Unlock a world of possibilities! Login now and discover the exclusive benefits awaiting you.
Hello All,
Am using talend version 7.2 open source version and I have my job running on my talend container.
I have used tsetKeystore as the first component in my job to load my keystore(.pfx) file.
I have created my own pfx file and imported the server's certificate chain into my keystore(.pfx). Mentioned the keystore(.pfx) file details and its password in tsetkeystore component's truststore param.
As seen below test.pfx is my keystore and xxx is the password I have set. into my test.pfx file, using java keytool command I have imported the entire certificate chain given by the team that deals with the REST endpoint am trying to connect to.
Also in the , org.ops4j.pax.web.cfg file in
container/etc folder, mentioned below
org.osgi.service.http.port=8040
org.osgi.service.http.port.secure=9001
org.osgi.service.http.secure.enabled=true
org.ops4j.pax.web.ssl.keystore=${karaf.base}/etc/keystores/test.pfx
org.ops4j.pax.web.ssl.keystore.type=PKCS12
org.ops4j.pax.web.ssl.password=xxx
org.ops4j.pax.web.ssl.keypassword=xxx
most of the times a successful connection is established with the REST endpoint BUT The container after a system restart or a container restart or at some random times is throwing a SSLHandshake exception.
Kindly throw some light. This issue is pestering. Any help is really appreciating.
p.s - this issue is experienced when job runs on talend container . but from Talend studio it is all successful, no SSLHandshake
Hello @sreenija reddy ,
Please make sure the ssl keystore file path is correctly setup for the tSetKeystore component in the job while running on the container?
PS: it should be different file path while running on the container and on talend studio, you can setup 2 job context environments, one for the studio, one for the container.
Best regards
Aiming
@Aiming Chen ,
Many thanks for your kind reply.
Our deployment happens on Talend container. For development alone we use Studio.
Kindly explain - why it should be different file path while running on the container and on talend studio? curious to learn. Am new to Talend.
Also the SSLHandShake exception, the pattern we have observed is after the SYSTEM restart the SSLHandShake is coming up. Our server auto restarts every Friday.
Hello @sreenija reddy ,
As the studio and the container are different machine, so the ssl file path should be different for them.
BTW, it need to check the container log file under {runtime}/container/log/tesb.log to find the real cause of the issue.
Thanks
Aiming
@Aiming Chen
thank you for your reply.
I am using Talend OPEN SOURCE version 7.2.1 and am badly stuck with this system restart causing SSLHandshake on every restart of the system. Kindly help me out. This issue is because am using opensource? @Aiming Chen - please help with a clue.
But Studio we do not use all the time. The jobs majorly run on the container.
Also could you explain the significance of the data folder under the container.
D:\Talend\Runtime_ESBSE\container\data
Because in the first run my container started successfully and was receiving the requests and could see them in the container logs too.
Next/second time I emptied/cleared the entire content inside the DATA folder and tried restarting my container and it failed it MANY errors. Container did NOT restart successfully.
pasting some errors here:
org.osgi.service.blueprint.container.ComponentDefinitionException: Error when instantiating bean cxf of class org.apache.cxf.bus.blueprint.BlueprintBus
Caused by: java.lang.NoClassDefFoundError: org/osgi/service/http/HttpService
ETC
So third time, I restored the contents of the data folder with the content deleted from the first successful run and the container happily re-started successfully and logged the received requests.
Kindly explain please. I smell that this container cache thing is even causing the SSLHandShake also very much.
ps: The SSLHandshakeException is :
javax.ws.rs.ProcessingException:javax.net.ssl.SSLHandshakeException: SSLHandshakeException invoking https://abc.mg.com/idi/getdata java.security.cert.CertificateException: No X509TrustManager implementation available
Hello @sreenija reddy ,
Talend runtime is based on apache karaf. The data folder contains all the working and temporary files for Karaf.
It's NOT recommended to clear the folder while restarting the runtime.
please refer to the article
https://svn.apache.org/repos/asf/karaf/site/production/manual/latest/directory-structure.html
Best regards
Aiming
@Aiming Chen ,
ok. I will refrain from clearing the data folder. Is my open source talend 7.2.1 is limited and causing this SSLHandshake on SYSTEM/server restart.
System restart means, am referring to the machine that is hosting the talend container.