Seeing the same thing on my side as well. Looks like my intermediate CA expired on Jun 4.
Here is a partial output from keytool. Certificate[2]: Owner: CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US Issuer: C=US, O=ONAP, OU=OSAAF Serial number: 1 Valid from: Thu Apr 05 07:15:40 PDT 2018 until: Mon Jun 04 07:15:40 PDT 2018 -- K i r a n From: onap-discuss-boun...@lists.onap.org [mailto:onap-discuss-boun...@lists.onap.org] On Behalf Of FREEMAN, BRIAN D Sent: Monday, June 04, 2018 1:24 PM To: Alexis de Talhouët <adetalhoue...@gmail.com>; BRADY, PATRICK D <pb0...@att.com> Cc: onap-discuss <onap-discuss@lists.onap.org> Subject: Re: [onap-discuss] [AAI]: Cert has expired? Alexis, I think its because we left the old certificate in place. Can you see two certs – one that has not expired ? Brian From: Alexis de Talhouët <adetalhoue...@gmail.com<mailto:adetalhoue...@gmail.com>> Sent: Monday, June 04, 2018 4:05 PM To: FREEMAN, BRIAN D <bf1...@att.com<mailto:bf1...@att.com>>; BRADY, PATRICK D <pb0...@att.com<mailto:pb0...@att.com>> Cc: onap-discuss <onap-discuss@lists.onap.org<mailto:onap-discuss@lists.onap.org>> Subject: Re: [onap-discuss] [AAI]: Cert has expired? It looks like this patch,https://gerrit.onap.org/r/#/c/44763/<https://urldefense.proofpoint.com/v2/url?u=https-3A__gerrit.onap.org_r_-23_c_44763_&d=DwMFaQ&c=LFYZ-o9_HUMeMTSQicvjIg&r=e3d1ehx3DI5AoMgDmi2Fzw&m=DGkECbd3ZsbO4PEkIvd3cKTVo7RlUXdaSuhRZRqx71k&s=LprMhDKglRDE1iByHYjR1_ixb3Qk8m1zBcSJbSLX5-o&e=>, from 6 weeks ago, is putting a new keystore within APP-C. When I look in there, I see the certificate expiring today, which seems to confirm my assumptions. $ keytool -list -storetype pkcs12 -keystore ONAPall.p12 -storepass changeit | grep aai oldaaiinter, 4-Jun-2018, trustedCertEntry, oldaairoot, 4-Jun-2018, trustedCertEntry, $ keytool -list -storetype pkcs12 -keystore ONAPall.p12 -storepass changeit | grep onap onaptestca, 4-Jun-2018, trustedCertEntry, Patrick, as contributor of this patch, could you chime in? Thanks, Alexis On Jun 4, 2018, at 3:06 PM, FREEMAN, BRIAN D <bf1...@att.com<mailto:bf1...@att.com>> wrote: Hmm the onap cert is good till 2038 let me check the aai server cert Brian root@njcdtl01bf1936:/home2/bf1936/ONAP/oom/kubernetes/so/resources/config/mso# keytool -printcert -file onap-ca-new.crt Owner: C=US, O=ONAP, OU=OSAAF Issuer: C=US, O=ONAP, OU=OSAAF Serial number: 9eaeedc0a7ceb59d Valid from: Thu Apr 05 09:15:28 EST 2018 until: Wed Mar 31 09:15:28 EST 2038 Certificate fingerprints: MD5: 77:EB:5E:94:2E:B7:A3:45:97:6C:87:FE:A7:F7:64:0F SHA1: 90:25:D1:D3:8B:3C:BE:2C:73:E9:6C:1A:48:5B:06:A8:39:0D:54:3B SHA256: 1F:C2:BB:F6:7E:11:6F:F0:4C:C3:D9:6C:73:E5:99:B7:CA:7D:4D:EF:AA:6C:69:46:0D:2C:7B:A9:E4:23:5F:EA Signature algorithm name: SHA256withRSA Version: 3 Extensions: #1: ObjectId: 2.5.29.35 Criticality=false AuthorityKeyIdentifier [ KeyIdentifier [ 0000: 53 55 33 F2 4B EB D0 51 B1 C1 78 9A C1 28 31 7B SU3.K..Q..x..(1. 0010: EF EA ED 49 ...I ] ] #2: ObjectId: 2.5.29.19 Criticality=true BasicConstraints:[ CA:true PathLen:2147483647 ] #3: ObjectId: 2.5.29.15 Criticality=true KeyUsage [ DigitalSignature Key_CertSign Crl_Sign ] #4: ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: 53 55 33 F2 4B EB D0 51 B1 C1 78 9A C1 28 31 7B SU3.K..Q..x..(1. 0010: EF EA ED 49 ...I ] ] root@njcdtl01bf1936:/home2/bf1936/ONAP/oom/kubernetes/so/resources/config/mso# keytool -printcert -file onap-ca-new.crt Owner: C=US, O=ONAP, OU=OSAAF Issuer: C=US, O=ONAP, OU=OSAAF Serial number: 9eaeedc0a7ceb59d Valid from: Thu Apr 05 09:15:28 EST 2018 until: Wed Mar 31 09:15:28 EST 2038 Certificate fingerprints: MD5: 77:EB:5E:94:2E:B7:A3:45:97:6C:87:FE:A7:F7:64:0F SHA1: 90:25:D1:D3:8B:3C:BE:2C:73:E9:6C:1A:48:5B:06:A8:39:0D:54:3B SHA256: 1F:C2:BB:F6:7E:11:6F:F0:4C:C3:D9:6C:73:E5:99:B7:CA:7D:4D:EF:AA:6C:69:46:0D:2C:7B:A9:E4:23:5F:EA Signature algorithm name: SHA256withRSA Version: 3 Extensions: #1: ObjectId: 2.5.29.35 Criticality=false AuthorityKeyIdentifier [ KeyIdentifier [ 0000: 53 55 33 F2 4B EB D0 51 B1 C1 78 9A C1 28 31 7B SU3.K..Q..x..(1. 0010: EF EA ED 49 ...I ] ] #2: ObjectId: 2.5.29.19 Criticality=true BasicConstraints:[ CA:true PathLen:2147483647 ] #3: ObjectId: 2.5.29.15 Criticality=true KeyUsage [ DigitalSignature Key_CertSign Crl_Sign ] #4: ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: 53 55 33 F2 4B EB D0 51 B1 C1 78 9A C1 28 31 7B SU3.K..Q..x..(1. 0010: EF EA ED 49 ...I ] ] From: onap-discuss-boun...@lists.onap.org<mailto:onap-discuss-boun...@lists.onap.org> <onap-discuss-boun...@lists.onap.org<mailto:onap-discuss-boun...@lists.onap.org>> On Behalf Of Alexis de Talhouët Sent: Monday, June 04, 2018 3:01 PM To: onap-discuss <onap-discuss@lists.onap.org<mailto:onap-discuss@lists.onap.org>> Subject: Re: [onap-discuss] [AAI]: Cert has expired? To clarify, VID is failing to communicate with AAI as well. Same symptom: 2018-06-04T19:00:52.907Z [http-apr-8080-exec-7] INFO com.att.eelf.error InstanceUUID=292b461a-2954-4b63-a3f9-f916c7ad3bc0 RequestId=5db9eb4c-688c-461f-958e-52d050752a1c LoginId=demo AlertSeverity=INFORMATIONAL PROTOCOL=HTTP PartnerName=Default_FE ServerFQDN=onap-vid-6fb489db7c-f9z9j ClientIPAddress=10.42.153.167 Full-URL=http://vid.api.simpledemo.onap.org:30200/vid/aai_get_services<https://urldefense.proofpoint.com/v2/url?u=http-3A__vid.api.simpledemo.onap.org-3A30200_vid_aai-5Fget-5Fservices&d=DwMFaQ&c=LFYZ-o9_HUMeMTSQicvjIg&r=e3d1ehx3DI5AoMgDmi2Fzw&m=uQC2uDcVFK8YXWHRBndbXbNbezdrweBsLfT0i4Czg8A&s=MNHz-Ek2QZXj2Pe71pjUEAgbwrO08q3fjc0t9s25DNY&e=> ServiceInstanceId= ServerIPAddress=10.42.252.68 ServiceName=/aai_get_services ClassName=org.onap.vid.aai.AaiClient 19:00:52:0907<== .doAaiGetjavax.ws.rs.ProcessingException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: validity check failed On Jun 4, 2018, at 2:57 PM, Alexis de Talhouët <adetalhoue...@gmail.com<mailto:adetalhoue...@gmail.com>> wrote: Hello team, I had Beijing deployment working fine until a few hours, and now I’m seeing the bellow log in APP-C that seems to indicated the AAI cert has expired. Is this accurate? If so, is someone looking into this? Also, VID is failing, etc… Thanks, Alexis <log4j:event logger="org.onap.ccsdk.sli.adaptors.aai.AAIService" timestamp="1528138436602" level="WARN" thread="qtp611540313-772"> <log4j:message><![CDATA[]]></log4j:message> <log4j:throwable><![CDATA[javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: validity check failed at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)[:1.8.0_171] at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1964)[:1.8.0_171] at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:328)[:1.8.0_171] at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:322)[:1.8.0_171] at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1614)[:1.8.0_171] at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216)[:1.8.0_171] at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1052)[:1.8.0_171] at sun.security.ssl.Handshaker.process_record(Handshaker.java:987)[:1.8.0_171] at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1072)[:1.8.0_171] at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1385)[:1.8.0_171] at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1413)[:1.8.0_171] at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1397)[:1.8.0_171] at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)[:1.8.0_171] at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)[:1.8.0_171] at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1564)[:1.8.0_171] at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1492)[:1.8.0_171] at java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:480)[:1.8.0_171] at java.net.HttpURLConnection.getResponseMessage(HttpURLConnection.java:546)[:1.8.0_171] at sun.net.www.protocol.https.HttpsURLConnectionImpl.getResponseMessage(HttpsURLConnectionImpl.java:391)[:1.8.0_171] at org.onap.ccsdk.sli.adaptors.aai.AAIClientRESTExecutor.get(AAIClientRESTExecutor.java:252) at org.onap.ccsdk.sli.adaptors.aai.AAIDeclarations.newModelQuery(AAIDeclarations.java:785) at org.onap.ccsdk.sli.adaptors.aai.AAIDeclarations.query(AAIDeclarations.java:182) at org.onap.ccsdk.sli.adaptors.aai.AAIService.query(AAIService.java:1399) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)[:1.8.0_171] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)[:1.8.0_171] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)[:1.8.0_171] at java.lang.reflect.Method.invoke(Method.java:498)[:1.8.0_171] at org.apache.aries.proxy.impl.ProxyHandler$1.invoke(ProxyHandler.java:54) at org.apache.aries.proxy.impl.ProxyHandler.invoke(ProxyHandler.java:119) at org.onap.ccsdk.sli.adaptors.aai.$AAIService2054128345.query(Unknown Source) at org.onap.appc.requesthandler.impl.RequestValidatorImpl.getVnfdata(RequestValidatorImpl.java:420) at org.onap.appc.requesthandler.impl.RequestValidatorImpl.queryAAI(RequestValidatorImpl.java:403) at org.onap.appc.requesthandler.impl.RequestValidatorImpl.validateRequest(RequestValidatorImpl.java:187) at org.onap.appc.requesthandler.impl.AbstractRequestHandlerImpl.handleRequest(AbstractRequestHandlerImpl.java:154) at Proxydaa0c08b_99d7_432a_8956_0817c4b2e241.handleRequest(Unknown Source) at org.onap.appc.provider.lcm.service.RequestExecutor.executeRequest(RequestExecutor.java:85) at org.onap.appc.provider.AppcProviderLcm.executeRequest(AppcProviderLcm.java:1170) at org.onap.appc.provider.AppcProviderLcm.configure(AppcProviderLcm.java:585) at org.opendaylight.yangtools.yang.binding.util.RpcMethodInvokerWithInput.invokeOn(RpcMethodInvokerWithInput.java:31) at org.opendaylight.yangtools.yang.binding.util.AbstractMappedRpcInvoker.invokeRpc(AbstractMappedRpcInvoker.java:52) at org.opendaylight.controller.md.sal.binding.impl.BindingDOMRpcImplementationAdapter.invoke(BindingDOMRpcImplementationAdapter.java:83) at org.opendaylight.controller.md.sal.binding.impl.BindingDOMRpcImplementationAdapter.invokeRpc(BindingDOMRpcImplementationAdapter.java:70) at org.opendaylight.controller.md.sal.dom.broker.impl.GlobalDOMRpcRoutingTableEntry.invokeRpc(GlobalDOMRpcRoutingTableEntry.java:39) at org.opendaylight.controller.md.sal.dom.broker.impl.DOMRpcRoutingTable.invokeRpc(DOMRpcRoutingTable.java:177) at org.opendaylight.controller.md.sal.dom.broker.impl.DOMRpcRouter.invokeRpc(DOMRpcRouter.java:102) at Proxy5c206109_389b_4bcd_a843_a2a86fe31e50.invokeRpc(Unknown Source) at Proxy6371c1b5_aa3d_492b_a27e_e9fd1c498e2b.invokeRpc(Unknown Source) at org.opendaylight.netconf.sal.restconf.impl.BrokerFacade.invokeRpc(BrokerFacade.java:526)[279:org.opendaylight.netconf.sal-rest-connector:1.6.1] at org.opendaylight.netconf.sal.restconf.impl.RestconfImpl.invokeRpc(RestconfImpl.java:469)[279:org.opendaylight.netconf.sal-rest-connector:1.6.1] at org.opendaylight.netconf.sal.restconf.impl.StatisticsRestconfServiceWrapper.invokeRpc(StatisticsRestconfServiceWrapper.java:83)[279:org.opendaylight.netconf.sal-rest-connector:1.6.1] at org.opendaylight.netconf.sal.rest.impl.RestconfCompositeWrapper.invokeRpc(RestconfCompositeWrapper.java:64)[279:org.opendaylight.netconf.sal-rest-connector:1.6.1] at sun.reflect.GeneratedMethodAccessor225.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)[:1.8.0_171] at java.lang.reflect.Method.invoke(Method.java:498)[:1.8.0_171] at com.sun.jersey.spi.container.JavaMethodInvokerFactory$1.invoke(JavaMethodInvokerFactory.java:60)[77:com.sun.jersey.jersey-server:1.17.0] at com.sun.jersey.server.impl.model.method.dispatch.AbstractResourceMethodDispatchProvider$TypeOutInvoker._dispatch(AbstractResourceMethodDispatchProvider.java:185)[77:com.sun.jersey.jersey-server:1.17.0] at com.sun.jersey.server.impl.model.method.dispatch.ResourceJavaMethodDispatcher.dispatch(ResourceJavaMethodDispatcher.java:75)[77:com.sun.jersey.jersey-server:1.17.0] at com.sun.jersey.server.impl.uri.rules.HttpMethodRule.accept(HttpMethodRule.java:302)[77:com.sun.jersey.jersey-server:1.17.0] at com.sun.jersey.server.impl.uri.rules.RightHandPathRule.accept(RightHandPathRule.java:147)[77:com.sun.jersey.jersey-server:1.17.0] at com.sun.jersey.server.impl.uri.rules.ResourceObjectRule.accept(ResourceObjectRule.java:100)[77:com.sun.jersey.jersey-server:1.17.0] at com.sun.jersey.server.impl.uri.rules.RightHandPathRule.accept(RightHandPathRule.java:147)[77:com.sun.jersey.jersey-server:1.17.0] at com.sun.jersey.server.impl.uri.rules.RootResourceClassesRule.accept(RootResourceClassesRule.java:84)[77:com.sun.jersey.jersey-server:1.17.0] at com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(WebApplicationImpl.java:1511)[77:com.sun.jersey.jersey-server:1.17.0] at com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(WebApplicationImpl.java:1442)[77:com.sun.jersey.jersey-server:1.17.0] at com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(WebApplicationImpl.java:1391)[77:com.sun.jersey.jersey-server:1.17.0] at com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(WebApplicationImpl.java:1381)[77:com.sun.jersey.jersey-server:1.17.0] at com.sun.jersey.spi.container.servlet.WebComponent.service(WebComponent.java:416)[78:com.sun.jersey.servlet:1.17.0] at com.sun.jersey.spi.container.servlet.ServletContainer.service(ServletContainer.java:538)[78:com.sun.jersey.servlet:1.17.0] at com.sun.jersey.spi.container.servlet.ServletContainer.service(ServletContainer.java:716)[78:com.sun.jersey.servlet:1.17.0] at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)[106:javax.servlet-api:3.1.0] at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:812)[151:org.eclipse.jetty.servlet:9.2.21.v20170120] at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1669)[151:org.eclipse.jetty.servlet:9.2.21.v20170120] at org.eclipse.jetty.websocket.server.WebSocketUpgradeFilter.doFilter(WebSocketUpgradeFilter.java:201)[163:org.eclipse.jetty.websocket.server:9.2.21.v20170120] at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)[151:org.eclipse.jetty.servlet:9.2.21.v20170120] at org.eclipse.jetty.servlets.CrossOriginFilter.handle(CrossOriginFilter.java:257)[153:org.eclipse.jetty.servlets:9.2.21.v20170120] at org.eclipse.jetty.servlets.CrossOriginFilter.doFilter(CrossOriginFilter.java:220)[153:org.eclipse.jetty.servlets:9.2.21.v20170120] at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)[151:org.eclipse.jetty.servlet:9.2.21.v20170120] at org.eclipse.jetty.servlets.UserAgentFilter.doFilter(UserAgentFilter.java:83)[153:org.eclipse.jetty.servlets:9.2.21.v20170120] at org.eclipse.jetty.servlets.GzipFilter.doFilter(GzipFilter.java:301)[153:org.eclipse.jetty.servlets:9.2.21.v20170120] at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)[151:org.eclipse.jetty.servlet:9.2.21.v20170120] at org.opendaylight.aaa.filterchain.filters.CustomFilterAdapter.doFilter(CustomFilterAdapter.java:83)[176:org.opendaylight.aaa.filterchain:0.6.1] at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)[151:org.eclipse.jetty.servlet:9.2.21.v20170120] at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:61)[131:org.apache.shiro.web:1.3.2] at org.apache.shiro.web.servlet.AdviceFilter.executeChain(AdviceFilter.java:108)[131:org.apache.shiro.web:1.3.2] at org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:137)[131:org.apache.shiro.web:1.3.2] at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)[131:org.apache.shiro.web:1.3.2] at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:66)[131:org.apache.shiro.web:1.3.2] at org.apache.shiro.web.servlet.AdviceFilter.executeChain(AdviceFilter.java:108)[131:org.apache.shiro.web:1.3.2] at org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:137)[131:org.apache.shiro.web:1.3.2] at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)[131:org.apache.shiro.web:1.3.2] at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:66)[131:org.apache.shiro.web:1.3.2] at org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java:449)[131:org.apache.shiro.web:1.3.2] at org.apache.shiro.web.servlet.AbstractShiroFilter$1.call(AbstractShiroFilter.java:365)[131:org.apache.shiro.web:1.3.2] at org.apache.shiro.subject.support.SubjectCallable.doCall(SubjectCallable.java:90)[130:org.apache.shiro.core:1.3.2] at org.apache.shiro.subject.support.SubjectCallable.call(SubjectCallable.java:83)[130:org.apache.shiro.core:1.3.2] at org.apache.shiro.subject.support.DelegatingSubject.execute(DelegatingSubject.java:383)[130:org.apache.shiro.core:1.3.2] at org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:362)[131:org.apache.shiro.web:1.3.2] at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)[131:org.apache.shiro.web:1.3.2] at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)[151:org.eclipse.jetty.servlet:9.2.21.v20170120] at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:585)[151:org.eclipse.jetty.servlet:9.2.21.v20170120] at org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler.doHandle(HttpServiceServletHandler.java:72)[303:org.ops4j.pax.web.pax-web-jetty:4.3.4] at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)[150:org.eclipse.jetty.server:9.2.21.v20170120] at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:577)[149:org.eclipse.jetty.security:9.2.21.v20170120] at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:223)[150:org.eclipse.jetty.server:9.2.21.v20170120] at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1127)[150:org.eclipse.jetty.server:9.2.21.v20170120] at org.ops4j.pax.web.service.jetty.internal.HttpServiceContext.doHandle(HttpServiceContext.java:287)[303:org.ops4j.pax.web.pax-web-jetty:4.3.4] at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:515)[151:org.eclipse.jetty.servlet:9.2.21.v20170120] at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185)[150:org.eclipse.jetty.server:9.2.21.v20170120] at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1061)[150:org.eclipse.jetty.server:9.2.21.v20170120] at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)[150:org.eclipse.jetty.server:9.2.21.v20170120] at org.ops4j.pax.web.service.jetty.internal.JettyServerHandlerCollection.handle(JettyServerHandlerCollection.java:80)[303:org.ops4j.pax.web.pax-web-jetty:4.3.4] at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:97)[150:org.eclipse.jetty.server:9.2.21.v20170120] at org.eclipse.jetty.server.Server.handle(Server.java:499)[150:org.eclipse.jetty.server:9.2.21.v20170120] at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:311)[150:org.eclipse.jetty.server:9.2.21.v20170120] at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:258)[150:org.eclipse.jetty.server:9.2.21.v20170120] at org.eclipse.jetty.io.AbstractConnection$2.run(AbstractConnection.java:544)[142:org.eclipse.jetty.io<https://urldefense.proofpoint.com/v2/url?u=http-3A__org.eclipse.jetty.io_&d=DwMFaQ&c=LFYZ-o9_HUMeMTSQicvjIg&r=e3d1ehx3DI5AoMgDmi2Fzw&m=uQC2uDcVFK8YXWHRBndbXbNbezdrweBsLfT0i4Czg8A&s=XnRIORYD_ztEKJMX6qcNxmfCLuF90v4BrXAt2OA5kec&e=>:9.2.21.v20170120] at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:635)[155:org.eclipse.jetty.util:9.2.21.v20170120] at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:555)[155:org.eclipse.jetty.util:9.2.21.v20170120] at java.lang.Thread.run(Thread.java:748)[:1.8.0_171] Caused by: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: validity check failed at sun.security.validator.PKIXValidator.doValidate(PKIXValidator.java:362)[:1.8.0_171] at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:270)[:1.8.0_171] at sun.security.validator.Validator.validate(Validator.java:260)[:1.8.0_171] at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324)[:1.8.0_171] at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229)[:1.8.0_171] at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)[:1.8.0_171] at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1596)[:1.8.0_171] ... 114 more Caused by: java.security.cert.CertPathValidatorException: validity check failed at sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(PKIXMasterCertPathValidator.java:135)[:1.8.0_171] at sun.security.provider.certpath.PKIXCertPathValidator.validate(PKIXCertPathValidator.java:233)[:1.8.0_171] at sun.security.provider.certpath.PKIXCertPathValidator.validate(PKIXCertPathValidator.java:141)[:1.8.0_171] at sun.security.provider.certpath.PKIXCertPathValidator.engineValidate(PKIXCertPathValidator.java:80)[:1.8.0_171] at java.security.cert.CertPathValidator.validate(CertPathValidator.java:292)[:1.8.0_171] at sun.security.validator.PKIXValidator.doValidate(PKIXValidator.java:357)[:1.8.0_171] ... 120 more Caused by: java.security.cert.CertificateExpiredException: NotAfter: Mon Jun 04 14:15:40 UTC 2018 at sun.security.x509.CertificateValidity.valid(CertificateValidity.java:274)[:1.8.0_171] at sun.security.x509.X509CertImpl.checkValidity(X509CertImpl.java:629)[:1.8.0_171] at sun.security.provider.certpath.BasicChecker.verifyValidity(BasicChecker.java:190)[:1.8.0_171] at sun.security.provider.certpath.BasicChecker.check(BasicChecker.java:144)[:1.8.0_171] at sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(PKIXMasterCertPathValidator.java:125)[:1.8.0_171] ... 125 more
_______________________________________________ onap-discuss mailing list onap-discuss@lists.onap.org https://lists.onap.org/mailman/listinfo/onap-discuss
