Bug 1733214

Summary: Cannot connect to RHEVM with self-signed certificate - "org.ovirt.engine.sdk4.Error: Failed to send request"
Product: [oVirt] ovirt-engine-sdk-java Reporter: filip.bartman
Component: GeneralAssignee: Ondra Machacek <omachace>
Status: CLOSED INSUFFICIENT_DATA QA Contact: Lukas Svaty <lsvaty>
Severity: high Docs Contact:
Priority: unspecified    
Version: 4.3.1CC: bugs, dholler, filip.bartman, mperina
Target Milestone: ---Flags: omachace: needinfo? (filip.bartman)
mperina: needinfo? (filip.bartman)
Target Release: ---   
Hardware: x86_64   
OS: Windows   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2019-09-12 08:12:21 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: Infra RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description filip.bartman 2019-07-25 12:52:34 UTC
Description of problem:
I get org.ovirt.engine.sdk4.Error: Failed to send request every time that i try to connect to RHEVM that is deployed on my environment with self signed cert.

I have tried to create new truststore with certificate downloaded from 
https://host:port/ovirt-engine/services/pki-resource?resource=ca-certificate&format=X509-PEM-CA

set insecure(true), etc. but none of it works, i still get the same error. I attach code that i am using, and error that i get

Version-Release number of selected component (if applicable):
4.3.1

How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:

--------------CODE------------------------------
Connection conn = connection()
				.url(url)
				.user(login)
				.password(pass)
				.trustStoreFile("server.truststore")
				.build();
		
		SystemService systemService = conn.systemService();
		
		VmsService vmsService = systemService.vmsService();
		
		List<Vm> vms = vmsService.list().send().vms(); //this is where i get the error

----------STACKTRACE-----------------------------
org.ovirt.engine.sdk4.Error: Failed to send request
	at org.ovirt.engine.sdk4.internal.HttpConnection.send(HttpConnection.java:261)
	at org.ovirt.engine.sdk4.internal.HttpConnection.send(HttpConnection.java:233)
	at org.ovirt.engine.sdk4.internal.services.VmsServiceImpl$ListRequestImpl.send(VmsServiceImpl.java:599)
	at org.ovirt.engine.sdk4.internal.services.VmsServiceImpl$ListRequestImpl.send(VmsServiceImpl.java:513)
	at ###myMethod####
Caused by: org.ovirt.engine.sdk4.Error: Failed to parse JSON response
	at org.ovirt.engine.sdk4.internal.HttpConnection.getSsoResponse(HttpConnection.java:430)
	at org.ovirt.engine.sdk4.internal.HttpConnection.getAccessToken(HttpConnection.java:370)
	at org.ovirt.engine.sdk4.internal.HttpConnection.injectHeaders(HttpConnection.java:334)
	at org.ovirt.engine.sdk4.internal.HttpConnection.send(HttpConnection.java:238)
	... 17 more
Caused by: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
	at com.ibm.jsse2.as.a(as.java:786)
	at com.ibm.jsse2.as.i(as.java:387)
	at com.ibm.jsse2.as.a(as.java:615)
	at com.ibm.jsse2.as.startHandshake(as.java:91)
	at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:394)
	at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:353)
	at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:141)
	at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:353)
	at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:380)
	at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236)
	at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:184)
	at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:88)
	at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110)
	at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:184)
	at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82)
	at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:107)
	at org.ovirt.engine.sdk4.internal.HttpClient45.execute(HttpClient45.java:21)
	at org.ovirt.engine.sdk4.internal.HttpConnection.getSsoResponse(HttpConnection.java:424)
	... 20 more
Caused by: java.io.EOFException: SSL peer shut down incorrectly
	at com.ibm.jsse2.a.a(a.java:293)
	at com.ibm.jsse2.as.a(as.java:129)
	... 37 more

Comment 1 Ondra Machacek 2019-08-08 06:52:32 UTC
Hello, can you please try to running the app with a property '-Dhttps.protocols=TLSv1.1,TLSv1.2'? What version of the SDK do you use?

Comment 2 Martin Perina 2019-09-05 08:05:36 UTC
(In reply to Ondra Machacek from comment #1)
> Hello, can you please try to running the app with a property
> '-Dhttps.protocols=TLSv1.1,TLSv1.2'? What version of the SDK do you use?

Filip, any progress?

Comment 3 Martin Perina 2019-09-12 08:12:21 UTC
Feel free to reopen if reproduced and provide requested information