-
Type: Bug
-
Status: Resolved
-
Priority: Critical
-
Resolution: Fixed
-
Affects Version/s: 10.10
-
Fix Version/s: 10.10-HF15, 11.1, 2021.0
-
Component/s: Core MongoDB, Scheduler
-
Release Notes Summary:Quartz configuration reads keystore and truststore to connect to MongoDB over SSL/TLS.
-
Tags:
-
Backlog priority:900
-
Team:PLATFORM
-
Sprint:nxsupport 11.1.3, nxplatform 11.1.17, nxplatform 11.1.18, nxplatform 11.1.19
-
Story Points:5
When Nuxeo is configued to use MongoDB with SSL, Quartz fails to start with the following error
ERROR [main] [org.nuxeo.runtime.model.ComponentManager] Component service:org.nuxeo.ecm.core.scheduler.SchedulerService notification of application started failed: Timed out after 30000 ms while waiting for a server that matches com.mongodb.client.internal.MongoClientDelegate$1@332c14f2. Client view of cluster state is {type=REPLICA_SET, servers=[{address=mongo-nuxeo:27017, type=UNKNOWN, state=CONNECTING, exception= {com.mongodb.MongoSocketWriteException: Exception sending message}, caused by {javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target}, caused by {sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target}, caused by {sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target}}, {address=mongo-nuxeo:27017, type=UNKNOWN, state=CONNECTING, exception= {com.mongodb.MongoSocketWriteException: Exception sending message}, caused by {javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target}, caused by {sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target}, caused by {sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target}}] at com.mongodb.internal.connection.BaseCluster.createTimeoutException(BaseCluster.java:401) ~[mongo-java-driver-3.8.1.jar:?] at com.mongodb.internal.connection.BaseCluster.selectServer(BaseCluster.java:120) ~[mongo-java-driver-3.8.1.jar:?] at com.mongodb.internal.connection.MultiServerCluster.selectServer(MultiServerCluster.java:54) ~[mongo-java-driver-3.8.1.jar:?] at com.mongodb.client.internal.MongoClientDelegate.getConnectedClusterDescription(MongoClientDelegate.java:138) ~[mongo-java-driver-3.8.1.jar:?] at com.mongodb.client.internal.MongoClientDelegate.createClientSession(MongoClientDelegate.java:94) ~[mongo-java-driver-3.8.1.jar:?] at com.mongodb.client.internal.MongoClientDelegate$DelegateOperationExecutor.getClientSession(MongoClientDelegate.java:249) ~[mongo-java-driver-3.8.1.jar:?] at com.mongodb.client.internal.MongoClientDelegate$DelegateOperationExecutor.execute(MongoClientDelegate.java:172) ~[mongo-java-driver-3.8.1.jar:?] at com.mongodb.client.internal.MongoIterableImpl.execute(MongoIterableImpl.java:132) ~[mongo-java-driver-3.8.1.jar:?] at com.mongodb.client.internal.MongoIterableImpl.iterator(MongoIterableImpl.java:86) ~[mongo-java-driver-3.8.1.jar:?] at com.novemberain.quartz.mongodb.dao.LocksDao.findOwnTriggersLocks(LocksDao.java:77) ~[quartz-mongodb-2.0.0-NX2.jar:?] at com.novemberain.quartz.mongodb.cluster.TriggerRecoverer.recover(TriggerRecoverer.java:41) ~[quartz-mongodb-2.0.0-NX2.jar:?] at com.novemberain.quartz.mongodb.MongoDBJobStore.initialize(MongoDBJobStore.java:87) ~[quartz-mongodb-2.0.0-NX2.jar:?]
There is an unresolved question in the quartz-mongodb repository : https://github.com/michaelklishin/quartz-mongodb/issues/161
It seems the support of SSL is missing in this library.