[jira] [Comment Edited] (AIRAVATA-3405) Error invoking Keycloak REST: InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty

Marcus Christie (Jira) Mon, 01 Mar 2021 13:29:26 -0800


    [ 
https://issues.apache.org/jira/browse/AIRAVATA-3405?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17293181#comment-17293181
 ]


Marcus Christie edited comment on AIRAVATA-3405 at 3/1/21, 9:28 PM:
--------------------------------------------------------------------

In case this was caused by a JDK upgrade, I've switched our server to only 
automatically download and apply security updates (setting {{update_cmd = 
security}} in {{/etc/yum/yum-cron.conf}}). This could in theory include JDK 
upgrades as well, but at least it will be less frequent. In general I would 
argue for only automatically applying security updates and not general updates, 
to minimize the chance of breakage.



was (Author: marcuschristie):
In case this was caused by a JDK upgrade, I've switched our server to only 
automatically download and apply security updates. This could in theory include 
JDK upgrades as well, but at least it will be less frequent. In general I would 
argue for only automatically applying security updates and not general updates, 
to minimize the chance of breakage.

> Error invoking Keycloak REST: InvalidAlgorithmParameterException: the 
> trustAnchors parameter must be non-empty
> --------------------------------------------------------------------------------------------------------------
>
>                 Key: AIRAVATA-3405
>                 URL: https://issues.apache.org/jira/browse/AIRAVATA-3405
>             Project: Airavata
>          Issue Type: Bug
>          Components: Keycloak Authentication, Security
>            Reporter: Marcus Christie
>            Assignee: Marcus Christie
>            Priority: Major
>
> {code}
> 2021-01-27 09:09:35,433 [pool-38-thread-10295] ERROR 
> o.a.a.s.p.h.IamAdminServicesHandler  - Error while retrieving user
>  profile from IAM backend, reason: RESTEASY004655: Unable to invoke request
> javax.ws.rs.ProcessingException: RESTEASY004655: Unable to invoke request
>         at 
> org.jboss.resteasy.client.jaxrs.engines.ApacheHttpClient4Engine.invoke(ApacheHttpClient4Engine.java:287)
>         at 
> org.jboss.resteasy.client.jaxrs.internal.ClientInvocation.invoke(ClientInvocation.java:436)
>         at 
> org.jboss.resteasy.client.jaxrs.internal.proxy.ClientInvoker.invoke(ClientInvoker.java:102)
>         at 
> org.jboss.resteasy.client.jaxrs.internal.proxy.ClientProxy.invoke(ClientProxy.java:64)
>         at com.sun.proxy.$Proxy55.search(Unknown Source)
>         at 
> org.apache.airavata.service.profile.iam.admin.services.core.impl.TenantManagementKeycloakImpl.getUsers(Tenan
> tManagementKeycloakImpl.java:499)
>         at 
> org.apache.airavata.service.profile.handlers.IamAdminServicesHandler.getUsers(IamAdminServicesHandler.java:1
> 97)
>         at 
> org.apache.airavata.service.profile.iam.admin.services.cpi.IamAdminServices$Processor$getUsers.getResult(Iam
> AdminServices.java:1382)
>         at 
> org.apache.airavata.service.profile.iam.admin.services.cpi.IamAdminServices$Processor$getUsers.getResult(Iam
> AdminServices.java:1366)
>         at org.apache.thrift.ProcessFunction.process(ProcessFunction.java:39)
>         at org.apache.thrift.TBaseProcessor.process(TBaseProcessor.java:39)
>         at 
> org.apache.thrift.TMultiplexedProcessor.process(TMultiplexedProcessor.java:123)
>         at 
> org.apache.thrift.server.TThreadPoolServer$WorkerProcess.run(TThreadPoolServer.java:286)
>         at 
> java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
>         at 
> java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
>         at java.base/java.lang.Thread.run(Thread.java:834)
> Caused by: javax.net.ssl.SSLException: Unexpected error: 
> java.security.InvalidAlgorithmParameterException: the trustAnc
> hors parameter must be non-empty
>         at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:133)
>         at 
> java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:350)
>         at 
> java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:293)
>         at 
> java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:288)
>         at 
> java.base/sun.security.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1581)
>         at 
> java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:453)
>         at 
> java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:411)
>         at 
> org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:553)
>         at 
> org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:412)
>         at 
> org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.jav
> a:179)
>         at 
> org.apache.http.impl.conn.ManagedClientConnectionImpl.open(ManagedClientConnectionImpl.java:328)
>         at 
> org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:612)
>         at 
> org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:447)
>         at 
> org.apache.http.impl.client.AbstractHttpClient.doExecute(AbstractHttpClient.java:884)
>         at 
> org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82)
>         at 
> org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:55)
>         at 
> org.jboss.resteasy.client.jaxrs.engines.ApacheHttpClient4Engine.invoke(ApacheHttpClient4Engine.java:283)
>         ... 15 common frames omitted
> {code}



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Comment Edited] (AIRAVATA-3405) Error invoking Keycloak REST: InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty

Reply via email to