Enviroment
2 VMs
One with Debian 8, Asterisk 13.13.1, PJSIP 2.5.5
and the other wit Debian 8 Gnome-GUI and SFLphone 1.4.1
VMs are located behinde NAT router in same network
Way around NAT is done by Exposed-Host function on the Asterisk-VM static IP
Asterisk-VM Firewall is turned of, to do so I have done in CLI as root:
iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT
Files
======pjsip.conf
[transport-udp]
type = transport
protocol = udp
bind = 0.0.0.0
local_net = 192.168.2.0/24
external_media_address = ---Router WAN IP---
external_signaling_address = ---Router WAN IP---
[reg_sipgate]
type = registration
retry_interval = 20
max_retries = 10
contact_user = ---SIPgate-ID---
expiration = 120
transport = transport-udp
outbound_auth = auth_reg_sipgate
client_uri = sip:---SIPgate-ID---#sipgate.de:5060
server_uri = sip:sipgate.de:5060
[auth_reg_sipgate]
type = auth
username = ---SIPgate-ID---
password = ---SIPgate-passwd---
[sipgate_aor]
type = aor
contact = sip:---SIPgate-ID---#sipgate.de
[sipgate_identity]
type=identity
endpoint = sipgate
match = sipgate.de
[sipgate_auth]
type = auth
username = ---SIPgate-ID---
password = ---SIPgate-passwd---
[sipgate]
type = endpoint
context = sipgate-in
dtmf_mode =rfc4733
disallow = all
allow = alaw
rtp_symmetric = yes
force_rport = yes
rewrite_contact = yes
timers = yes
from_user = ---SIPgate-ID---
from_domain = sipgate.de
language = en
outbound_auth = sipgate_auth
aors = sipgate_aor
======extensions.conf
[sipgate-in]
exten => _X.,1,NoOp(Processing an incoming call)
;same problem if this line is used and not the above line
;exten => ---SIPgate-number-in-plain---,1,NoOp(Processing an incoming call)
same => n,Dial(PJSIP/1001,20)
same => n,Hangup()
[sipgate-out]
exten => _X.,1,NoOp(Processing an outgoing call)
same => n,Dial(PJSIP/${EXTEN}#sipgate)
same => n,Hangup()
======pjsip_wizard.conf
[support](!)
type = wizard
accepts_registrations = yes
sends_registrations = no
accepts_auth = yes
sends_auth = no
endpoint/context = support
endpoint/allow_subscribe = yes
endpoint/allow = gsm
endpoint/direct_media = no
endpoint/force_rport = yes
endpoint/disable_direct_media_on_nat = yes
endpoint/direct_media_method = invite
endpoint/ice_support = yes
endpoint/moh_suggest = default
endpoint/send_rpid = yes
endpoint/rewrite_contact = yes
endpoint/send_pai = yes
endpoint/allow_transfer = yes
endpoint/trust_id_inbound = yes
endpoint/device_state_busy_at = 1
endpoint/trust_id_outbound = yes
endpoint/send_diversion = yes
aor/qualify_frequency = 30
aor/max_contacts = 1
aor/remove_existing = yes
aor/minimum_expiration = 30
aor/support_path = yes
phoneprov/PROFILE = profile1
[1001](support)
inbound_auth/username = 1001
inbound_auth/password = XXXXXXXXX
Picture
CLI notice with verbose = 5
Problem
Incoming calls are not routed to my softphone 1001. Only thing i get is 10sec silence, then HangUp. External calls run perfect
Thanks for help or link or calling me a dumbf*uck and telling me it's obvious
I use this enviroment just to learn, it's not productive neither 24/7 runnig. If you're missing something, tell me
Edit
Here is the debug.log
[Mar 20 06:46:59] DEBUG[25617] res_pjsip/pjsip_distributor.c: Could not find matching transaction for Request msg INVITE/cseq=103 (rdata0x7f9094001b98)
[Mar 20 06:46:59] DEBUG[25617] res_pjsip/pjsip_distributor.c: Calculated serializer pjsip/distributor-00000026 to use for Request msg INVITE/cseq=103 (rdata0x7f9094001b98)
[Mar 20 06:46:59] DEBUG[25618] res_pjsip_endpoint_identifier_ip.c: No identify sections to match against
[Mar 20 06:46:59] DEBUG[25618] res_pjsip_endpoint_identifier_user.c: Attempting identify by From username '04058962865' domain 'sipgate.de'
[Mar 20 06:46:59] DEBUG[25618] res_pjsip_endpoint_identifier_user.c: Endpoint not found for From username '04058962865' domain 'sipgate.de'
[Mar 20 06:46:59] NOTICE[25618] res_pjsip/pjsip_distributor.c: Request 'INVITE' from '"04058962865" <sip:04058962865#sipgate.de>' failed for '217.10.79.9:5060' (callid: 0eb324896fae520c2707e7933f2b33fe#sipgate.de) - No matching endpoint found
[Mar 20 06:46:59] DEBUG[25617] res_pjsip/pjsip_distributor.c: Could not find matching transaction for Request msg ACK/cseq=103 (rdata0x7f9094001b98)
[Mar 20 06:46:59] DEBUG[25617] res_pjsip/pjsip_distributor.c: Calculated serializer pjsip/distributor-00000026 to use for Request msg ACK/cseq=103 (rdata0x7f9094001b98)
[Mar 20 06:46:59] DEBUG[25618] res_pjsip_endpoint_identifier_ip.c: No identify sections to match against
[Mar 20 06:46:59] DEBUG[25618] res_pjsip_endpoint_identifier_user.c: Attempting identify by From username '04058962865' domain 'sipgate.de'
[Mar 20 06:46:59] DEBUG[25618] res_pjsip_endpoint_identifier_user.c: Endpoint not found for From username '04058962865' domain 'sipgate.de'
[Mar 20 06:47:02] DEBUG[25618] config.c: extract uint from [3] in [0, 4294967295] gives [3](0)
[Mar 20 06:47:02] DEBUG[25618] config.c: extract uint from [0] in [0, 4294967295] gives [0](0)
[Mar 20 06:47:02] DEBUG[25618] config.c: extract uint from [2] in [0, 4294967295] gives [2](0)
[Mar 20 06:47:02] DEBUG[25618] res_pjsip.c: 0x7f90b0006510: Wrapper created
[Mar 20 06:47:02] DEBUG[25618] res_pjsip.c: 0x7f90b0006510: Set timer to 3000 msec
[Mar 20 06:47:02] DEBUG[25618] res_pjsip/pjsip_message_ip_updater.c: Re-wrote Contact URI host/port to 192.168.2.100:5060
[Mar 20 06:47:02] DEBUG[25617] res_pjsip/pjsip_distributor.c: No dialog serializer for response Response msg 200/OPTIONS/cseq=64036 (rdata0x7f9094001b98). Using request transaction as basis
[Mar 20 06:47:02] DEBUG[25617] res_pjsip/pjsip_distributor.c: Found serializer pjsip/default-0000000c on transaction tsx0x7f90b0008e48
[Mar 20 06:47:02] DEBUG[25618] res_pjsip.c: 0x7f90b0006510: PJSIP tsx response received
[Mar 20 06:47:02] DEBUG[25618] res_pjsip.c: 0x7f90b0006510: Cancelling timer
[Mar 20 06:47:02] DEBUG[25618] res_pjsip.c: 0x7f90b0006510: Timer cancelled
[Mar 20 06:47:02] DEBUG[25618] config.c: extract uint from [3] in [0, 4294967295] gives [3](0)
[Mar 20 06:47:02] DEBUG[25618] config.c: extract uint from [0] in [0, 4294967295] gives [0](0)
[Mar 20 06:47:02] DEBUG[25618] config.c: extract uint from [2] in [0, 4294967295] gives [2](0)
[Mar 20 06:47:02] DEBUG[25618] res_pjsip.c: 0x7f90b0006510: Callbacks executed
[Mar 20 06:47:02] DEBUG[25618] res_pjsip.c: 0x7f90b0006510: wrapper destroyed
[Mar 20 06:47:02] DEBUG[25623] res_pjsip/pjsip_configuration.c: Contact 1001/sip:1001#192.168.2.200:5060 status didn't change: Reachable, RTT: 2.107 msec
[Mar 20 06:47:15] DEBUG[25622] threadpool.c: Worker thread idle timeout reached. Dying.
[Mar 20 06:47:15] DEBUG[25620] threadpool.c: Worker thread idle timeout reached. Dying.
[Mar 20 06:47:15] DEBUG[25615] threadpool.c: Destroying worker thread 9
[Mar 20 06:47:15] DEBUG[25615] threadpool.c: Destroying worker thread 7
[Mar 20 06:47:15] DEBUG[25621] threadpool.c: Worker thread idle timeout reached. Dying.
[Mar 20 06:47:15] DEBUG[25615] threadpool.c: Destroying worker thread 8
[Mar 20 06:47:16] DEBUG[25627] threadpool.c: Worker thread idle timeout reached. Dying.
[Mar 20 06:47:16] DEBUG[25625] threadpool.c: Worker thread idle timeout reached. Dying.
[Mar 20 06:47:16] DEBUG[25595] threadpool.c: Destroying worker thread 13
[Mar 20 06:47:16] DEBUG[25595] threadpool.c: Destroying worker thread 12
[Mar 20 06:47:17] DEBUG[25657] res_pjsip_registrar_expire.c: Woke up at 1489988837 Interval: 30
[Mar 20 06:47:17] DEBUG[25657] res_pjsip_registrar_expire.c: Expiring 0 contacts
[Mar 20 06:47:23] DEBUG[25619] threadpool.c: Worker thread idle timeout reached. Dying.
[Mar 20 06:47:23] DEBUG[25615] threadpool.c: Destroying worker thread 6
[Mar 20 06:47:26] DEBUG[25617] res_pjsip/pjsip_distributor.c: Could not find matching transaction for Request msg REGISTER/cseq=53083 (rdata0x7f9094001b98)
[Mar 20 06:47:26] DEBUG[25617] res_pjsip/pjsip_distributor.c: Calculated serializer pjsip/distributor-00000033 to use for Request msg REGISTER/cseq=53083 (rdata0x7f9094001b98)
[Mar 20 06:47:26] DEBUG[25618] res_pjsip_endpoint_identifier_ip.c: No identify sections to match against
[Mar 20 06:47:26] DEBUG[25618] res_pjsip_endpoint_identifier_user.c: Attempting identify by From username '1001' domain '192.168.2.100'
[Mar 20 06:47:26] DEBUG[25618] res_pjsip_endpoint_identifier_user.c: Identified by From username '1001' domain '192.168.2.100'
[Mar 20 06:47:26] DEBUG[25617] res_pjsip/pjsip_distributor.c: Could not find matching transaction for Request msg REGISTER/cseq=53084 (rdata0x7f9094001b98)
[Mar 20 06:47:26] DEBUG[25617] res_pjsip/pjsip_distributor.c: Calculated serializer pjsip/distributor-00000033 to use for Request msg REGISTER/cseq=53084 (rdata0x7f9094001b98)
[Mar 20 06:47:26] DEBUG[25618] res_pjsip_endpoint_identifier_ip.c: No identify sections to match against
[Mar 20 06:47:26] DEBUG[25618] res_pjsip_endpoint_identifier_user.c: Attempting identify by From username '1001' domain '192.168.2.100'
[Mar 20 06:47:26] DEBUG[25618] res_pjsip_endpoint_identifier_user.c: Identified by From username '1001' domain '192.168.2.100'
[Mar 20 06:47:26] DEBUG[25618] res_pjsip_authenticator_digest.c: Calculated nonce 1489988846/53973002a197b8acbac0fc7c46b92b1b. Actual nonce is 1489988846/53973002a197b8acbac0fc7c46b92b1b
Solution
This line in debug.log brought me to it
[Mar 20 06:46:59] DEBUG[25618] res_pjsip_endpoint_identifier_ip.c: No identify sections to match against
Two things to change in pjsip.conf
One very silly mistake by myself.
You have to change this lines
[sipgate_identity]
type=identity
To
[sipgate_identity]
type=identify
and second:
sipgate gave me some other errors, so it seems like it does not work with alaw,
so I changed it to gsm
See
[sipgate]
type = endpoint
...
disallow = all
allow = alaw
...
changed to
[sipgate]
type = endpoint
...
disallow = all
allow = gsm
...
Related
I'm having issues with ssl certificate verification. When I am trying to send logs to the server to nginx, I get an error message that says:
Feb 14 21:38:53 username td-agent-bit[31178]: [2022/02/14 21:38:53] [error] [tls] /tmp/fluent-bit-1.8.12/src/tls/mbedtls.c:380 X509 - Certificate verification failed, e.g. CRL, CA or signature check
Feb 14 21:38:53 username td-agent-bit[31178]: [2022/02/14 21:38:53] [error] [output:http:http.0] no upstream connections available to 127.0.0.1:443
Feb 14 21:38:53 username td-agent-bit[31178]: [2022/02/14 21:38:53] [ warn] [engine] failed to flush chunk '31025-1644867441.221825565.flb', retry in 32 seconds: task_id=20, input=storage_backlog.6 > out
put=http.0 (out_id=0)
Feb 14 21:38:53 username td-agent-bit[31178]: [2022/02/14 21:38:53] [ info] [output:http:http.0] 127.0.0.1:443, HTTP status=200
Feb 14 21:38:53 username td-agent-bit[31178]: {"status":200}
Feb 14 21:38:54 username td-agent-bit[31178]: [2022/02/14 21:38:54] [error] [tls] /tmp/fluent-bit-1.8.12/src/tls/mbedtls.c:380 X509 - Certificate verification failed, e.g. CRL, CA or signature check
Feb 14 21:38:54 username td-agent-bit[31178]: [2022/02/14 21:38:54] [error] [output:http:http.0] no upstream connections available to 127.0.0.1:443
Feb 14 21:38:54 username td-agent-bit[31178]: [2022/02/14 21:38:54] [ warn] [engine] failed to flush chunk '31025-1644867401.174594241.flb', retry in 37 seconds: task_id=12, input=storage_backlog.6 > out
put=http.0 (out_id=0)
Feb 14 21:38:54 username td-agent-bit[31178]: [2022/02/14 21:38:54] [error] [tls] /tmp/fluent-bit-1.8.12/src/tls/mbedtls.c:380 X509 - Certificate verification failed, e.g. CRL, CA or signature check
Feb 14 21:38:54 username td-agent-bit[31178]: [2022/02/14 21:38:54] [error] [output:http:http.0] no upstream connections available to 127.0.0.1:443
Feb 14 21:38:54 username td-agent-bit[31178]: [2022/02/14 21:38:54] [ warn] [engine] failed to flush chunk '31025-1644867416.136883568.flb', retry in 12 seconds: task_id=15, input=storage_backlog.6 > out
put=http.0 (out_id=0)
Feb 14 21:38:54 username td-agent-bit[31178]: [2022/02/14 21:38:54] [error] [tls] /tmp/fluent-bit-1.8.12/src/tls/mbedtls.c:380 X509 - Certificate verification failed, e.g. CRL, CA or signature check
Feb 14 21:38:54 username td-agent-bit[31178]: [2022/02/14 21:38:54] [error] [output:http:http.0] no upstream connections available to 127.0.0.1:443
Feb 14 21:38:54 username td-agent-bit[31178]: [2022/02/14 21:38:54] [ warn] [engine] failed to flush chunk '31025-1644867481.167299560.flb', retry in 10 seconds: task_id=28, input=storage_backlog.6 > out
put=http.0 (out_id=0)
Feb 14 21:38:54 username td-agent-bit[31178]: [2022/02/14 21:38:54] [ info] [output:http:http.0] 127.0.0.1:443, HTTP status=200
Feb 14 21:38:54 username td-agent-bit[31178]: {"status":200}
Feb 14 21:38:55 username td-agent-bit[31178]: [2022/02/14 21:38:55] [error] [tls] /tmp/fluent-bit-1.8.12/src/tls/mbedtls.c:380 X509 - Certificate verification failed, e.g. CRL, CA or signature check
Feb 14 21:38:55 username td-agent-bit[31178]: [2022/02/14 21:38:55] [error] [output:http:http.0] no upstream connections available to 127.0.0.1:443
Feb 14 21:38:55 username td-agent-bit[31178]: [2022/02/14 21:38:55] [ warn] [engine] failed to flush chunk '31178-1644867522.155353155.flb', retry in 19 seconds: task_id=3, input=tail.2 > output=http.0 (
out_id=0)
Feb 14 21:38:55 username td-agent-bit[31178]: [2022/02/14 21:38:55] [ info] [output:http:http.0] 127.0.0.1:443, HTTP status=200
Feb 14 21:38:55 username td-agent-bit[31178]: {"status":200}
CRL, CA or signature verification failed, for some reason. Verification passes only after certain number of attempts.
How to fix it?
td-agent-bit.conf:
[SERVICE]
# Flush
# =====
# set an interval of seconds before to flush records to a destination
flush 5
# Daemon
# ======
# instruct Fluent Bit to run in foreground or background mode.
daemon Off
# Log_Level
# =========
# Set the verbosity level of the service, values can be:
#
# - error
# - warning
# - info
# - debug
# - trace
#
# by default 'info' is set, that means it includes 'error' and 'warning'.
log_level info
# Parsers File
# ============
# specify an optional 'Parsers' configuration file
parsers_file parsers.conf
# Plugins File
# ============
# specify an optional 'Plugins' configuration file to load external plugins.
plugins_file plugins.conf
# HTTP Server
# ===========
# Enable/Disable the built-in HTTP Server for metrics
http_server Off
http_listen 0.0.0.0
http_port 2020
# Storage
# =======
# Fluent Bit can use memory and filesystem buffering based mechanisms
#
# - https://docs.fluentbit.io/manual/administration/buffering-and-storage
#
# storage metrics
# ---------------
# publish storage pipeline metrics in '/api/v1/storage'. The metrics are
# exported only if the 'http_server' option is enabled.
#
# storage.metrics on
# storage.path
# ------------
# absolute file system path to store filesystem data buffers (chunks).
#
storage.path /tmp/fluent-bit-storage/
# storage.sync
# ------------
# configure the synchronization mode used to store the data into the
# filesystem. It can take the values normal or full.
#
storage.sync normal
# storage.checksum
# ----------------
# enable the data integrity check when writing and reading data from the
# filesystem. The storage layer uses the CRC32 algorithm.
#
storage.checksum off
# storage.backlog.mem_limit
# -------------------------
# if storage.path is set, Fluent Bit will look for data chunks that were
# not delivered and are still in the storage layer, these are called
# backlog data. This option configure a hint of maximum value of memory
# to use when processing these records.
#
storage.backlog.mem_limit 2M
[INPUT]
name tail
tag log.development.production
path /home/username/production.log
Buffer_Max_Size 2mb
Refresh_interval 5
Offset_Key offset
Path_Key path
storage.type filesystem
DB /tmp/production.db
DB.sync normal
DB.locking false
DB.journal_mode wal
# Read interval (sec) Default: 1
#interval_sec 1
[INPUT]
name tail
tag log.development.nginx
path /home/username/nginx.log
Buffer_Max_Size 2mb
Refresh_interval 5
Offset_Key offset
Path_Key path
storage.type filesystem
DB /tmp/nginx.db
DB.sync normal
DB.locking false
DB.journal_mode wal
# Read interval (sec) Default: 1
#interval_sec 1
[INPUT]
name tail
tag log.development.apache
path /home/username/apache.log
Buffer_Max_Size 2mb
Refresh_interval 5
Offset_Key offset
Path_Key path
storage.type filesystem
DB /tmp/apache.db
DB.sync normal
DB.locking false
DB.journal_mode wal
# Read interval (sec) Default: 1
#interval_sec 1
[INPUT]
name tail
tag log.development.syslog
path /home/username/syslog.log
Buffer_Max_Size 2mb
Refresh_interval 5
Offset_Key offset
Path_Key path
storage.type filesystem
DB /tmp/syslog.db
DB.sync normal
DB.locking false
DB.journal_mode wal
# Read interval (sec) Default: 1
#interval_sec 1
[INPUT]
name tail
tag log.development.postgres
path /home/username/postgres.log
Buffer_Max_Size 2mb
Refresh_interval 5
Offset_Key offset
Path_Key path
storage.type filesystem
DB /tmp/postgres.db
DB.sync normal
DB.locking false
DB.journal_mode wal
# Read interval (sec) Default: 1
#interval_sec 1
[INPUT]
name tail
tag log.development.zabbix
path /home/username/zabbix.log
Buffer_Max_Size 2mb
Refresh_interval 5
Offset_Key offset
Path_Key path
storage.type filesystem
DB /tmp/zabbix.db
DB.sync normal
DB.locking false
DB.journal_mode wal
# Read interval (sec) Default: 1
#interval_sec 1
[OUTPUT]
Name http
Match *
Host 127.0.0.1
Port 443
http_User fluentbit
http_Passwd fluentbit
tls on
tls.verify on
tls.debug 4
tls.ca_file /home/username/cert/ca_1/CA.pem
tls.crt_file /home/username/cert/ca_1/signed_certificates/server.crt
tls.key_file /home/username/cert/ca_1/signed_certificates/server.key
Format json
Header_tag header_tag_is_here
Header Location localhost
Retry_Limit no_limits
nginx.conf:
server {
listen 443 ssl default_server;
listen [::]:443 ssl default_server;
ssl on;
ssl_certificate /home/username/cert/ca_1/signed_certificates/server.crt;
ssl_certificate_key /home/username/cert/ca_1/signed_certificates/server.key;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
server_name _;
location / {
proxy_pass http://localhost:3000/;
}
}
I am facing the below error in WSO2 IS 5.9.0.
We are using WSO2 IS in an AWS environment.
WSO2 Node Cloud EC2 Instance Type - t2.small
MySQL Cloud EC2 Instance Type - t2.small
WSO2 Version - 5.9.0
Current Architecture-
2 x WSO2 Node
1 x MySQL Database
1 x Application Load Balancer
Attached WSO2 Carbon logs.
TID: [23] [] [2021-02-06 05:12:39,898] [ef8de62b-0cd7-491a-879a-0eb7305b2e15] INFO {org.wso2.carbon.identity.entitlement.policy.finder.CarbonPolicyFinder} - Initializing of policy store is started at : Sat Feb 06 05:12:39 UTC 2021
TID: [23] [] [2021-02-06 05:12:39,904] [ef8de62b-0cd7-491a-879a-0eb7305b2e15] INFO {org.wso2.carbon.identity.entitlement.policy.store.DefaultPolicyDataStore} - Using Global policy combining algorithm that is defined in configuration file.
TID: [23] [] [2021-02-06 05:12:39,904] [ef8de62b-0cd7-491a-879a-0eb7305b2e15] INFO {org.wso2.carbon.identity.entitlement.policy.finder.CarbonPolicyFinder} - Start retrieving policies from org.wso2.carbon.identity.entitlement.policy.store.RegistryPolicyStoreManageModule#7303cb2f at : Sat Feb 06 05:12:39 UTC 2021
TID: [23] [] [2021-02-06 05:12:39,910] [ef8de62b-0cd7-491a-879a-0eb7305b2e15] INFO {org.wso2.carbon.identity.entitlement.policy.finder.CarbonPolicyFinder} - Finish retrieving policies from org.wso2.carbon.identity.entitlement.policy.store.RegistryPolicyStoreManageModule#7303cb2f at : Sat Feb 06 05:12:39 UTC 2021
TID: [23] [] [2021-02-06 05:12:39,910] [ef8de62b-0cd7-491a-879a-0eb7305b2e15] INFO {org.wso2.carbon.identity.entitlement.policy.finder.CarbonPolicyFinder} - Initializing of policy store is finished at : Sat Feb 06 05:12:39 UTC 2021
TID: [-1] [] [2021-02-06 08:00:41,235] [] ERROR {org.wso2.carbon.humantask.core.scheduler.SimpleScheduler} - Error loading immediate jobs from database. <openjpa-2.2.0-wso2v1-r128166:129108 fatal general error> org.apache.openjpa.persistence.PersistenceException: Database may be already in use: "Waited for database closing longer than 1 minute". Possible solutions: close all other connection(s); use the server mode [90020-199]
FailedObject: SELECT DISTINCT t FROM org.wso2.carbon.humantask.core.dao.jpa.openjpa.model.HumanTaskJob t WHERE t.nodeId = ?1 AND t.time < ?2 order by t.time [java.lang.String]
at org.apache.openjpa.jdbc.sql.DBDictionary.narrow(DBDictionary.java:4918)
at org.apache.openjpa.jdbc.sql.DBDictionary.newStoreException(DBDictionary.java:4878)
at org.apache.openjpa.jdbc.sql.SQLExceptions.getStore(SQLExceptions.java:136)
at org.apache.openjpa.jdbc.sql.SQLExceptions.getStore(SQLExceptions.java:110)
at org.apache.openjpa.jdbc.sql.SQLExceptions.getStore(SQLExceptions.java:62)
at org.apache.openjpa.jdbc.kernel.JDBCStoreManager.connect(JDBCStoreManager.java:949)
at org.apache.openjpa.jdbc.kernel.JDBCStoreManager.getConnection(JDBCStoreManager.java:240)
at org.apache.openjpa.jdbc.sql.SelectImpl.execute(SelectImpl.java:413)
at org.apache.openjpa.jdbc.sql.SelectImpl.execute(SelectImpl.java:382)
at org.apache.openjpa.jdbc.kernel.SelectResultObjectProvider.open(SelectResultObjectProvider.java:94)
at org.apache.openjpa.lib.rop.EagerResultList.<init>(EagerResultList.java:34)
at org.apache.openjpa.kernel.QueryImpl.toResult(QueryImpl.java:1251)
at org.apache.openjpa.kernel.QueryImpl.execute(QueryImpl.java:1007)
at org.apache.openjpa.kernel.QueryImpl.execute(QueryImpl.java:863)
at org.apache.openjpa.kernel.QueryImpl.execute(QueryImpl.java:794)
at org.apache.openjpa.kernel.DelegatingQuery.execute(DelegatingQuery.java:542)
at org.apache.openjpa.persistence.QueryImpl.execute(QueryImpl.java:286)
at org.apache.openjpa.persistence.QueryImpl.getResultList(QueryImpl.java:302)
at org.wso2.carbon.humantask.core.dao.jpa.openjpa.HumanTaskDAOConnectionImpl.dequeueImmediate(HumanTaskDAOConnectionImpl.java:248)
at org.wso2.carbon.humantask.core.scheduler.SimpleScheduler$2.call(SimpleScheduler.java:344)
at org.wso2.carbon.humantask.core.scheduler.SimpleScheduler$2.call(SimpleScheduler.java:342)
at org.wso2.carbon.humantask.core.scheduler.SimpleScheduler.execTransaction(SimpleScheduler.java:879)
at org.wso2.carbon.humantask.core.scheduler.SimpleScheduler.execTransaction(SimpleScheduler.java:828)
at org.wso2.carbon.humantask.core.scheduler.SimpleScheduler.doLoadImmediate(SimpleScheduler.java:342)
at org.wso2.carbon.humantask.core.scheduler.SimpleScheduler$LoadImmediateTask.run(SimpleScheduler.java:297)
at org.wso2.carbon.humantask.core.scheduler.SimpleScheduler$1.call(SimpleScheduler.java:149)
at org.wso2.carbon.humantask.core.scheduler.SimpleScheduler$1.call(SimpleScheduler.java:146)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
Caused by: org.h2.jdbc.JdbcSQLNonTransientConnectionException: Database may be already in use: "Waited for database closing longer than 1 minute". Possible solutions: close all other connection(s); use the server mode [90020-199]
at org.h2.message.DbException.getJdbcSQLException(DbException.java:617)
at org.h2.message.DbException.getJdbcSQLException(DbException.java:427)
at org.h2.message.DbException.get(DbException.java:205)
at org.h2.message.DbException.get(DbException.java:181)
at org.h2.engine.Engine.openSession(Engine.java:209)
at org.h2.engine.Engine.createSessionAndValidate(Engine.java:178)
at org.h2.engine.Engine.createSession(Engine.java:161)
at org.h2.engine.Engine.createSession(Engine.java:31)
at org.h2.engine.SessionRemote.connectEmbeddedOrServer(SessionRemote.java:336)
at org.h2.jdbc.JdbcConnection.<init>(JdbcConnection.java:169)
at org.h2.jdbc.JdbcConnection.<init>(JdbcConnection.java:148)
at org.h2.Driver.connect(Driver.java:69)
at org.apache.tomcat.jdbc.pool.PooledConnection.connectUsingDriver(PooledConnection.java:319)
at org.apache.tomcat.jdbc.pool.PooledConnection.connect(PooledConnection.java:212)
at org.apache.tomcat.jdbc.pool.ConnectionPool.createConnection(ConnectionPool.java:739)
at org.apache.tomcat.jdbc.pool.ConnectionPool.borrowConnection(ConnectionPool.java:671)
at org.apache.tomcat.jdbc.pool.ConnectionPool.getConnection(ConnectionPool.java:198)
at org.apache.tomcat.jdbc.pool.DataSourceProxy.getConnection(DataSourceProxy.java:132)
at org.apache.openjpa.lib.jdbc.DelegatingDataSource.getConnection(DelegatingDataSource.java:110)
at org.apache.openjpa.lib.jdbc.DecoratingDataSource.getConnection(DecoratingDataSource.java:87)
at org.apache.openjpa.jdbc.kernel.JDBCStoreManager.connectInternal(JDBCStoreManager.java:960)
at org.apache.openjpa.jdbc.kernel.JDBCStoreManager.connect(JDBCStoreManager.java:945)
... 25 more
My WSO2 Configuration(deployement.toml file)-
[server]
hostname = "localhost"
node_ip = "127.0.0.1"
base_path = "https://$ref{server.hostname}:${carbon.management.port}"
[super_admin]
username = "username#wso2.com"
password = "password"
create_admin_account = true
[tenant_mgt]
enable_email_domain= true
[user_store]
type = "database"
scim_enabled = true
user_name_attribute = "mail"
username_java_script_regex = '^[a-zA-Z0-9.-_]+#[a-zA-Z0-9.-]+\.[a-zA-Z]{2,4}$'
username_java_regex='^[a-zA-Z0-9.-_]+#[a-zA-Z0-9.-]+\.[a-zA-Z]{2,4}'
[database.identity_db]
type = "mysql"
url= "jdbc:mysql://<SOME_IP>:3306/regdb?useSSL=false"
username = "<SOME_USER>"
password = "<SOME_PASSWORD>"
driver = "com.mysql.jdbc.Driver"
[database.shared_db]
type = "mysql"
url= "jdbc:mysql://<SOME_IP>:3306/regdb?useSSL=false"
username = "<SOME_USER>"
password = "<SOME_PASSWORD>"
driver = "com.mysql.jdbc.Driver"
[[cache.manager]]
name = "LocalClaimInvalidationCache"
timeout = "300"
capacity = "5000"
[carbon_health_check]
enable= true
[keystore.primary]
name = "wso2carbon.jks"
password = "wso2carbon"
[admin_service.wsdl]
enable = true
authentication.authenticator.session_handler.parameters.max_session_count = "100"
Example of nginx.conf
server {
set $abc_variable "abcabc";
........
}
How can I access abc_variable with the help of module api defined here https://www.nginx.com/resources/wiki/extending/api/
I'm using following code
ngx_str_t var = ngx_string("abc_variable");
ngx_uint_t key = ngx_hash_strlow(var.data, var.data, var.len);
ngx_http_variable_value_t *val = NULL;
val = ngx_http_get_variable(r, &var, key);
But I'm getting follow error
019/12/04 01:24:02 [notice] 12442#0: signal 17 (SIGCHLD) received from 12444
2019/12/04 01:24:02 [alert] 12442#0: worker process 12444 exited on signal 11 (core dumped)
2019/12/04 01:24:02 [notice] 12442#0: start worker process 12561
2019/12/04 01:24:02 [notice] 12442#0: signal 29 (SIGIO) received
2019/12/04 01:24:02 [debug] 12561#0: setting SA_RESTART for signal 1
You can use ngx-http-get-variable.
I am trying to identify the response content length difference when nginx cache HIT vs EXPIRED. On hit I am getting 2070 bytes while on MISS/EXPIRED I am getting 2075 bytes in access log where I have printed $body_bytes_sent.
I am using gzip encoding and Tomcat as server behind nginx.
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestProperty("Accept", "*/*");
conn.setRequestProperty("Cache-Control", "no-cache");
conn.setRequestProperty("Connection", "keep-alive");
conn.setRequestProperty("Host", "x.x.x.x"); // IP masked
conn.setRequestProperty("Postman-Token", "bafd1fda-7aca-4757-aef8-b2a78ff8ea02,5149660d-3505-4df4-b743-6e3d48daffa5");
conn.setRequestProperty("User-Agent", "PostmanRuntime/7.13.0");
conn.setRequestProperty("cache-control", "no-cache");
conn.setRequestProperty("accept-encoding", "gzip, deflate");
header: {Transfer-Encoding=[chunked], null=[HTTP/1.1 200 OK], X-Cache-Status=[MISS], Server=[nginx/1.14.0], X-Request-Id=[4946d04e-b3ce-4868-b822-99aee71ea275], X-Served-By=[xxserverxx], Content-Encoding=[gzip], Connection=[keep-alive], Vary=[Accept-Encoding], Date=[Thu, 06 Jun 2019 09:02:44 GMT], Content-Type=[application/json;charset=UTF-8]}
header: {Transfer-Encoding=[chunked], null=[HTTP/1.1 200 OK], X-Cache-Status=[HIT], Server=[nginx/1.14.0], X-Request-Id=[d36ae47c-a7a6-4c82-98e2-69f5ccf110f6], X-Served-By=[xxserverxx], Content-Encoding=[gzip], Connection=[keep-alive], Vary=[Accept-Encoding], Date=[Thu, 06 Jun 2019 10:19:19 GMT], Content-Type=[application/json;charset=UTF-8]}
I am configuring opendkim+postfix. It is working OK and sent messages are correctly signed but the incomming messages are all marked as dkim=fail reason="signature verification failed"
How con I debug this problem?
Return-Path: <sender#gmail.com>
Delivered-To: recipient#mydomain.com
Received: from localhost (mailserver [127.0.0.1])
by mydomain.com (Postfix) with SMTP id 4DDF93F966
for <recipient#mydomain.com>; Tue, 24 Oct 2017 13:56:43 +0200 (CEST)
DKIM-Filter: OpenDKIM Filter v2.11.0 mydomain.com 4DDF93F966
Authentication-Results: mydomain.com;
dkim=fail reason="signature verification failed" (2048-bit key) header.d=gmail.com header.i=#gmail.com header.b="jmdDmXQb"
Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=209.85.215.43; helo=mail-lf0-f43.google.com; envelope-from=sender#gmail.com; receiver=recipient#mydomain.com
DMARC-Filter: OpenDMARC Filter v1.3.2 mydomain.com 2DBE03F963
Authentication-Results: mail.mydomain.com; dmarc=pass (p=none dis=none) header.from=gmail.com
Authentication-Results: mail.mydomain.com; spf=pass smtp.mailfrom=sender#gmail.com
The syslog reports this which looks OK
Oct 24 14:08:39 mailz opendkim[3325]: 4A29F3F938: [209.85.215.45] [209.85.215.45] not internal
Oct 24 14:08:39 mailz opendkim[3325]: 4A29F3F938: not authenticated
Oct 24 14:08:39 mailz opendkim[3325]: 4A29F3F938: DKIM verification successful
But later it adds:
Oct 24 14:08:43 mailzener postfix/cleanup[3194]: 6CC243F95E: message-id=<CAMXuvOM+jKLkE=0FrQ+cSqFesmPQujpHoVsfH9G_URg9uYtm1g#mail.gmail.com>
Oct 24 14:08:43 mailzener opendkim[3325]: 6CC243F95E: no signing table match for 'sender#gmail.com'
Oct 24 14:08:43 mailzener opendkim[3325]: 6CC243F95E: bad signature data
My opendkim configuration file is this:
AutoRestart Yes
AutoRestartRate 10/1h
LogWhy Yes
Syslog Yes
SyslogSuccess Yes
Mode sv
Canonicalization relaxed/simple
ExternalIgnoreList refile:/etc/opendkim/TrustedHosts
#InternalHosts refile:/etc/opendkim/TrustedHosts
KeyTable refile:/etc/opendkim/KeyTable
SigningTable refile:/etc/opendkim/SigningTable
SignatureAlgorithm rsa-sha256
Socket inet:8891#localhost
PidFile /var/run/opendkim/opendkim.pid
UMask 022
UserID opendkim:opendkim
TemporaryDirectory /var/tmp
OversignHeaders From
LogWhy Yes
X-Header yes
MilterDebug 9
ResolverTracing Yes
As you can see from the Queue ID 4A29F3F938 vs 6CC243F95E, these are two different mails.
4A29F3F938 is incoming and is verifying OK. 6CC243F95E is outgoing, and I guess opendkim tries to sign the mail. You need to elaborate on your processing of the mail in the lines inbetween :)