612137 – RFE: JBoss plugin - log details when SSL connection to CSP fails

Bug 612137 - RFE: JBoss plugin - log details when SSL connection to CSP fails

Summary: RFE: JBoss plugin - log details when SSL connection to CSP fails

Keywords:
Status:	CLOSED NOTABUG
Alias:	None
Product:	RHQ Project
Classification:	Other
Component:	Plugins
Sub Component:
Version:	1.3.1
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Target Release:	---
Assignee:	Libor Zoubek
QA Contact:	Mike Foley
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	jon3
TreeView+	depends on / blocked

Reported:	2010-07-07 12:07 UTC by Ondřej Žižka
Modified:	2015-11-02 00:42 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2014-06-30 08:04:09 UTC
Embargoed:

Attachments	(Terms of Use)

Description Ondřej Žižka 2010-07-07 12:07:17 UTC

It can happen that the used JVM does not have SSL certificates needed to connect to CSP server. It would be nice if JON provided a hint what's wrong.

E.g. When clicking the "TEST" button of a JBoss patch source, JON only says "Failed the attempt to connect to the remote repository for ... Check the configuration and make sure the remote repository is up."

A message such as "Failed connect - unable to find an appropriate SSL key for ..." would be much better.

Is that possible?

Comment 1 Ondřej Žižka 2010-07-07 12:09:14 UTC

Even the debug levels are not much useful for this:

2010-07-07 14:01:13,773 DEBUG [org.apache.commons.httpclient.HttpConnection] Open connection to access.stage.redhat.com:443
2010-07-07 14:01:13,950 DEBUG [httpclient.wire.header] >> "GET /jbossnetwork/restricted/feed/software.html?product=all&downloadType=all&flavor=rss&version=&jonVersion=2.0 HTTP/1.1[\r][\n]"
2010-07-07 14:01:13,950 DEBUG [org.apache.commons.httpclient.HttpMethodBase] Adding Host request header
2010-07-07 14:01:13,950 DEBUG [httpclient.wire.header] >> "User-Agent: Jakarta Commons-HttpClient/3.0.1[\r][\n]"
2010-07-07 14:01:13,950 DEBUG [httpclient.wire.header] >> "Host: access.stage.redhat.com[\r][\n]"
2010-07-07 14:01:13,950 DEBUG [httpclient.wire.header] >> "[\r][\n]"
2010-07-07 14:01:14,155 DEBUG [org.apache.commons.httpclient.HttpMethodDirector] Closing the connection.
2010-07-07 14:01:14,155 DEBUG [org.apache.commons.httpclient.HttpMethodDirector] Method retry handler returned false. Automatic recovery will not be attempted
2010-07-07 14:01:14,155 DEBUG [org.apache.commons.httpclient.HttpConnection] Releasing connection back to connection manager.
2010-07-07 14:01:14,155 DEBUG [org.apache.commons.httpclient.HttpConnection] Releasing connection back to connection manager.

Comment 2 Ondřej Žižka 2010-07-07 12:20:17 UTC

Actually, synchronization attempt logs this information. So perhaps the exception handling could be just copied.

Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
        ...
        at org.apache.commons.httpclient.HttpClient.executeMethod(Unknown Source)
        at org.rhq.enterprise.server.plugins.jboss.software.JBossSoftwareContentSourceAdapter.retrieveRssDocument(JBossSoftwareContentSourceAdapter.java:203)
        at org.rhq.enterprise.server.plugins.jboss.software.JBossSoftwareContentSourceAdapter.synchronizePackages(JBossSoftwareContentSourceAdapter.java:120)
        ... 52 more

Comment 3 Jay Shaughnessy 2014-06-02 19:09:13 UTC

Libor, you mentioned doing something with CSP integration just today.  Please take this as a suggestion if it is at all relevant.  Please close this when you are done, or it it is not relevant.

Note You need to log in before you can comment on or make changes to this bug.