Bug 612137 - RFE: JBoss plugin - log details when SSL connection to CSP fails
Summary: RFE: JBoss plugin - log details when SSL connection to CSP fails
Alias: None
Product: RHQ Project
Classification: Other
Component: Plugins
Version: 1.3.1
Hardware: All
OS: Linux
low vote
Target Milestone: ---
: ---
Assignee: Libor Zoubek
QA Contact: Mike Foley
Depends On:
Blocks: jon3
TreeView+ depends on / blocked
Reported: 2010-07-07 12:07 UTC by Ondřej Žižka
Modified: 2015-11-02 00:42 UTC (History)
2 users (show)

Clone Of:
Last Closed: 2014-06-30 08:04:09 UTC

Attachments (Terms of Use)

Description Ondřej Žižka 2010-07-07 12:07:17 UTC
It can happen that the used JVM does not have SSL certificates needed to connect to CSP server. It would be nice if JON provided a hint what's wrong.

E.g. When clicking the "TEST" button of a JBoss patch source, JON only says "Failed the attempt to connect to the remote repository for ... Check the configuration and make sure the remote repository is up."

A message such as "Failed connect - unable to find an appropriate SSL key for ..." would be much better.

Is that possible?

Comment 1 Ondřej Žižka 2010-07-07 12:09:14 UTC
Even the debug levels are not much useful for this:

2010-07-07 14:01:13,773 DEBUG [org.apache.commons.httpclient.HttpConnection] Open connection to access.stage.redhat.com:443
2010-07-07 14:01:13,950 DEBUG [httpclient.wire.header] >> "GET /jbossnetwork/restricted/feed/software.html?product=all&downloadType=all&flavor=rss&version=&jonVersion=2.0 HTTP/1.1[\r][\n]"
2010-07-07 14:01:13,950 DEBUG [org.apache.commons.httpclient.HttpMethodBase] Adding Host request header
2010-07-07 14:01:13,950 DEBUG [httpclient.wire.header] >> "User-Agent: Jakarta Commons-HttpClient/3.0.1[\r][\n]"
2010-07-07 14:01:13,950 DEBUG [httpclient.wire.header] >> "Host: access.stage.redhat.com[\r][\n]"
2010-07-07 14:01:13,950 DEBUG [httpclient.wire.header] >> "[\r][\n]"
2010-07-07 14:01:14,155 DEBUG [org.apache.commons.httpclient.HttpMethodDirector] Closing the connection.
2010-07-07 14:01:14,155 DEBUG [org.apache.commons.httpclient.HttpMethodDirector] Method retry handler returned false. Automatic recovery will not be attempted
2010-07-07 14:01:14,155 DEBUG [org.apache.commons.httpclient.HttpConnection] Releasing connection back to connection manager.
2010-07-07 14:01:14,155 DEBUG [org.apache.commons.httpclient.HttpConnection] Releasing connection back to connection manager.

Comment 2 Ondřej Žižka 2010-07-07 12:20:17 UTC
Actually, synchronization attempt logs this information. So perhaps the exception handling could be just copied.

Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
        at org.apache.commons.httpclient.HttpClient.executeMethod(Unknown Source)
        at org.rhq.enterprise.server.plugins.jboss.software.JBossSoftwareContentSourceAdapter.retrieveRssDocument(JBossSoftwareContentSourceAdapter.java:203)
        at org.rhq.enterprise.server.plugins.jboss.software.JBossSoftwareContentSourceAdapter.synchronizePackages(JBossSoftwareContentSourceAdapter.java:120)
        ... 52 more

Comment 3 Jay Shaughnessy 2014-06-02 19:09:13 UTC
Libor, you mentioned doing something with CSP integration just today.  Please take this as a suggestion if it is at all relevant.  Please close this when you are done, or it it is not relevant.

Note You need to log in before you can comment on or make changes to this bug.