Hi Brian, I am trying to post a ves event (Frankfurt) and getting POL2000 Unauthorized user error.
I have added cert from https://gerrit.onap.org/r/c/demo/+/106709/3/vnfs/VESreporting_vFW5.0_DANOS/onap-ca.crt<https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgerrit.onap.org%2Fr%2Fc%2Fdemo%2F%2B%2F106709%2F3%2Fvnfs%2FVESreporting_vFW5.0_DANOS%2Fonap-ca.crt&data=02%7C01%7Ckuldeepsinghn%40hcl.com%7C87df75d8342f4eb4a60808d7eb9573bf%7C189de737c93a4f5a8b686f4ca9941912%7C0%7C0%7C637236899444963820&sdata=p9AiizWNNWXxaJR9b8IhPLQQY%2FkfGN%2Fr8a5ShzG%2B9%2Bg%3D&reserved=0> Had tried with creds shared earlier - https://gerrit.onap.org/r/gitweb?p=demo.git;a=blob;f=vnfs/VESreporting_vFW5.0/vpp_measurement_reporter.c;h=123d50364f3ccb3faa8d100f7fb80e43eb116a1d;hb=refs/heads/master Am I using wrong credentials ? ubuntu@ransim-big:~$ curl "https://10.0.2.115:30417/eventListener/v7"; -k -v -u sample1 -H "Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==" -H "X-MinorVersion: 1" -H "accept: */*" -H "Content-Type: application/json" -d @~/bkup-data/fm-event-data.json Warning: Couldn't read data from file "~/bkup-data/fm-event-data.json", this Warning: makes an empty POST. Enter host password for user 'sample1': * Trying 10.0.2.115... * TCP_NODELAY set * Connected to 10.0.2.115 (10.0.2.115) port 30417 (#0) * ALPN, offering h2 * ALPN, offering http/1.1 * successfully set certificate verify locations: * CAfile: /etc/ssl/certs/ca-certificates.crt CApath: /etc/ssl/certs * TLSv1.3 (OUT), TLS handshake, Client hello (1): * TLSv1.3 (IN), TLS handshake, Server hello (2): * TLSv1.3 (OUT), TLS change cipher, Client hello (1): * TLSv1.3 (OUT), TLS handshake, Client hello (1): * TLSv1.3 (IN), TLS handshake, Server hello (2): * TLSv1.3 (IN), TLS Unknown, Certificate Status (22): * TLSv1.3 (IN), TLS handshake, Unknown (8): * TLSv1.3 (IN), TLS handshake, Request CERT (13): * TLSv1.3 (IN), TLS handshake, Certificate (11): * TLSv1.3 (IN), TLS handshake, CERT verify (15): * TLSv1.3 (IN), TLS handshake, Finished (20): * TLSv1.3 (OUT), TLS Unknown, Certificate Status (22): * TLSv1.3 (OUT), TLS handshake, Certificate (11): * TLSv1.3 (OUT), TLS Unknown, Certificate Status (22): * TLSv1.3 (OUT), TLS handshake, Finished (20): * SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384 * ALPN, server did not agree to a protocol * Server certificate: * subject: CN=dcae; [email protected]:DEV; OU=OSAAF; O=ONAP; C=US * start date: Dec 3 17:23:45 2020 GMT * expire date: Dec 3 17:23:45 2021 GMT * issuer: C=US; O=ONAP; OU=OSAAF; CN=intermediateCA_9 * SSL certificate verify ok. * TLSv1.3 (OUT), TLS Unknown, Unknown (23): > POST /eventListener/v7 HTTP/1.1 > Host: 10.0.2.115:30417 > User-Agent: curl/7.58.0 > Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ== > X-MinorVersion: 1 > accept: */* > Content-Type: application/json > Content-Length: 0 > * TLSv1.3 (IN), TLS Unknown, Certificate Status (22): * TLSv1.3 (IN), TLS handshake, Newsession Ticket (4): * TLSv1.3 (IN), TLS Unknown, Unknown (23): < HTTP/1.1 401 < Content-Length: 87 < Date: Mon, 14 Dec 2020 15:57:28 GMT * HTTP error before end of send, stop sending < * Closing connection 0 * TLSv1.3 (OUT), TLS Unknown, Unknown (21): * TLSv1.3 (OUT), TLS alert, Client hello (1): {"requestError":{"PolicyException":{"messageId":"POL2000","text":"Unauthorized user"}}} Regards, Kuldeep From: [email protected] <[email protected]> On Behalf Of Brian Freeman via lists.onap.org Sent: Thursday, May 7, 2020 5:07 PM To: [email protected]; FREEMAN, BRIAN D <[email protected]>; [email protected] Subject: Re: [onap-discuss] #ves Exception while sending https request to ves-collector(Frankfurt)-SSLHandshakeException. What are the certificates to be added? [CAUTION: This Email is from outside the Organization. Unless you trust the sender, Don’t click links or open attachments as it may be a Phishing email, which can steal your Information and compromise your Computer.] https://gerrit.onap.org/r/gitweb?p=demo.git;a=blob;f=vnfs/VESreporting_vFW5.0/vpp_measurement_reporter.c;h=123d50364f3ccb3faa8d100f7fb80e43eb116a1d;hb=refs/heads/master From: [email protected]<mailto:[email protected]> <[email protected]<mailto:[email protected]>> On Behalf Of FREEMAN, BRIAN D Sent: Thursday, May 7, 2020 7:35 AM To: [email protected]<mailto:[email protected]>; [email protected]<mailto:[email protected]> Subject: Re: [onap-discuss] #ves Exception while sending https request to ves-collector(Frankfurt)-SSLHandshakeException. What are the certificates to be added? ***Security Advisory: This Message Originated Outside of AT&T *** Reference http://cso.att.com/EmailSecurity/IDSP.html<https://apc01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fcso.att.com%2FEmailSecurity%2FIDSP.html&data=02%7C01%7Ckuldeepsinghn%40hcl.com%7C26bc0ae506704643996708d7f27b0e15%7C189de737c93a4f5a8b686f4ca9941912%7C0%7C0%7C637244482653364600&sdata=7vCjEGpWUeRjUHrGcpbE5TPQz%2FDJJd5EmuRPk67Bs1E%3D&reserved=0> for more information. See the example VESreporting 5.0 for vFWCL or vFWCLDN sample1:sample1 I believe are the default credentials. Brian From: [email protected]<mailto:[email protected]> <[email protected]<mailto:[email protected]>> On Behalf Of niranjana.y60 via lists.onap.org Sent: Thursday, May 7, 2020 7:27 AM To: FREEMAN, BRIAN D <[email protected]<mailto:[email protected]>>; [email protected]<mailto:[email protected]> Subject: Re: [onap-discuss] #ves Exception while sending https request to ves-collector(Frankfurt)-SSLHandshakeException. What are the certificates to be added? Hi Brian, Thanks for you response. I am able to establish SSL connection but I am getting 401 unauthorized exception while sending https request to ves. Is there any particular userName and password I should use in the authorization header before sending request? Below are the logs in in dcae-ves-collector pod when I send request: 2020-05-07 10:37:42 INFO SubjectDN didn't match with any regexp from /opt/app/VESCollector/etc/certSubjectMatcher.properties 2020-05-07 10:37:42 ERROR EVENT_RECEIPT_FAILURE: Unauthorized user 2020-05-07 10:37:42 INFO SubjectDN didn't match with any regexp from /opt/app/VESCollector/etc/certSubjectMatcher.properties 2020-05-07 10:37:42 ERROR EVENT_RECEIPT_FAILURE: Unauthorized user Regards, Niranjana ::DISCLAIMER:: ________________________________ The contents of this e-mail and any attachment(s) are confidential and intended for the named recipient(s) only. E-mail transmission is not guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or may contain viruses in transmission. The e mail and its contents (with or without referred errors) shall therefore not attach any liability on the originator or HCL or its affiliates. Views or opinions, if any, presented in this email are solely those of the author and may not necessarily reflect the views or opinions of HCL or its affiliates. Any form of reproduction, dissemination, copying, disclosure, modification, distribution and / or publication of this message without the prior written consent of authorized representative of HCL is strictly prohibited. If you have received this email in error please delete it and notify the sender immediately. Before opening any email and/or attachments, please check them for viruses and other defects. ________________________________ -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#22641): https://lists.onap.org/g/onap-discuss/message/22641 Mute This Topic: https://lists.onap.org/mt/73330751/21656 Mute #ves:https://lists.onap.org/g/onap-discuss/mutehashtag/ves Group Owner: [email protected] Unsubscribe: https://lists.onap.org/g/onap-discuss/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
