perfsonar development work

[Cándido Rodríguez Montes <>]

Hi Murilo,

On Oct 28, 2010, at 10:43 PM, Murilo Vetter wrote:

Hi guys.

 

Here in Brazil we are trying to implement the perfSONAR AS and to generate the certificate we are using SASLCA. We are dealing with some problems and all we could debug is that it tries to get the certificate from the SASLCA, but this server crashes in the following error. Does anyone know something about this error?

Every error in the SASL CA is a hell :(

The client, which has sent the request to the SASL CA, has a truststore containing the certificate of the SASL CA (or a list of certificates). So, maybe the problem is that the truststore is not containing the right certificate.

Regards

2010-10-28 18:34:19,381 DEBUG - decoded message size: 21 bytes

2010-10-28 18:34:19,381 DEBUG - C: A01 CONNECT VERSION_1

2010-10-28 18:34:19,381 DEBUG - S: A02 CONNECT_OK

2010-10-28 18:34:19,381 DEBUG - using chunksize 14

2010-10-28 18:34:19,616 DEBUG - decoded message size: 31 bytes

2010-10-28 18:34:19,616 DEBUG - C: A03 GET_SERVER_AUTHN_MECHANISMS

2010-10-28 18:34:19,616 DEBUG - S: A04 SERVER_AUTHN_MECHANISMS PLAIN

2010-10-28 18:34:19,616 DEBUG - using chunksize 33

2010-10-28 18:34:19,864 DEBUG - decoded message size: 22 bytes

2010-10-28 18:34:19,864 DEBUG - C: A12 STARTTLS REQUESTED

2010-10-28 18:34:19,864 DEBUG - S: A12 STARTTLS GRANTED

2010-10-28 18:34:19,864 DEBUG - using chunksize 20

2010-10-28 18:34:19,379  INFO - new connection from /150.162.248.171

2010-10-28 18:34:19,381 DEBUG - decoded message size: 21 bytes

2010-10-28 18:34:19,381 DEBUG - C: A01 CONNECT VERSION_1

2010-10-28 18:34:19,381 DEBUG - S: A02 CONNECT_OK

2010-10-28 18:34:19,381 DEBUG - using chunksize 14

2010-10-28 18:34:19,616 DEBUG - decoded message size: 31 bytes

2010-10-28 18:34:19,616 DEBUG - C: A03 GET_SERVER_AUTHN_MECHANISMS

2010-10-28 18:34:19,616 DEBUG - S: A04 SERVER_AUTHN_MECHANISMS PLAIN

2010-10-28 18:34:19,616 DEBUG - using chunksize 33

2010-10-28 18:34:19,864 DEBUG - decoded message size: 22 bytes

2010-10-28 18:34:19,864 DEBUG - C: A12 STARTTLS REQUESTED

2010-10-28 18:34:19,864 DEBUG - S: A12 STARTTLS GRANTED

2010-10-28 18:34:19,864 DEBUG - using chunksize 20

2010-10-28 18:34:25,232 DEBUG - remote socket: 150.162.248.171:53987

2010-10-28 18:34:25,232 DEBUG - remote socket: 150.162.248.171:53987

2010-10-28 18:34:25,930 ERROR - IO Error in protocol block

javax.net.ssl.SSLException: Received fatal alert: internal_error

        at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:190)

        at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:136)

        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1694)

        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:939)

        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1120)

        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1147)

        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1131)

        at edu.psu.sasl_ca.ProtocolHandler.enableStartTLS(ProtocolHandler.java:522)

        at edu.psu.sasl_ca.ServerProtocolHandler.handleTlsRequest(ServerProtocolHandler.java:437)

        at edu.psu.sasl_ca.ServerProtocolHandler.authenticateUser(ServerProtocolHandler.java:228)

        at edu.psu.sasl_ca.ServerProtocolHandler.run(ServerProtocolHandler.java:760)

        at java.security.AccessController.doPrivileged(Native Method)

        at javax.security.auth.Subject.doAs(Subject.java:337)

        at edu.psu.sasl_ca.ServerConnectionHandler.run(ServerConnectionHandler.java:160)

        at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)

        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)

        at java.lang.Thread.run(Thread.java:619)

2010-10-28 18:34:25,930  INFO - closing connection to 150.162.248.171/150.162.248.171

2010-10-28 18:34:25,930 ERROR - IO Error in protocol block

javax.net.ssl.SSLException: Received fatal alert: internal_error

        at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:190)

        at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:136)

        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1694)

        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:939)

        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1120)

        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1147)

        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1131)

        at edu.psu.sasl_ca.ProtocolHandler.enableStartTLS(ProtocolHandler.java:522)

        at edu.psu.sasl_ca.ServerProtocolHandler.handleTlsRequest(ServerProtocolHandler.java:437)

        at edu.psu.sasl_ca.ServerProtocolHandler.authenticateUser(ServerProtocolHandler.java:228)

        at edu.psu.sasl_ca.ServerProtocolHandler.run(ServerProtocolHandler.java:760)

        at java.security.AccessController.doPrivileged(Native Method)

        at javax.security.auth.Subject.doAs(Subject.java:337)

        at edu.psu.sasl_ca.ServerConnectionHandler.run(ServerConnectionHandler.java:160)

        at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)

        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)

        at java.lang.Thread.run(Thread.java:619)

2010-10-28 18:34:25,930  INFO - closing connection to 150.162.248.171/150.162.248.171

2010-10-28 18:34:54,517 DEBUG - Resolver Cache cleanup thread searching cache for stale entries.

2010-10-28 18:34:54,517 DEBUG - Resolver Cache cleanup thread searching cache for stale entries.

 

We hope we could solve this problem with your help!

 

Thanks a lot!

Murilo/Peterson

RNP - Brazil

--

Cándido Rodríguez Montes E-mail: 

Middleware warrior Tel:+34 955 05 66 13

Red.ES/RedIRIS

Edificio CICA

Avenida Reina Mercedes, s/n

41012 Sevilla

SPAIN