Uploaded image for project: 'Nuxeo Platform'
  1. Nuxeo Platform
  2. NXP-27836

Find a solution to make Quartz work with MongoDB SSL/TLS

    XMLWordPrintable

    Details

    • Release Notes Summary:
      Quartz configuration reads keystore and truststore to connect to MongoDB over SSL/TLS.
    • Backlog priority:
      900
    • Team:
      PLATFORM
    • Sprint:
      nxsupport 11.1.3, nxplatform 11.1.17, nxplatform 11.1.18, nxplatform 11.1.19
    • Story Points:
      5

      Description

      When Nuxeo is configued to use MongoDB with SSL, Quartz fails to start with the following error

      ERROR [main] [org.nuxeo.runtime.model.ComponentManager] Component service:org.nuxeo.ecm.core.scheduler.SchedulerService notification of application started failed: Timed out after 30000 ms while waiting for a server that matches com.mongodb.client.internal.MongoClientDelegate$1@332c14f2. Client view of cluster state is {type=REPLICA_SET, servers=[{address=mongo-nuxeo:27017, type=UNKNOWN, state=CONNECTING, exception=
      {com.mongodb.MongoSocketWriteException: Exception sending message}, caused by {javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target}, caused by {sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target}, caused by {sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target}}, {address=mongo-nuxeo:27017, type=UNKNOWN, state=CONNECTING, exception=
      {com.mongodb.MongoSocketWriteException: Exception sending message}, caused by {javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target}, caused by {sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target}, caused by {sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target}}]
              at com.mongodb.internal.connection.BaseCluster.createTimeoutException(BaseCluster.java:401) ~[mongo-java-driver-3.8.1.jar:?]
              at com.mongodb.internal.connection.BaseCluster.selectServer(BaseCluster.java:120) ~[mongo-java-driver-3.8.1.jar:?]
              at com.mongodb.internal.connection.MultiServerCluster.selectServer(MultiServerCluster.java:54) ~[mongo-java-driver-3.8.1.jar:?]
              at com.mongodb.client.internal.MongoClientDelegate.getConnectedClusterDescription(MongoClientDelegate.java:138) ~[mongo-java-driver-3.8.1.jar:?]
              at com.mongodb.client.internal.MongoClientDelegate.createClientSession(MongoClientDelegate.java:94) ~[mongo-java-driver-3.8.1.jar:?]
              at com.mongodb.client.internal.MongoClientDelegate$DelegateOperationExecutor.getClientSession(MongoClientDelegate.java:249) ~[mongo-java-driver-3.8.1.jar:?]
              at com.mongodb.client.internal.MongoClientDelegate$DelegateOperationExecutor.execute(MongoClientDelegate.java:172) ~[mongo-java-driver-3.8.1.jar:?]
              at com.mongodb.client.internal.MongoIterableImpl.execute(MongoIterableImpl.java:132) ~[mongo-java-driver-3.8.1.jar:?]
              at com.mongodb.client.internal.MongoIterableImpl.iterator(MongoIterableImpl.java:86) ~[mongo-java-driver-3.8.1.jar:?]
              at com.novemberain.quartz.mongodb.dao.LocksDao.findOwnTriggersLocks(LocksDao.java:77) ~[quartz-mongodb-2.0.0-NX2.jar:?]
              at com.novemberain.quartz.mongodb.cluster.TriggerRecoverer.recover(TriggerRecoverer.java:41) ~[quartz-mongodb-2.0.0-NX2.jar:?]
              at com.novemberain.quartz.mongodb.MongoDBJobStore.initialize(MongoDBJobStore.java:87) ~[quartz-mongodb-2.0.0-NX2.jar:?] 

       

      There is an unresolved question in the quartz-mongodb repository : https://github.com/michaelklishin/quartz-mongodb/issues/161

      It seems the support of SSL is missing in this library.

        Attachments

        1. quartz.properties.nxftl
          2 kB
          Antoine Taillefer

          Issue Links

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - 0 minutes
                  0m
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 2 days
                  2d