Code Monkey home page Code Monkey logo

Comments (3)

jongunee avatar jongunee commented on September 28, 2024

I succeeded to add external AAS service with below properties when starting provider connector with this configuration

edc.aas.remoteAasLocation = https://localhost:8443/

Because there were ssl issues due to https protocol, I created keystore.p12 file and used it for fa3st service and provider.
However, I cannot add same fa3st service after starting provider.

Can I know what the problem is?

provider.properties 
# HTTPS config
edc.web.https.keystore.password=password
edc.web.https.keymanager.password=password
edc.web.https.keystore.path=./example/resources/keystore.p12
edc.web.https.keystore.type=PKCS12
# AAS Extension specific
# Supply AAS model + (port XOR AAS service config) for an AAS service internally started by the extension
edc.aas.localAASModelPath=./example/resources/IDTA 02016-1-0 _Template_ControlComponentInstance.aasx
edc.aas.localAASServicePort=8080
edc.aas.onlySubmodels = True
# edc.aas.localAASServiceConfigPath = ./example/resources/config.json
# Provide a URL of an already running AAS service (such as FA³ST, BaSyx)
# edc.aas.remoteAasLocation = https://localhost:8443/
# Period of synchronizing the EDC assetStore with the connected AAS services (in seconds)
edc.aas.syncPeriod=30
# Expose self-description
# Path to a default access policy definition file
# edc.aas.defaultAccessPolicyDefinitionPath = ...
# Path to a default contract policy definition file
# edc.aas.defaultContractPolicyDefinitionPath = ...
# EDC specific, mostly default values
# Port and path for custom http services such as SelfDescription
web.http.port=8281
web.http.path=/api
# This is for EDC to send status messages regarding data transfer
web.http.control.port=8181
web.http.control.path=/api/v1/control
# Port and path for requesting an EDC to communicate with another EDC by DSP messages (consumer-provider)
web.http.management.port=8182
web.http.management.path=/management
# Port and path for IDS messages (from another EDC)
web.http.protocol.port=8282
web.http.protocol.path=/dsp
edc.dsp.callback.address=https://localhost:8282/dsp
edc.transfer.functions.enabled.protocols=https
# Connector hostname, which e.g. is used in referer urls
edc.hostname=localhost
# Auth key for using internal EDC api (header key: x-api-key)
edc.api.auth.key=password
# GUI configuration (enable DataDashboard to communicate with EDC)
edc.web.rest.cors.enabled=true
edc.web.rest.cors.origins=*
edc.web.rest.cors.headers=x-api-key, content-type
edc.web.rest.cors.methods=GET, POST, DELETE, PUT, OPTIONS

edc.dsp.id=provider
edc.participant.id=provider
consumer.properties 
# HTTPS config
edc.web.https.keystore.password=password
edc.web.https.keymanager.password=password
edc.web.https.keystore.path=./example/resources/keystore.p12
edc.web.https.keystore.type=PKCS12
# EDC4AAS Extension specific
edc.aas.exposeSelfDescription=true
# Timeouts in seconds
edc.client.waitForAgreementTimeout=15
edc.client.waitForTransferTimeout=30
edc.client.waitForCatalogTimeout=30
edc.client.acceptAllProviderOffers=true
edc.client.acceptedContractOffersPath = ./example/resources/acceptedContractOffers.json
# Port and path for e.g., this extension's SelfDescription
web.http.port=9291
web.http.path=/api
# This is for EDC to send status messages regarding data transfer
web.http.control.port=9191
web.http.control.path=/api/v1/control
# With this API you can manage different things of the connector.
web.http.management.port=9192
web.http.management.path=/management
# Port and path for DSP protocol messages (from another EDC)
web.http.protocol.port=9292
web.http.protocol.path=/dsp
edc.dsp.callback.address=https://localhost:9292/dsp
# X-Api-Key
edc.api.auth.key=password
# GUI configuration (enables DataDashboard to communicate with EDC)
edc.web.rest.cors.enabled=true
edc.web.rest.cors.origins=*
edc.web.rest.cors.headers=x-api-key, content-type
edc.web.rest.cors.methods=GET, POST, DELETE, PUT, OPTIONS

edc.dsp.id=consumer
edc.participant.id=consumer
Logs 
SEVERE 2024-06-17T16:02:40.983710055 JerseyExtension: Unexpected exception caught
org.eclipse.edc.spi.EdcException: Could not reach AAS service (https://localhost:8443): PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
        at de.fraunhofer.iosb.app.sync.Synchronizer.fetchCurrentAasModel(Synchronizer.java:108)
        at de.fraunhofer.iosb.app.sync.Synchronizer.synchronize(Synchronizer.java:76)
        at de.fraunhofer.iosb.app.sync.Synchronizer.created(Synchronizer.java:206)
        at de.fraunhofer.iosb.app.model.ids.SelfDescriptionRepository.lambda$createSelfDescription$0(SelfDescriptionRepository.java:62)
        at java.base/java.util.concurrent.ConcurrentLinkedQueue.forEachFrom(ConcurrentLinkedQueue.java:1037)
        at java.base/java.util.concurrent.ConcurrentLinkedQueue.forEach(ConcurrentLinkedQueue.java:1054)
        at de.fraunhofer.iosb.app.model.ids.SelfDescriptionRepository.createSelfDescription(SelfDescriptionRepository.java:62)
        at de.fraunhofer.iosb.app.Endpoint.postAasService(Endpoint.java:120)
        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
        at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.base/java.lang.reflect.Method.invoke(Method.java:568)
        at org.glassfish.jersey.server.model.internal.ResourceMethodInvocationHandlerFactory.lambda$static$0(ResourceMethodInvocationHandlerFactory.java:52)
        at org.glassfish.jersey.server.model.internal.AbstractJavaResourceMethodDispatcher$1.run(AbstractJavaResourceMethodDispatcher.java:146)
        at org.glassfish.jersey.server.model.internal.AbstractJavaResourceMethodDispatcher.invoke(AbstractJavaResourceMethodDispatcher.java:189)
        at org.glassfish.jersey.server.model.internal.JavaResourceMethodDispatcherProvider$ResponseOutInvoker.doDispatch(JavaResourceMethodDispatcherProvider.java:176)
        at org.glassfish.jersey.server.model.internal.AbstractJavaResourceMethodDispatcher.dispatch(AbstractJavaResourceMethodDispatcher.java:93)
        at org.glassfish.jersey.server.model.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:478)
        at org.glassfish.jersey.server.model.ResourceMethodInvoker.apply(ResourceMethodInvoker.java:400)
        at org.glassfish.jersey.server.model.ResourceMethodInvoker.apply(ResourceMethodInvoker.java:81)
        at org.glassfish.jersey.server.ServerRuntime$1.run(ServerRuntime.java:263)
        at org.glassfish.jersey.internal.Errors$1.call(Errors.java:248)
        at org.glassfish.jersey.internal.Errors$1.call(Errors.java:244)
        at org.glassfish.jersey.internal.Errors.process(Errors.java:292)
        at org.glassfish.jersey.internal.Errors.process(Errors.java:274)
        at org.glassfish.jersey.internal.Errors.process(Errors.java:244)
        at org.glassfish.jersey.process.internal.RequestScope.runInScope(RequestScope.java:266)
        at org.glassfish.jersey.server.ServerRuntime.process(ServerRuntime.java:242)
        at org.glassfish.jersey.server.ApplicationHandler.handle(ApplicationHandler.java:697)
        at org.glassfish.jersey.servlet.WebComponent.serviceImpl(WebComponent.java:394)
        at org.glassfish.jersey.servlet.WebComponent.service(WebComponent.java:346)
        at org.glassfish.jersey.servlet.ServletContainer.service(ServletContainer.java:358)
        at org.glassfish.jersey.servlet.ServletContainer.service(ServletContainer.java:312)
        at org.glassfish.jersey.servlet.ServletContainer.service(ServletContainer.java:205)
        at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:764)
        at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:529)
        at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:221)
        at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1381)
        at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:176)
        at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:484)
        at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:174)
        at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1303)
        at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:129)
        at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:192)
        at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:122)
        at org.eclipse.jetty.server.Server.handle(Server.java:563)
        at org.eclipse.jetty.server.HttpChannel$RequestDispatchable.dispatch(HttpChannel.java:1598)
        at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:753)
        at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:501)
        at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:287)
        at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:314)
        at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:100)
        at org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.onFillable(SslConnection.java:558)
        at org.eclipse.jetty.io.ssl.SslConnection.onFillable(SslConnection.java:379)
        at org.eclipse.jetty.io.ssl.SslConnection$2.succeeded(SslConnection.java:146)
        at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:100)
        at org.eclipse.jetty.io.SelectableChannelEndPoint$1.run(SelectableChannelEndPoint.java:53)
        at org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.runTask(AdaptiveExecutionStrategy.java:421)
        at org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.consumeTask(AdaptiveExecutionStrategy.java:390)
        at org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.tryProduce(AdaptiveExecutionStrategy.java:277)
        at org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.produce(AdaptiveExecutionStrategy.java:193)
        at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:969)
        at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.doRunJob(QueuedThreadPool.java:1194)
        at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1149)
        at java.base/java.lang.Thread.run(Thread.java:840)
Caused by: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
        at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131)
        at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:378)
        at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:321)
        at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:316)
        at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.checkServerCerts(CertificateMessage.java:1351)
        at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.onConsumeCertificate(CertificateMessage.java:1226)
        at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.consume(CertificateMessage.java:1169)
        at java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:396)
        at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:480)
        at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:458)
        at java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:201)
        at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:172)
        at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1510)
        at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1425)
        at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:455)
        at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:426)
        at okhttp3.internal.connection.RealConnection.connectTls(RealConnection.kt:379)
        at okhttp3.internal.connection.RealConnection.establishProtocol(RealConnection.kt:337)
        at okhttp3.internal.connection.RealConnection.connect(RealConnection.kt:209)
        at okhttp3.internal.connection.ExchangeFinder.findConnection(ExchangeFinder.kt:226)
        at okhttp3.internal.connection.ExchangeFinder.findHealthyConnection(ExchangeFinder.kt:106)
        at okhttp3.internal.connection.ExchangeFinder.find(ExchangeFinder.kt:74)
        at okhttp3.internal.connection.RealCall.initExchange$okhttp(RealCall.kt:255)
        at okhttp3.internal.connection.ConnectInterceptor.intercept(ConnectInterceptor.kt:32)
        at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)
        at okhttp3.internal.cache.CacheInterceptor.intercept(CacheInterceptor.kt:95)
        at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)
        at okhttp3.internal.http.BridgeInterceptor.intercept(BridgeInterceptor.kt:83)
        at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)
        at okhttp3.internal.http.RetryAndFollowUpInterceptor.intercept(RetryAndFollowUpInterceptor.kt:76)
        at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)
        at okhttp3.internal.connection.RealCall.getResponseWithInterceptorChain$okhttp(RealCall.kt:201)
        at okhttp3.internal.connection.RealCall.execute(RealCall.kt:154)
        at de.fraunhofer.iosb.app.util.HttpRestClient.get(HttpRestClient.java:75)
        at de.fraunhofer.iosb.app.aas.AasAgent.readAssetAdministrationShellElement(AasAgent.java:240)
        at de.fraunhofer.iosb.app.aas.AasAgent.readSubmodels(AasAgent.java:217)
        at de.fraunhofer.iosb.app.aas.AasAgent.readModel(AasAgent.java:192)
        at de.fraunhofer.iosb.app.aas.AasAgent.getAasEnvWithUrls(AasAgent.java:144)
        at de.fraunhofer.iosb.app.controller.AasController.getAasModelWithUrls(AasController.java:79)
        at de.fraunhofer.iosb.app.sync.Synchronizer.fetchCurrentAasModel(Synchronizer.java:106)
        ... 64 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
        at java.base/sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:439)
        at java.base/sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:306)
        at java.base/sun.security.validator.Validator.validate(Validator.java:264)
        at java.base/sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231)
        at java.base/sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:132)
        at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.checkServerCerts(CertificateMessage.java:1335)
        ... 99 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
        at java.base/sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:148)
        at java.base/sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:129)
        at java.base/java.security.cert.CertPathBuilder.build(CertPathBuilder.java:297)
        at java.base/sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:434)
        ... 104 more

from edc-extension-for-aas.

carlos-schmidt avatar carlos-schmidt commented on September 28, 2024

Hello, thanks for your interest in our extension!

I'm currently working on a fix for this in the development branch of this repository and will try to move the changes onto the main branch within the next days. Thanks for bringing this issue up!

from edc-extension-for-aas.

carlos-schmidt avatar carlos-schmidt commented on September 28, 2024

Resolved with #119

Note: The HTTPS example configurations should work now, but communication between the connectors is not possible since the EDC needs both connectors to have valid certificates, not self-signed ones

from edc-extension-for-aas.

Related Issues (6)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.