Bugzilla will be upgraded to version 5.0 on December 2, 2018. The outage period for the upgrade will start at 0:00 UTC and have a duration of 12 hours
Bug 612137 - RFE: JBoss plugin - log details when SSL connection to CSP fails
RFE: JBoss plugin - log details when SSL connection to CSP fails
Product: RHQ Project
Classification: Other
Component: Plugins (Show other bugs)
All Linux
low Severity low (vote)
: ---
: ---
Assigned To: Libor Zoubek
Mike Foley
Depends On:
Blocks: jon3
  Show dependency treegraph
Reported: 2010-07-07 08:07 EDT by Ondřej Žižka
Modified: 2015-11-01 19:42 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2014-06-30 04:04:09 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Ondřej Žižka 2010-07-07 08:07:17 EDT
It can happen that the used JVM does not have SSL certificates needed to connect to CSP server. It would be nice if JON provided a hint what's wrong.

E.g. When clicking the "TEST" button of a JBoss patch source, JON only says "Failed the attempt to connect to the remote repository for ... Check the configuration and make sure the remote repository is up."

A message such as "Failed connect - unable to find an appropriate SSL key for ..." would be much better.

Is that possible?
Comment 1 Ondřej Žižka 2010-07-07 08:09:14 EDT
Even the debug levels are not much useful for this:

2010-07-07 14:01:13,773 DEBUG [org.apache.commons.httpclient.HttpConnection] Open connection to access.stage.redhat.com:443
2010-07-07 14:01:13,950 DEBUG [httpclient.wire.header] >> "GET /jbossnetwork/restricted/feed/software.html?product=all&downloadType=all&flavor=rss&version=&jonVersion=2.0 HTTP/1.1[\r][\n]"
2010-07-07 14:01:13,950 DEBUG [org.apache.commons.httpclient.HttpMethodBase] Adding Host request header
2010-07-07 14:01:13,950 DEBUG [httpclient.wire.header] >> "User-Agent: Jakarta Commons-HttpClient/3.0.1[\r][\n]"
2010-07-07 14:01:13,950 DEBUG [httpclient.wire.header] >> "Host: access.stage.redhat.com[\r][\n]"
2010-07-07 14:01:13,950 DEBUG [httpclient.wire.header] >> "[\r][\n]"
2010-07-07 14:01:14,155 DEBUG [org.apache.commons.httpclient.HttpMethodDirector] Closing the connection.
2010-07-07 14:01:14,155 DEBUG [org.apache.commons.httpclient.HttpMethodDirector] Method retry handler returned false. Automatic recovery will not be attempted
2010-07-07 14:01:14,155 DEBUG [org.apache.commons.httpclient.HttpConnection] Releasing connection back to connection manager.
2010-07-07 14:01:14,155 DEBUG [org.apache.commons.httpclient.HttpConnection] Releasing connection back to connection manager.
Comment 2 Ondřej Žižka 2010-07-07 08:20:17 EDT
Actually, synchronization attempt logs this information. So perhaps the exception handling could be just copied.

Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
        at org.apache.commons.httpclient.HttpClient.executeMethod(Unknown Source)
        at org.rhq.enterprise.server.plugins.jboss.software.JBossSoftwareContentSourceAdapter.retrieveRssDocument(JBossSoftwareContentSourceAdapter.java:203)
        at org.rhq.enterprise.server.plugins.jboss.software.JBossSoftwareContentSourceAdapter.synchronizePackages(JBossSoftwareContentSourceAdapter.java:120)
        ... 52 more
Comment 3 Jay Shaughnessy 2014-06-02 15:09:13 EDT
Libor, you mentioned doing something with CSP integration just today.  Please take this as a suggestion if it is at all relevant.  Please close this when you are done, or it it is not relevant.

Note You need to log in before you can comment on or make changes to this bug.