I'm using the vco-cli-java-5.5.1.jar to manage vCO packages from my build. I got it to work on one system, but can't on others. Confusing and seems to be related to certificates. I'm not talking about the certificate for producing the package element signatures. The problem I'm having is on the import/export package functions. I get SSL peer authentication issues that result in not being able to connect to the vco server.
Can someone provide a definitive description of the cert requirements on this import / export path?
Here's the logging I get out of the client tool.
chadmichael@heraclitus:~/documentation/CURRENT/macQueen/vCO/packageBuildingCLI/exportTest$ java -DserverUrl=vcoadmin:vcoadmin@128.222.174.144:8281 -jar ~/documentation/CURRENT/macQueen/vCO/packageBuildingCLI/vco-cli-java-5.5.1.jar fi com.emc.chad.spike.dev_test.package
Importing file com.emc.chad.spike.dev_test.package
1 [main] WARN IGNORED_EXCEPTION - Ignored exception.
javax.naming.NoInitialContextException: Need to specify class name in environment or system property, or as an applet parameter, or in an application resource file: java.naming.factory.initial
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:662)
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:307)
at javax.naming.InitialContext.getURLOrDefaultInitCtx(InitialContext.java:344)
at javax.naming.InitialContext.lookup(InitialContext.java:411)
at ch.dunes.util.VSOPathConstants.getInstallPath(VSOPathConstants.java:40)
at ch.dunes.util.VSOPathConstants.getAppServerPath(VSOPathConstants.java:60)
at ch.dunes.util.VSOPathConstants.getAppServerConfigPath(VSOPathConstants.java:89)
at ch.dunes.util.VSOPathConstants.getKeystoreFile(VSOPathConstants.java:74)
at ch.dunes.model.client.VSOClientFactoryClient.calculateDefaultSSLTrustStorePath(VSOClientFactoryClient.java:32)
at ch.dunes.model.client.VSOClientFactoryClient.<init>(VSOClientFactoryClient.java:24)
at ch.dunes.model.client.VSOFactoryClientHelper.createConnectedClient(VSOFactoryClientHelper.java:52)
at ch.dunes.model.client.VSOFactoryClientHelper.createFactoryClient(VSOFactoryClientHelper.java:23)
at com.vmware.o11n.mojo.pkg.VCOPackageManager.connectVCOServer(VCOPackageManager.java:248)
at com.vmware.o11n.mojo.pkg.VCOPackageManager.fileImport(VCOPackageManager.java:217)
at com.vmware.o11n.tools.cli.PackageToolCli.fileImport(PackageToolCli.java:176)
at com.vmware.o11n.tools.cli.PackageToolCli.<init>(PackageToolCli.java:85)
at com.vmware.o11n.tools.cli.PackageToolCli.main(PackageToolCli.java:125)
11 [main] DEBUG ch.dunes.model.client.VSOFactoryClient - Start connection to VMO server : 128.222.174.144:8281
11 [main] DEBUG ch.dunes.model.client.VSOFactoryClient - Create Session
328 [main] DEBUG org.apache.http.impl.conn.BasicClientConnectionManager - Get connection for route {s}->https://128.222.174.144:8281
524 [main] DEBUG org.apache.http.impl.conn.DefaultClientConnectionOperator - Connecting to 128.222.174.144:8281
548 [main] DEBUG org.apache.http.client.protocol.RequestAddCookies - CookieSpec selected: best-match
561 [main] DEBUG org.apache.http.client.protocol.RequestAuthCache - Auth cache not set in the context
561 [main] DEBUG org.apache.http.client.protocol.RequestTargetAuthentication - Target auth state: UNCHALLENGED
562 [main] DEBUG org.apache.http.client.protocol.RequestProxyAuthentication - Proxy auth state: UNCHALLENGED
562 [main] DEBUG org.apache.http.impl.client.DefaultHttpClient - Attempt 1 to execute request
562 [main] DEBUG org.apache.http.impl.conn.DefaultClientConnection - Sending request: GET /vco HTTP/1.1
563 [main] DEBUG org.apache.http.wire - >> "GET /vco HTTP/1.1[\r][\n]"
564 [main] DEBUG org.apache.http.wire - >> "Host: 128.222.174.144:8281[\r][\n]"
564 [main] DEBUG org.apache.http.wire - >> "Connection: Keep-Alive[\r][\n]"
564 [main] DEBUG org.apache.http.wire - >> "User-Agent: Apache-HttpClient/4.2.3 (java 1.5)[\r][\n]"
564 [main] DEBUG org.apache.http.wire - >> "[\r][\n]"
564 [main] DEBUG org.apache.http.headers - >> GET /vco HTTP/1.1
565 [main] DEBUG org.apache.http.headers - >> Host: 128.222.174.144:8281
565 [main] DEBUG org.apache.http.headers - >> Connection: Keep-Alive
565 [main] DEBUG org.apache.http.headers - >> User-Agent: Apache-HttpClient/4.2.3 (java 1.5)
5597 [main] DEBUG org.apache.http.wire - << "HTTP/1.1 302 Found[\r][\n]"
5599 [main] DEBUG org.apache.http.wire - << "Server: Apache-Coyote/1.1[\r][\n]"
5599 [main] DEBUG org.apache.http.wire - << "Location: https://128.222.174.144:8281/vco/[\r][\n]"
5599 [main] DEBUG org.apache.http.wire - << "Transfer-Encoding: chunked[\r][\n]"
5599 [main] DEBUG org.apache.http.wire - << "Date: Fri, 23 May 2014 21:30:15 GMT[\r][\n]"
5599 [main] DEBUG org.apache.http.wire - << "[\r][\n]"
5600 [main] DEBUG org.apache.http.impl.conn.DefaultClientConnection - Receiving response: HTTP/1.1 302 Found
5600 [main] DEBUG org.apache.http.headers - << HTTP/1.1 302 Found
5600 [main] DEBUG org.apache.http.headers - << Server: Apache-Coyote/1.1
5600 [main] DEBUG org.apache.http.headers - << Location: https://128.222.174.144:8281/vco/
5600 [main] DEBUG org.apache.http.headers - << Transfer-Encoding: chunked
5600 [main] DEBUG org.apache.http.headers - << Date: Fri, 23 May 2014 21:30:15 GMT
5606 [main] DEBUG org.apache.http.impl.client.DefaultHttpClient - Connection can be kept alive indefinitely
5610 [main] DEBUG org.apache.http.wire - << "0[\r][\n]"
5610 [main] DEBUG org.apache.http.wire - << "[\r][\n]"
5610 [main] DEBUG org.apache.http.impl.conn.BasicClientConnectionManager - Releasing connection org.apache.http.impl.conn.ManagedClientConnectionImpl@121fdcee
5610 [main] DEBUG org.apache.http.impl.conn.BasicClientConnectionManager - Connection can be kept alive indefinitely
5643 [main] DEBUG org.springframework.aop.framework.JdkDynamicAopProxy - Creating JDK dynamic proxy: target source is EmptyTargetSource: no target class, static
5685 [main] DEBUG org.springframework.remoting.httpinvoker.HttpComponentsHttpInvokerRequestExecutor - Sending HTTP invoker request for service at [https://128.222.174.144:8281/vco/webremoting/vcofactory.service], with size 758
5692 [main] DEBUG org.apache.http.impl.conn.tsccm.ThreadSafeClientConnManager - Get connection: {s}->https://128.222.174.144:8281, timeout = 0
5694 [main] DEBUG org.apache.http.impl.conn.tsccm.ConnPoolByRoute - [{s}->https://128.222.174.144:8281] total kept alive: 0, total issued: 0, total allocated: 0 out of 100
5694 [main] DEBUG org.apache.http.impl.conn.tsccm.ConnPoolByRoute - No free connections [{s}->https://128.222.174.144:8281][null]
5694 [main] DEBUG org.apache.http.impl.conn.tsccm.ConnPoolByRoute - Available capacity: 5 out of 5 [{s}->https://128.222.174.144:8281][null]
5695 [main] DEBUG org.apache.http.impl.conn.tsccm.ConnPoolByRoute - Creating new connection [{s}->https://128.222.174.144:8281]
5699 [main] DEBUG org.apache.http.impl.conn.DefaultClientConnectionOperator - Connecting to 128.222.174.144:8281
10781 [main] DEBUG org.apache.http.impl.conn.DefaultClientConnection - Connection org.apache.http.impl.conn.DefaultClientConnection@5bd919aa closed
10781 [main] DEBUG org.apache.http.impl.conn.DefaultClientConnection - Connection org.apache.http.impl.conn.DefaultClientConnection@5bd919aa shut down
10782 [main] DEBUG org.apache.http.impl.conn.tsccm.ThreadSafeClientConnManager - Released connection is not reusable.
10782 [main] DEBUG org.apache.http.impl.conn.tsccm.ConnPoolByRoute - Releasing connection [{s}->https://128.222.174.144:8281][null]
10782 [main] DEBUG org.apache.http.impl.conn.DefaultClientConnection - Connection org.apache.http.impl.conn.DefaultClientConnection@5bd919aa closed
10782 [main] DEBUG org.apache.http.impl.conn.tsccm.ConnPoolByRoute - Notifying no-one, there are no waiting threads
10783 [main] ERROR ch.dunes.model.client.VSOFactoryClient - org.springframework.remoting.RemoteAccessException: Could not access HTTP invoker remote service at [https://128.222.174.144:8281/vco/webremoting/vcofactory.service]; nested exception is javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
10783 [main] DEBUG ch.dunes.model.client.VSOFactoryClient - org.springframework.remoting.RemoteAccessException: Could not access HTTP invoker remote service at [https://128.222.174.144:8281/vco/webremoting/vcofactory.service]; nested exception is javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
ch.dunes.util.DunesServerException: org.springframework.remoting.RemoteAccessException: Could not access HTTP invoker remote service at [https://128.222.174.144:8281/vco/webremoting/vcofactory.service]; nested exception is javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
at ch.dunes.model.client.VSOFactoryClient.connectRemoteProxy(VSOFactoryClient.java:254)
at ch.dunes.model.client.VSOFactoryClient.connect(VSOFactoryClient.java:310)
at ch.dunes.model.client.VSOFactoryClient.connect(VSOFactoryClient.java:272)
at ch.dunes.model.client.VSOFactoryClient.connect(VSOFactoryClient.java:279)
at ch.dunes.model.client.VSOFactoryClientHelper.createConnectedClient(VSOFactoryClientHelper.java:53)
at ch.dunes.model.client.VSOFactoryClientHelper.createFactoryClient(VSOFactoryClientHelper.java:23)
at com.vmware.o11n.mojo.pkg.VCOPackageManager.connectVCOServer(VCOPackageManager.java:248)
at com.vmware.o11n.mojo.pkg.VCOPackageManager.fileImport(VCOPackageManager.java:217)
at com.vmware.o11n.tools.cli.PackageToolCli.fileImport(PackageToolCli.java:176)
at com.vmware.o11n.tools.cli.PackageToolCli.<init>(PackageToolCli.java:85)
at com.vmware.o11n.tools.cli.PackageToolCli.main(PackageToolCli.java:125)
Caused by: org.springframework.remoting.RemoteAccessException: Could not access HTTP invoker remote service at [https://128.222.174.144:8281/vco/webremoting/vcofactory.service]; nested exception is javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
at org.springframework.remoting.httpinvoker.HttpInvokerClientInterceptor.convertHttpInvokerAccessException(HttpInvokerClientInterceptor.java:212)
at org.springframework.remoting.httpinvoker.HttpInvokerClientInterceptor.invoke(HttpInvokerClientInterceptor.java:145)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202)
at com.sun.proxy.$Proxy0.authenticate(Unknown Source)
at com.vmware.o11n.model.support.proxy.RemoteHttpVSOFactoryInvocationHandler.connect(RemoteHttpVSOFactoryInvocationHandler.java:106)
at ch.dunes.model.client.VSOAccessPointAwareFactoryClient.connectWithToken(VSOAccessPointAwareFactoryClient.java:31)
at ch.dunes.model.client.VSOFactoryClient.connectRemoteProxy(VSOFactoryClient.java:235)
... 10 more
Caused by: javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
at sun.security.ssl.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:397)
at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:126)
at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:572)
at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:180)
at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:151)
at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:125)
at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:645)
at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:480)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:906)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:805)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:784)
at org.springframework.remoting.httpinvoker.HttpComponentsHttpInvokerRequestExecutor.executeHttpPost(HttpComponentsHttpInvokerRequestExecutor.java:222)
at org.springframework.remoting.httpinvoker.HttpComponentsHttpInvokerRequestExecutor.doExecuteRequest(HttpComponentsHttpInvokerRequestExecutor.java:157)
at org.springframework.remoting.httpinvoker.AbstractHttpInvokerRequestExecutor.executeRequest(AbstractHttpInvokerRequestExecutor.java:136)
at org.springframework.remoting.httpinvoker.HttpInvokerClientInterceptor.executeRequest(HttpInvokerClientInterceptor.java:192)
at org.springframework.remoting.httpinvoker.HttpInvokerClientInterceptor.executeRequest(HttpInvokerClientInterceptor.java:174)
at org.springframework.remoting.httpinvoker.HttpInvokerClientInterceptor.invoke(HttpInvokerClientInterceptor.java:142)
... 16 more
ERROR: Unable to import file com.emc.chad.spike.dev_test.package