handlers.IamAdminServicesHandler.getUsers(IamAdminServicesHandler.java:1
> 97)
>         at org.apache.airavata.service.profile.iam.admin.services.cpi.IamAdminServices$Processor$getUsers.getResult(Iam
> AdminServices.java:1382)
>         at org.apache.airavata.service.profile.iam.admin.services.cpi.IamAdminServices$Processor$getUsers.getResult(Iam
> AdminServices.java:1366)
>         at org.apache.thrift.ProcessFunction.process(ProcessFunction.java:39)
>         at org.apache.thrift.TBaseProcessor.process(TBaseProcessor.java:39)
>         at org.apache.thrift.TMultiplexedProcessor.process(TMultiplexedProcessor.java:123)
>         at org.apache.thrift.server.TThreadPoolServer$WorkerProcess.run(TThreadPoolServer.java:286)
>         at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
>         at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
>         at java.base/java.lang.Thread.run(Thread.java:834)
> Caused by: javax.net.ssl.SSLException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnc
> hors parameter must be non-empty
>         at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:133)
>         at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:350)
>         at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:293)
>         at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:288)
>         at java.base/sun.security.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1581)
>         at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:453)
>         at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:411)
>         at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:553)
>         at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:412)
>         at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.jav
> a:179)
>         at org.apache.http.impl.conn.ManagedClientConnectionImpl.open(ManagedClientConnectionImpl.java:328)
>         at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:612)
>         at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:447)
>         at org.apache.http.impl.client.AbstractHttpClient.doExecute(AbstractHttpClient.java:884)
>         at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82)
>         at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:55)
>         at org.jboss.resteasy.client.jaxrs.engines.ApacheHttpClient4Engine.invoke(ApacheHttpClient4Engine.java:283)
>         ... 15 common frames omitted
> {code}



--
This message was sent by Atlassian Jira
(v8.3.4#803005)