PKIX 路径构建失败:sun.security.provider.certpath.SunCertPathBuilderException
PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException
我试图在 HP Helion Public Cloud(以前称为 HP Cloud)上安装 WSO2 Private PaaS 4.0.0。安装完成但出现以下错误
Starting WSO2 IS core service...
nohup: ignoring input and redirecting stderr to stdout
Restoring from the Original template file /home/ubuntu/paas/resources/json/os/partition.json
Deploying partition at /home/ubuntu/paas/resources/json/os/partition.json
{"Error":{ "errorCode": " 400", "errorMessage": " Invalid Partition Detected : P1. Cause: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target connecting to POST https://region-a.geo-1.identity.hpcloudsvc.com:35357/v2.0/tokens HTTP/1.1"}}Deploying autoscale policy at /home/ubuntu/paas/resources/json/os/autoscale-policy.json
{"stratosAdminResponse":{"message":"Successfully deployed autoscaling policy definition with id economy"}}Deploying deployment policy at /home/ubuntu/paas/resources/json/os/deployment-policy.json
{"Error":{ "errorCode": " 400", "errorMessage": " Deployment policy is invalid: [id] deployp"}}Deploying deployment policy at /home/ubuntu/paas/resources/json/os/deployment-flat.json
{"Error":{ "errorCode": " 400", "errorMessage": " Deployment policy is invalid: [id] deployf"}}Deploying LB cartridge at /home/ubuntu/paas/resources/json/os/lb-cart.json
{"Error":{ "errorCode": " 400", "errorMessage": " Unable to build the jclouds object for iaas of type: openstack"}}Deploying Aplication Server (AS) cartridge at /home/ubuntu/paas/resources/json/os/appserver-cart.json
{"Error":{ "errorCode": " 400", "errorMessage": " Unable to build the jclouds object for iaas of type: openstack"}}Deploying Application Service service
{"Error":{ "errorCode": " 400", "errorMessage": " Failed to deploy the Service [Cartridge type] appserver [alias] b25aa290-4d15-4160-ab29-3fb65450a50c . Cause: appserver is not a valid cartridgeSubscription type. Please try again with a valid cartridgeSubscription type."}}Deploying Business Process Server (BPS) cartridge at /home/ubuntu/paas/resources/json/os/bps-cart.json
{"Error":{ "errorCode": " 400", "errorMessage": " Unable to build the jclouds object for iaas of type: openstack"}}Deploying Business Process Server service
{"Error":{ "errorCode": " 400", "errorMessage": " Failed to deploy the Service [Cartridge type] bps [alias] 9f8501bd-2707-41b8-8169-575f76e80e74 . Cause: bps is not a valid cartridgeSubscription type. Please try again with a valid cartridgeSubscription type."}}
conf.sh
# IaaS configuration
export iaas="os"
# Region Name
export region="region-a.geo-1"
# Cartridge base image
export cartridge_base_img_id="xxxxxxxa2-bff1-41cf-8f92-c3xxxxxxx5b"
# OpenStack
export os_identity="1XXXXXXXXXX:XXXXX5BL7VXXXXXXXXX"
export os_credentials="AMXXXXXXXXXXXXXXXXXX"
export os_jclouds_endpoint="https://region-a.geo-1.identity.hpcloudsvc.com:35357/v2.0/"
export os_keypair_name="xxxxxx"
export os_security_groups="xxxxxxx"
我四处搜索,发现问题的原因是PaaS 无法找到jcloud 端点(https://region-a.geo-1.identity.hpcloudsvc.com:35357/v2.0) 的证书。
我首先尝试使用 keytool -import -keystore 命令将端点证书导入 /usr/lib/jvm/java-7-oracle/jre/lib/security/cacerts。是行不通的,同样的问题仍然存在
然后我尝试将端点证书导入到 /home/ubuntu/.keystore。同样的问题仍然存在。
请指教
感谢
乔治
后端(jclouds 端点)的 Cetifacte 应该添加到 WSO2 Private PaaS 的客户端-truststore.jks。看看 [1]
[1] http://evanthika.blogspot.com/2014/01/how-to-solve-pkix-path-building-failed.html
我试图在 HP Helion Public Cloud(以前称为 HP Cloud)上安装 WSO2 Private PaaS 4.0.0。安装完成但出现以下错误
Starting WSO2 IS core service...
nohup: ignoring input and redirecting stderr to stdout
Restoring from the Original template file /home/ubuntu/paas/resources/json/os/partition.json
Deploying partition at /home/ubuntu/paas/resources/json/os/partition.json
{"Error":{ "errorCode": " 400", "errorMessage": " Invalid Partition Detected : P1. Cause: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target connecting to POST https://region-a.geo-1.identity.hpcloudsvc.com:35357/v2.0/tokens HTTP/1.1"}}Deploying autoscale policy at /home/ubuntu/paas/resources/json/os/autoscale-policy.json
{"stratosAdminResponse":{"message":"Successfully deployed autoscaling policy definition with id economy"}}Deploying deployment policy at /home/ubuntu/paas/resources/json/os/deployment-policy.json
{"Error":{ "errorCode": " 400", "errorMessage": " Deployment policy is invalid: [id] deployp"}}Deploying deployment policy at /home/ubuntu/paas/resources/json/os/deployment-flat.json
{"Error":{ "errorCode": " 400", "errorMessage": " Deployment policy is invalid: [id] deployf"}}Deploying LB cartridge at /home/ubuntu/paas/resources/json/os/lb-cart.json
{"Error":{ "errorCode": " 400", "errorMessage": " Unable to build the jclouds object for iaas of type: openstack"}}Deploying Aplication Server (AS) cartridge at /home/ubuntu/paas/resources/json/os/appserver-cart.json
{"Error":{ "errorCode": " 400", "errorMessage": " Unable to build the jclouds object for iaas of type: openstack"}}Deploying Application Service service
{"Error":{ "errorCode": " 400", "errorMessage": " Failed to deploy the Service [Cartridge type] appserver [alias] b25aa290-4d15-4160-ab29-3fb65450a50c . Cause: appserver is not a valid cartridgeSubscription type. Please try again with a valid cartridgeSubscription type."}}Deploying Business Process Server (BPS) cartridge at /home/ubuntu/paas/resources/json/os/bps-cart.json
{"Error":{ "errorCode": " 400", "errorMessage": " Unable to build the jclouds object for iaas of type: openstack"}}Deploying Business Process Server service
{"Error":{ "errorCode": " 400", "errorMessage": " Failed to deploy the Service [Cartridge type] bps [alias] 9f8501bd-2707-41b8-8169-575f76e80e74 . Cause: bps is not a valid cartridgeSubscription type. Please try again with a valid cartridgeSubscription type."}}
conf.sh
# IaaS configuration
export iaas="os"
# Region Name
export region="region-a.geo-1"
# Cartridge base image
export cartridge_base_img_id="xxxxxxxa2-bff1-41cf-8f92-c3xxxxxxx5b"
# OpenStack
export os_identity="1XXXXXXXXXX:XXXXX5BL7VXXXXXXXXX"
export os_credentials="AMXXXXXXXXXXXXXXXXXX"
export os_jclouds_endpoint="https://region-a.geo-1.identity.hpcloudsvc.com:35357/v2.0/"
export os_keypair_name="xxxxxx"
export os_security_groups="xxxxxxx"
我四处搜索,发现问题的原因是PaaS 无法找到jcloud 端点(https://region-a.geo-1.identity.hpcloudsvc.com:35357/v2.0) 的证书。
我首先尝试使用 keytool -import -keystore 命令将端点证书导入 /usr/lib/jvm/java-7-oracle/jre/lib/security/cacerts。是行不通的,同样的问题仍然存在
然后我尝试将端点证书导入到 /home/ubuntu/.keystore。同样的问题仍然存在。
请指教
感谢
乔治
后端(jclouds 端点)的 Cetifacte 应该添加到 WSO2 Private PaaS 的客户端-truststore.jks。看看 [1]
[1] http://evanthika.blogspot.com/2014/01/how-to-solve-pkix-path-building-failed.html