I have a user who has a license to use Swiss Topo maps and requires my application to pull these tiles down.
In my main project I pull the tiles from the following type of URL https://wmts10.geo.admin.ch/1.0.0/ch.swisstopo.pixelkarte-farbe/default/current/3857/11/1074/[tile id].jpeg.
When I initially implemented this in my main project, which I compile as a non-modular image against OpenJDK11.0, there was an issue because of a known bug with TLSv1.3 pre openJDK11.02. The work around was to use the JVM param -Dhttps.protocols=TLSv1.2 to force my application to use TLSv1.2. This worked within my IDE but when I made the image using Beryx Badass Runtime it's as if the JVM param is ignored, I do see that Beryx has added it to the batch file that launches the image though.
I then decided I would try against OpenJDK 11.02 as this was meant to have a fix for TLSv1.3 and doesn't require that I force the TLS version to 1.2 with the JVM param. Again, this works when running from within my IDE (without a JVM param) but when I use Beryx to create the runtime image I see the same SSLExceptions. If I build the runtime with the following JVM param -Djavax.net.debug=ssl:handshake I see the following (it looks like OpenJDK11.02 only tries TLSv1.2?):
Reprex.bat
WARNING: Unknown module: javafx.graphics specified to --add-exports
WARNING: Unknown module: javafx.controls specified to --add-exports
WARNING: Unknown module: javafx.controls specified to --add-exports
WARNING: Unknown module: javafx.graphics specified to --add-exports
WARNING: package javax.naming not in java.base
WARNING: Unknown module: javafx.controls specified to --add-exports
WARNING: Unknown module: javafx.base specified to --add-exports
WARNING: Unknown module: javafx.graphics specified to --add-exports
WARNING: Unknown module: javafx.graphics specified to --add-exports
WARNING: Unknown module: javafx.controls specified to --add-exports
WARNING: Unknown module: javafx.base specified to --add-exports
WARNING: Unknown module: javafx.controls specified to --add-exports
WARNING: Unknown module: javafx.graphics specified to --add-exports
WARNING: Unknown module: javafx.controls specified to --add-opens
WARNING: Unknown module: javafx.graphics specified to --add-opens
https://wmts10.geo.admin.ch/1.0.0/ch.swisstopo.pixelkarte-farbe/default/current/3857/11/1074/715.jpeg
javax.net.ssl|DEBUG|1B|Thread-3|2022-11-30 13:10:17.146 GMT|null:-1|jdk.tls.keyLimits: entry = AES/GCM/NoPadding KeyUpdate 2^37. AES/GCM/NOPADDING:KEYUPDATE = 137438953472
javax.net.ssl|DEBUG|1B|Thread-3|2022-11-30 13:10:17.571 GMT|null:-1|the previous server name in SNI (type=host_name (0), value=wmts10.geo.admin.ch) was replaced with (type=host_name (0), value=wmts10.geo.admin.ch)
javax.net.ssl|WARNING|1B|Thread-3|2022-11-30 13:10:17.586 GMT|null:-1|Signature algorithm, ed25519, is not supported by the underlying providers
javax.net.ssl|WARNING|1B|Thread-3|2022-11-30 13:10:17.587 GMT|null:-1|Signature algorithm, ed448, is not supported by the underlying providers
javax.net.ssl|WARNING|1B|Thread-3|2022-11-30 13:10:17.587 GMT|null:-1|Signature algorithm, SHA256withECDSA, is not supported by the underlying providers
javax.net.ssl|WARNING|1B|Thread-3|2022-11-30 13:10:17.587 GMT|null:-1|Signature algorithm, SHA384withECDSA, is not supported by the underlying providers
javax.net.ssl|WARNING|1B|Thread-3|2022-11-30 13:10:17.587 GMT|null:-1|Signature algorithm, SHA512withECDSA, is not supported by the underlying providers
javax.net.ssl|WARNING|1B|Thread-3|2022-11-30 13:10:17.589 GMT|null:-1|Signature algorithm, SHA224withECDSA, is not supported by the underlying providers
javax.net.ssl|WARNING|1B|Thread-3|2022-11-30 13:10:17.590 GMT|null:-1|Signature algorithm, SHA1withECDSA, is not supported by the underlying providers
javax.net.ssl|INFO|1B|Thread-3|2022-11-30 13:10:17.591 GMT|null:-1|No available application protocols
javax.net.ssl|DEBUG|1B|Thread-3|2022-11-30 13:10:17.592 GMT|null:-1|Ignore, context unavailable extension: application_layer_protocol_negotiation
javax.net.ssl|DEBUG|1B|Thread-3|2022-11-30 13:10:17.593 GMT|null:-1|Ignore, context unavailable extension: cookie
javax.net.ssl|DEBUG|1B|Thread-3|2022-11-30 13:10:17.622 GMT|null:-1|No session to resume.
javax.net.ssl|DEBUG|1B|Thread-3|2022-11-30 13:10:17.622 GMT|null:-1|Ignore, context unavailable extension: pre_shared_key
javax.net.ssl|DEBUG|1B|Thread-3|2022-11-30 13:10:17.623 GMT|null:-1|Produced ClientHello handshake message (
"ClientHello": {
"client version" : "TLSv1.2",
"random" : "31 5F 56 DC E8 EC 9D 92 1B C6 63 D0 F2 B7 62 83 18 E9 3E 13 6D D2 6D 0E 5E 63 39 7D 18 58 66 0E",
"session id" : "A3 84 68 4B EB 32 A8 27 22 62 73 44 42 03 76 CE 7C E4 A9 88 FC D1 E6 98 9D 70 BF D6 E0 D5 5F 20",
"cipher suites" : "[TLS_AES_128_GCM_SHA256(0x1301), TLS_AES_256_GCM_SHA384(0x1302), TLS_RSA_WITH_AES_256_GCM_SHA384(0x009D), TLS_DHE_RSA_WITH_AES_256_GCM_SHA384(0x009F), TLS_DHE_DSS_WITH_AES_256_GCM_SHA384(0x00A3), TLS_RSA_WITH_AES_128_GCM_SHA256(0x009C), TLS_DHE_RSA_WITH_AES_128_GCM_SHA256(0x009E), TLS_DHE_DSS_WITH_AES_128_GCM_SHA256(0x00A2), TLS_RSA_WITH_AES_256_CBC_SHA256(0x003D), TLS_DHE_RSA_WITH_AES_256_CBC_SHA256(0x006B), TLS_DHE_DSS_WITH_AES_256_CBC_SHA256(0x006A), TLS_RSA_WITH_AES_256_CBC_SHA(0x0035), TLS_DHE_RSA_WITH_AES_256_CBC_SHA(0x0039), TLS_DHE_DSS_WITH_AES_256_CBC_SHA(0x0038), TLS_RSA_WITH_AES_128_CBC_SHA256(0x003C), TLS_DHE_RSA_WITH_AES_128_CBC_SHA256(0x0067), TLS_DHE_DSS_WITH_AES_128_CBC_SHA256(0x0040), TLS_RSA_WITH_AES_128_CBC_SHA(0x002F), TLS_DHE_RSA_WITH_AES_128_CBC_SHA(0x0033), TLS_DHE_DSS_WITH_AES_128_CBC_SHA(0x0032)]",
"compression methods" : "00",
"extensions" : [
]
}
)
javax.net.ssl|DEBUG|1B|Thread-3|2022-11-30 13:10:40.229 GMT|null:-1|Received alert message (
"Alert": {
"level" : "warning",
"description": "close_notify"
}
)
javax.net.ssl|ERROR|1B|Thread-3|2022-11-30 13:10:40.230 GMT|null:-1|Fatal (UNEXPECTED_MESSAGE): Received close_notify during handshake (
"throwable" : {
javax.net.ssl.SSLProtocolException: Received close_notify during handshake
at java.base/sun.security.ssl.Alert.createSSLException(Unknown Source)
at java.base/sun.security.ssl.Alert.createSSLException(Unknown Source)
at java.base/sun.security.ssl.TransportContext.fatal(Unknown Source)
at java.base/sun.security.ssl.TransportContext.fatal(Unknown Source)
at java.base/sun.security.ssl.TransportContext.fatal(Unknown Source)
at java.base/sun.security.ssl.Alert$AlertConsumer.consume(Unknown Source)
at java.base/sun.security.ssl.TransportContext.dispatch(Unknown Source)
at java.base/sun.security.ssl.SSLTransport.decode(Unknown Source)
at java.base/sun.security.ssl.SSLSocketImpl.decode(Unknown Source)
at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(Unknown Source)
at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at java.base/sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
at java.base/sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
at java.base/sun.net.www.protocol.http.HttpURLConnection.getInputStream0(Unknown Source)
at java.base/sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
at java.base/sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source)
at sample.Main$1.call(Main.java:60)
at javafx.concurrent.Task$TaskCallable.call(Task.java:1425)
at java.base/java.util.concurrent.FutureTask.run(Unknown Source)
at java.base/java.lang.Thread.run(Unknown Source)}
)
javax.net.ssl|DEBUG|1B|Thread-3|2022-11-30 13:10:40.231 GMT|null:-1|close the underlying socket
javax.net.ssl|DEBUG|1B|Thread-3|2022-11-30 13:10:40.232 GMT|null:-1|close the SSL connection (passive)
javax.net.ssl.SSLProtocolException: Received close_notify during handshake
at java.base/sun.security.ssl.Alert.createSSLException(Unknown Source)
at java.base/sun.security.ssl.Alert.createSSLException(Unknown Source)
at java.base/sun.security.ssl.TransportContext.fatal(Unknown Source)
at java.base/sun.security.ssl.TransportContext.fatal(Unknown Source)
at java.base/sun.security.ssl.TransportContext.fatal(Unknown Source)
at java.base/sun.security.ssl.Alert$AlertConsumer.consume(Unknown Source)
at java.base/sun.security.ssl.TransportContext.dispatch(Unknown Source)
at java.base/sun.security.ssl.SSLTransport.decode(Unknown Source)
at java.base/sun.security.ssl.SSLSocketImpl.decode(Unknown Source)
at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(Unknown Source)
at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at java.base/sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
at java.base/sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
at java.base/sun.net.www.protocol.http.HttpURLConnection.getInputStream0(Unknown Source)
at java.base/sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
at java.base/sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source)
at sample.Main$1.call(Main.java:60)
at javafx.concurrent.Task$TaskCallable.call(Task.java:1425)
at java.base/java.util.concurrent.FutureTask.run(Unknown Source)
at java.base/java.lang.Thread.run(Unknown Source)
You will also notice a number of WARNING: Unknown module: messages at the start of that output but I'll address those later.
I have created a reprex project which can be found at https://github.com/chrisrush1/MVPDoExportsTLSReprex
I've included some commented out jvm params in the build.gradle which I've been using to see more detail on the SSL exception and to force the TLS version.
Within the Main.java there is some code I've commented out that will force the TLS version in code, I tried this to see if the Beryx runtime was failing to pass the JVM param but that isn't the issue.
Something different happens with the SSL request when running the image Beryx runtime creates than when the application is just run within the IDE and I'm struggling to see what that is.
Within the runtime block in my build.gradle I do the follow just to make sure it is using the correct OpenJDK which I set using the Env var JAVA_HOME, I don't think it should be necessary though.
runtime {
javaHome.set(System.getenv('JAVA_HOME'))
println "runtime JavaHome path:${javaHome.get()}"
options = ['--strip-debug', '--compress', '2', '--no-header-files', '--no-man-pages']
}
In addition to the above issue you can see the WARNING messages about 'unknown module'. I've included all the add-exports and add-opens commands required by my main project in the build.gradle for this reprex project so that all these WARNINGS can be seen. These warnings are odd because they would imply the modules are missing but the main application runs correctly and wouldn't if I removed the add-exports/add-opens so I'm not sure why when launching the image from the bat file created these are displayed? javafx.graphics and javafx.controls are vital to my main project so they must be in the image as it launches and runs without issue so why the warnings?
The modules file created for my image with badass runtime contains the following
bin\java --list-modules
java.base#11.0.2
java.compiler#11.0.2
java.datatransfer#11.0.2
java.desktop#11.0.2
java.instrument#11.0.2
java.logging#11.0.2
java.management#11.0.2
java.management.rmi#11.0.2
java.naming#11.0.2
java.net.http#11.0.2
java.prefs#11.0.2
java.rmi#11.0.2
java.scripting#11.0.2
java.se#11.0.2
java.security.jgss#11.0.2
java.security.sasl#11.0.2
java.smartcardio#11.0.2
java.sql#11.0.2
java.sql.rowset#11.0.2
java.transaction.xa#11.0.2
java.xml#11.0.2
java.xml.crypto#11.0.2
jdk.accessibility#11.0.2
jdk.aot#11.0.2
jdk.attach#11.0.2
jdk.charsets#11.0.2
jdk.compiler#11.0.2
jdk.crypto.cryptoki#11.0.2
jdk.crypto.ec#11.0.2
jdk.crypto.mscapi#11.0.2
jdk.dynalink#11.0.2
jdk.editpad#11.0.2
jdk.hotspot.agent#11.0.2
jdk.httpserver#11.0.2
jdk.internal.ed#11.0.2
jdk.internal.jvmstat#11.0.2
jdk.internal.le#11.0.2
jdk.internal.opt#11.0.2
jdk.internal.vm.ci#11.0.2
jdk.internal.vm.compiler#11.0.2
jdk.internal.vm.compiler.management#11.0.2
jdk.jartool#11.0.2
jdk.javadoc#11.0.2
jdk.jcmd#11.0.2
jdk.jconsole#11.0.2
jdk.jdeps#11.0.2
jdk.jdi#11.0.2
jdk.jdwp.agent#11.0.2
jdk.jfr#11.0.2
jdk.jlink#11.0.2
jdk.jshell#11.0.2
jdk.jsobject#11.0.2
jdk.jstatd#11.0.2
jdk.localedata#11.0.2
jdk.management#11.0.2
jdk.management.agent#11.0.2
jdk.management.jfr#11.0.2
jdk.naming.dns#11.0.2
jdk.naming.rmi#11.0.2
jdk.net#11.0.2
jdk.pack#11.0.2
jdk.rmic#11.0.2
jdk.scripting.nashorn#11.0.2
jdk.scripting.nashorn.shell#11.0.2
jdk.sctp#11.0.2
jdk.security.auth#11.0.2
jdk.security.jgss#11.0.2
jdk.unsupported#11.0.2
jdk.unsupported.desktop#11.0.2
jdk.xml.dom#11.0.2
jdk.zipfs#11.0.2
My uderstanding was that the runtime plugin puts the javafx dependencies in the jar file under /lib along with my project classes, I see a lot of them in there including packages that are in javafx.base, javafx.controls and javafx.graphics, is this not where my image is using them from? Thanks
Thanks for any help with these issues.
This issue is NOT related to JavaFX specifically, it will manifest in any Java program packaged as modular jlinked images that use SSL.
In order for SSL to work in a modular Java image, you need to include the following module in the image:
jdk.crypto.cryptoki
Without this module, the jlinked image will hang trying to get an SSL socket, and eventually (after about 30 seconds) fail with the error:
javax.net.ssl.SSLProtocolException: Received close_notify during handshake
// at SSL related stack trace...
This will occur because jlink won't, by default, bind in the sun security provider for public key cryptography that is required to support SSL connections.
From the cryptoki documentation:
Provides the implementation of the SunPKCS11 security provider.
You need some kind of public key security provider for SSL to function, either the standard one from the JDK or a 3rd party one like Bouncy Castle. Without it, the rest of the app will work, but some cryptography will not. The lookup and usage of security algorithms is a runtime thing, so everything will work until you try to use it (e.g. when you try to open an SSL connection).
To fix it, you can create a modular app that requires the necessary module in the module-info.java file with this line:
requires jdk.crypto.cryptoki;
Demonstration
I am going to give a Maven-based answer as I am more familiar with that toolset. I don't know Gradle well enough to advise on how to translate this answer for Gradle. For testing, I used OpenJDK 19.0.1 and JavaFX 19 on OS X (Intel) 13.0.1.
This example is derived from code by rickybobby.
To build the linked app:
mvn javafx:jlink
To run the linked app:
./target/app/bin/app
src/main/java/sample/Main.java
package sample;
import javafx.application.Application;
import javafx.application.Platform;
import javafx.concurrent.Task;
import javafx.scene.Scene;
import javafx.scene.image.Image;
import javafx.scene.image.ImageView;
import javafx.scene.layout.HBox;
import javafx.stage.Stage;
import java.io.InputStream;
import java.net.URL;
public class Main extends Application {
private static final String BASE_URL = "https://wmts10.geo.admin.ch/1.0.0/ch.swisstopo.pixelkarte-farbe/default/current/3857/11/1074/";
private ImageView iv;
#Override
public void start(Stage primaryStage) throws Exception {
HBox hBox = new HBox(0.0);
hBox.setPrefHeight(400);
hBox.setPrefWidth(600);
iv = new ImageView();
iv.setFitWidth(200);
iv.setFitHeight(150);
iv.setPreserveRatio(true);
hBox.getChildren().add(iv);
primaryStage.setScene(new Scene(hBox, 300, 275));
primaryStage.show();
//load map tile from server
Task<Void> mapTileLoadTask = new Task<>() {
#Override
protected Void call() throws Exception {
Thread.sleep(1000);
Image image = null;
for (int i = 715; i < 739; i++) {
String urlString = BASE_URL + i + ".jpeg";
System.out.println(urlString);
URL url = new URL(urlString);
try {
//open inputStream to show SSLHandshakeExpception seen in main project
InputStream inputStream = url.openConnection().getInputStream();
image = new Image(urlString, true);
} catch (Exception e) {
e.printStackTrace();
}
if (image != null)
setMapImage(image);
Thread.sleep(10);
}
return null;
}
};
new Thread(mapTileLoadTask).start();
}
public synchronized void setMapImage(Image image) {
Platform.runLater(() -> {
if (iv != null)
iv.setImage(image);
});
}
public static void main(String[] args) {
launch(args);
}
}
src/main/java/module-info.java
module com.example.maptilemaven {
requires javafx.controls;
// if you comment out this line, SSL handshakes will fail in jlinked images.
requires jdk.crypto.cryptoki;
exports sample;
}
pom.xml
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.example</groupId>
<artifactId>maptilemaven</artifactId>
<version>1.0-SNAPSHOT</version>
<name>maptilemaven</name>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
</properties>
<dependencies>
<dependency>
<groupId>org.openjfx</groupId>
<artifactId>javafx-controls</artifactId>
<version>19</version>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.10.1</version>
<configuration>
<source>19</source>
<target>19</target>
</configuration>
</plugin>
<plugin>
<groupId>org.openjfx</groupId>
<artifactId>javafx-maven-plugin</artifactId>
<version>0.0.8</version>
<executions>
<execution>
<!-- Default configuration for running with: mvn clean javafx:run -->
<id>default-cli</id>
<configuration>
<mainClass>com.example.maptilemaven/sample.Main</mainClass>
<launcher>app</launcher>
<jlinkZipName>app</jlinkZipName>
<jlinkImageName>app</jlinkImageName>
<noManPages>true</noManPages>
<stripDebug>true</stripDebug>
<noHeaderFiles>true</noHeaderFiles>
<!-- Normally the javafx maven plugin will find jlink in JAVA_HOME, but if you want to specify which version to use, set that here:
<jlinkExecutable>/Users/username/Library/Java/JavaVirtualMachines/openjdk-19.0.1/Contents/Home/bin/jlink</jlinkExecutable>
-->
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
</project>
Verify of linked modules with this command:
.target/app/bin/java --list-modules
Outputs:
com.example.maptilemaven
java.base#19.0.1
java.datatransfer#19.0.1
java.desktop#19.0.1
java.prefs#19.0.1
java.xml#19.0.1
javafx.base#19
javafx.controls#19
javafx.graphics#19
jdk.crypto.cryptoki#19.0.1
jdk.crypto.ec#19.0.1
jdk.unsupported#19.0.1
Hi, I am trying to connect to snowflake from R Workbench. This is the error received while connecting with okta.
con <- dbConnect(jdbcDriver, "jdbc:snowflake://company.snowflakecomputing.com/?authenticator=https://company.okta.com/", 'name#company.com', 'pass')
Sep 16, 2021 10:07:42 PM net.snowflake.client.core.SessionUtil handleFederatedFlowError
SEVERE: IOException when authenticating with https://company.okta.com/
java.net.MalformedURLException: no protocol: /login/cert
at java.net.URL.(URL.java:611)
at java.net.URL.(URL.java:508)
at java.net.URL.(URL.java:457)
at net.snowflake.client.core.SessionUtil.isPrefixEqual(SessionUtil.java:1218)
at net.snowflake.client.core.SessionUtil.federatedFlowStep4(SessionUtil.java:999)
at net.snowflake.client.core.SessionUtil.getSamlResponseUsingOkta(SessionUtil.java:1206)
at net.snowflake.client.core.SessionUtil.newSession(SessionUtil.java:378)
at net.snowflake.client.core.SessionUtil.openSession(SessionUtil.java:284)
at net.snowflake.client.core.SFSession.open(SFSession.java:446)
at net.snowflake.client.jdbc.DefaultSFConnectionHandler.initialize(DefaultSFConnectionHandler.java:104)
at net.snowflake.client.jdbc.DefaultSFConnectionHandler.initializeConnection(DefaultSFConnectionHandler.java:79)
at net.snowflake.client.jdbc.SnowflakeConnectionV1.initConnectionWithImpl(SnowflakeConnectionV1.java:116)
at net.snowflake.client.jdbc.SnowflakeConnectionV1.(SnowflakeConnectionV1.java:96)
at net.snowflake.client.jdbc.SnowflakeDriver.connect(SnowflakeDriver.java:164)
at java.sql.DriverManager.getConnection(DriverManager.java:664)
at java.sql.DriverManager.getConnection(DriverManager.java:247)
Sep 16, 2021 10:07:43 PM net.snowflake.client.core.SessionUtil handleFederatedFlowError
SEVERE: IOException when authenticating with https://company.okta.com/
java.net.MalformedURLException: no protocol: /login/cert
at java.net.URL.(URL.java:611)
at java.net.URL.(URL.java:508)
at java.net.URL.(URL.java:457)
at net.snowflake.client.core.SessionUtil.isPrefixEqual(SessionUtil.java:1218)
at net.snowflake.client.core.SessionUtil.federatedFlowStep4(SessionUtil.java:999)
at net.snowflake.client.core.SessionUtil.getSamlResponseUsingOkta(SessionUtil.java:1206)
at net.snowflake.client.core.SessionUtil.newSession(SessionUtil.java:378)
at net.snowflake.client.core.SessionUtil.openSession(SessionUtil.java:284)
at net.snowflake.client.core.SFSession.open(SFSession.java:446)
at net.snowflake.client.jdbc.DefaultSFConnectionHandler.initialize(DefaultSFConnectionHandler.java:104)
at net.snowflake.client.jdbc.DefaultSFConnectionHandler.initializeConnection(DefaultSFConnectionHandler.java:79)
at net.snowflake.client.jdbc.SnowflakeConnectionV1.initConnectionWithImpl(SnowflakeConnectionV1.java:116)
at net.snowflake.client.jdbc.SnowflakeConnectionV1.(SnowflakeConnectionV1.java:96)
at net.snowflake.client.jdbc.SnowflakeDriver.connect(SnowflakeDriver.java:164)
Error in .jcall(drv#jdrv, "Ljava/sql/Connection;", "connect", as.character(url)[1], :
net.snowflake.client.jdbc.SnowflakeSQLException: JDBC driver encountered communication error. Message: Exception encountered when opening connection: no protocol: /login/cert.
I presume that Okta is set up with MFA. If so, the error is because of that since Snowflake drivers does not support Native authentication for Okta with MFA enabled.
You need to use externalbrowser as the authenticator option if the requirement is to use Okta + MFA.
When I run my Spring Boot webserver inside my GCP VM using this command:
java -jar corda-webserver.jar --server.port=10055 --config.rpc.host=localhost --config.rpc.port=10003 --config.rpc.username=cordazoneservice --config.rpc.password=SOME_PASSWORD
I get this error:
W 21:56:07 26 SerializationFactoryImpl.apply - Cannot find serialization scheme for: [([636F7264610000], RPCClient), UNKNOWN MAGIC] registeredSchemes are: [net.corda.client.rpc.internal.serialization.amqp.AMQPClientSerializationScheme#72fcf0f7]
E 21:56:07 26 RPCClientProxyHandler.artemisMessageHandler - Failed to deserialize RPC body
net.corda.nodeapi.RPCApi$ServerToClient$FailedToDeserializeReply: Failed to deserialize RPC reply: Serialization scheme ([636F7264610000], RPCClient) not supported.
at net.corda.nodeapi.RPCApi$ServerToClient$Companion.fromClientMessage(RPCApi.kt:240) ~[corda-node-api-4.1.jar!/:?]
at net.corda.client.rpc.internal.RPCClientProxyHandler.artemisMessageHandler(RPCClientProxyHandler.kt:309) ~[corda-rpc-4.1.jar!/:?]
at net.corda.client.rpc.internal.RPCClientProxyHandler.access$artemisMessageHandler(RPCClientProxyHandler.kt:75) ~[corda-rpc-4.1.jar!/:?]
at net.corda.client.rpc.internal.RPCClientProxyHandler$initSessions$1.invoke(RPCClientProxyHandler.kt:519) ~[corda-rpc-4.1.jar!/:?]
at net.corda.client.rpc.internal.RPCClientProxyHandler$initSessions$1.invoke(RPCClientProxyHandler.kt:75) ~[corda-rpc-4.1.jar!/:?]
at net.corda.client.rpc.internal.RPCClientProxyHandlerKt$sam$org_apache_activemq_artemis_api_core_client_MessageHandler$0.onMessage(RPCClientProxyHandler.kt) ~[corda-rpc-4.1.jar!/:?]
at org.apache.activemq.artemis.core.client.impl.ClientConsumerImpl.callOnMessage(ClientConsumerImpl.java:1002) ~[artemis-core-client-2.6.2.jar!/:2.6.2]
at org.apache.activemq.artemis.core.client.impl.ClientConsumerImpl.access$400(ClientConsumerImpl.java:50) ~[artemis-core-client-2.6.2.jar!/:2.6.2]
at org.apache.activemq.artemis.core.client.impl.ClientConsumerImpl$Runner.run(ClientConsumerImpl.java:1125) ~[artemis-core-client-2.6.2.jar!/:2.6.2]
at org.apache.activemq.artemis.utils.actors.OrderedExecutor.doTask(OrderedExecutor.java:42) ~[artemis-commons-2.6.2.jar!/:2.6.2]
at org.apache.activemq.artemis.utils.actors.OrderedExecutor.doTask(OrderedExecutor.java:31) ~[artemis-commons-2.6.2.jar!/:2.6.2]
at org.apache.activemq.artemis.utils.actors.ProcessorBase.executePendingTasks(ProcessorBase.java:66) ~[artemis-commons-2.6.2.jar!/:2.6.2]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [?:1.8.0_222]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [?:1.8.0_222]
at org.apache.activemq.artemis.utils.ActiveMQThreadFactory$1.run(ActiveMQThreadFactory.java:118) [artemis-commons-2.6.2.jar!/:2.6.2]
Caused by: java.lang.UnsupportedOperationException: Serialization scheme ([636F7264610000], RPCClient) not supported.
at net.corda.serialization.internal.SerializationFactoryImpl$schemeFor$1.apply(SerializationScheme.kt:99) ~[corda-serialization-4.1.jar!/:?]
at net.corda.serialization.internal.SerializationFactoryImpl$schemeFor$1.apply(SerializationScheme.kt:73) ~[corda-serialization-4.1.jar!/:?]
at java.util.concurrent.ConcurrentHashMap.computeIfAbsent(ConcurrentHashMap.java:1660) ~[?:1.8.0_222]
at net.corda.serialization.internal.SerializationFactoryImpl.schemeFor(SerializationScheme.kt:95) ~[corda-serialization-4.1.jar!/:?]
at net.corda.serialization.internal.SerializationFactoryImpl.access$schemeFor(SerializationScheme.kt:73) ~[corda-serialization-4.1.jar!/:?]
at net.corda.serialization.internal.SerializationFactoryImpl$deserialize$1$1.invoke(SerializationScheme.kt:105) ~[corda-serialization-4.1.jar!/:?]
at net.corda.core.serialization.SerializationFactory.withCurrentContext(SerializationAPI.kt:71) ~[corda-core-4.1.jar!/:?]
at net.corda.serialization.internal.SerializationFactoryImpl$deserialize$1.invoke(SerializationScheme.kt:105) ~[corda-serialization-4.1.jar!/:?]
at net.corda.serialization.internal.SerializationFactoryImpl$deserialize$1.invoke(SerializationScheme.kt:73) ~[corda-serialization-4.1.jar!/:?]
at net.corda.core.serialization.SerializationFactory.asCurrent(SerializationAPI.kt:85) ~[corda-core-4.1.jar!/:?]
at net.corda.serialization.internal.SerializationFactoryImpl.deserialize(SerializationScheme.kt:105) ~[corda-serialization-4.1.jar!/:?]
at net.corda.nodeapi.RPCApi$ServerToClient$Companion.fromClientMessage(RPCApi.kt:373) ~[corda-node-api-4.1.jar!/:?]
... 14 more
I 21:56:07 1 RPCClient.logElapsedTime - Failed Startup took 1204 msec
W 21:56:07 1 AnnotationConfigServletWebServerApplicationContext.refresh - Exception encountered during context initialization - cancelling refresh attempt: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'nodeRPCConnection': Invocation of init method failed; nested exception is java.lang.UnsupportedOperationException: Serialization scheme ([636F7264610000], RPCClient) not supported.
I 21:56:07 1 StandardService.log - Stopping service [Tomcat]
Below is the Corda version that I use in my project:
corda_release_group = 'net.corda'
corda_release_version = '4.1'
tokens_release_group = 'com.r3.corda.lib.tokens'
tokens_release_version = '1.0-RC03'
corda_gradle_plugins_version = '4.0.42'
junit_version = '4.12'
quasar_version = '0.7.10'
spring_boot_version = '2.0.2.RELEASE'
spring_boot_gradle_plugin_version = '2.0.2.RELEASE'
slf4j_version = '1.7.25'
log4j_version = '2.11.2'
corda_platform_version = '4'
My Corda node on GCP VM that I built using the script from Corda TestNet:
[INFO ] 2019-08-14T03:21:28,879Z [main] internal.Node.logStartupInfo - Vendor: Corda Open Source {}
[INFO ] 2019-08-14T03:21:28,879Z [main] internal.Node.logStartupInfo - Release: 3.3-corda {}
[INFO ] 2019-08-14T03:21:28,881Z [main] internal.Node.logStartupInfo - Platform Version: 3 {}
Btw, I don't get errors when I run that command on my local Ubuntu VM; I start the node, then the webserver and I can access it inside my browser. This error only happens when I try the same inside my GCP VM using the node that is supplied by Corda TestNet.
I upgraded my node from OS 3.3 to OS 4.1 and that solved the issue.
Make sure you update node.conf file inside your node folder to follow the new formatting (e.g. no double quotes around keys).
I've been working with Symfony 2.7 and the RabbitMQBundle to handle some long processes asynchronously.
After facing the issue where the MySQL connection dies after a few minutes, I discovered rabbitmq-cli-consumer, a small app in Go that takes care of consuming the queue, and gives its content to a command.
In my case, I use it with this command: ./rabbitmq-cli-consumer -c configuration-stock.conf --include -V -e 'php app/console amqp:consume:stock --env=prod -vvv', with this configuration file:
[rabbitmq]
host = HOST
username = USERNAME
password = PASSWORD
vhost=/VHOST
port=PORT
queue=stock
compression=Off
[exchange]
name=exports
type=direct
durable=On
[queuesettings]
routingkey=stock
messagettl=10000
deadLetterExchange=exports.dl
deadLetterroutingkey=stock
priority=10
To handle errors, I intend to use RabbitMQ's x-dead-letter-exchange and x-dead-letter-routing-key configuration, to be able to retry the message later (in case something went temporarly wrong).
My issue is that, when I define my queues in RabbitMQBundle's configuration, rabbitmq-cli-consumer is unable to consume the queue, throwing this error:
2018/04/23 11:35:54 Connecting RabbitMQ...
2018/04/23 11:35:54 Connected.
2018/04/23 11:35:54 Opening channel...
2018/04/23 11:35:54 Done.
2018/04/23 11:35:54 Setting QoS...
2018/04/23 11:35:54 Succeeded setting QoS.
2018/04/23 11:35:54 Declaring queue "stock"...
2018/04/23 11:35:54 Registering consumer...
2018/04/23 11:35:54 failed to register a consumer: Exception (504) Reason: "channel/connection is not open"
Here is the configuration I use for RabbitMQBundle:
old_sound_rabbit_mq:
producers:
exports:
connection: default
exchange_options:
name: 'exports'
type: direct
exports_dl:
connection: default
exchange_options:
name: 'exports.dl'
type: direct
consumers:
stock_dead_letter:
connection: default
exchange_options:
name: exports.dl
type: direct
queue_options:
name: stock.dl
routing_keys:
- stock
arguments:
x-dead-letter-exchange: ['S', 'exports']
x-dead-letter-routing-key: ['S', 'stock']
x-message-ttl: ['I', 60000]
callback: amqp.consumers.exports.stock
multiple_consumers:
exports:
connection: default
exchange_options:
name: 'exports'
type: direct
queues:
stock:
name: stock
callback: amqp.consumers.exports.stock
routing_keys:
- stock
arguments:
x-dead-letter-exchange: ['S', 'exports.dl']
x-dead-letter-routing-key: ['S', 'stock']
Has anyone ever encountered something similar ? And how did you solve it ?
This is related to another question I asked:
ProcessStartInfo Multiple Arguments
I got this working with no errors in Windows Logs when run from the command line. Basically, I'm calling the console application from a Web Form. I'm passing two string arguments: an email subject and an email body. The console application then sends an email to a drop folder (for now).
const string MAILER_FILEPATH = #"C:\VS2010\Mailer\bin\Debug\Mailer.exe";
ProcessStartInfo info = new ProcessStartInfo();
string arguments = String.Format(#"""{0}"" ""{1}""",
message.Subject.Replace(#"""", #""""""),
message.Body.Replace(#"""", #""""""));
info.FileName = MAILER_FILEPATH;
Process process = Process.Start(info.FileName, arguments);
Process.Start(info);
When I call the console app from the Web Form, it still created the email in the drop folder but also generates two consecutive errors in the Windows Application Log:
Error 1:
Application: Mailer.exe Framework Version: v4.0.30319 Description:
The process was terminated due to an unhandled exception. Exception
Info: System.IndexOutOfRangeException Stack: at
Mailer.Mailer.Main(System.String[])
Error 2:
Faulting application name: Mailer.exe, version: 1.0.0.0, time stamp:
0x4ebab7ad Faulting module name: KERNELBASE.dll, version:
6.1.7601.17651, time stamp: 0x4e21213c Exception code: 0xe0434352 Fault offset: 0x000000000000cacd Faulting process id: 0x1648 Faulting
application start time: 0x01cc9f079d89d950 Faulting application path:
C:\VS2010\Mailer\bin\Release\Mailer.exe Faulting module path:
C:\Windows\system32\KERNELBASE.dll Report Id:
dbf249c0-0afa-11e1-a04b-a4badb02debf
The problem was caused by enclosing my console code with:
if (args.Length >= 0)
{
}
By changing this to >=1, the no more errors were logged!