Ask Your Question
1

HTTP Client Origin - SSL Certificate Exception Error

asked 2018-05-24 16:15:03 -0500

Faiyazy gravatar image

updated 2018-05-24 17:46:40 -0500

metadaddy gravatar image

I have a pipeline with HTTP client as origin with basic authentication and the below settings:

URL: https://xxxxx.xxxxxxx.net:xxxx/zekeAPICommand

Request Content-Type: application/json

Request Body:

{
  "BILLZAPIOperation": {
    "zeke_command": "ZDISPLAY STAT SUC JOB CTDN**** SYS *"
  }
}

The site is not secured with the certificate. Is there a way to configure Streamsets to ignore the certificate?
Below is the error I get:

2018-05-24 15:17:23,949 HTTP Source/HTTPSource88e16171-b655-405b-b10f-cce0322a97c1  ERROR   An exception occurred while running the pipeline, com.streamsets.pipeline.api.StageException: HTTP_32 - Error executing request: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No name matching hcam02.medcity.net found    ProductionPipelineRunnable  *hpl5277        ProductionPipelineRunnable-HTTPSource88e16171-b655-405b-b10f-cce0322a97c1-HTTP Source
com.streamsets.pipeline.api.StageException: HTTP_32 - Error executing request: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No name matching (SERVER NAME) found
    at com.streamsets.pipeline.stage.origin.http.HttpClientSource.makeRequest(HttpClientSource.java:481)
    at com.streamsets.pipeline.stage.origin.http.HttpClientSource.produce(HttpClientSource.java:310)
    at com.streamsets.pipeline.configurablestage.DSource.produce(DSource.java:38)
    at com.streamsets.datacollector.runner.StageRuntime$2.call(StageRuntime.java:242)
    at com.streamsets.datacollector.runner.StageRuntime$2.call(StageRuntime.java:236)
    at com.streamsets.pipeline.api.impl.CreateByRef.call(CreateByRef.java:40)
    at com.streamsets.datacollector.runner.StageRuntime.execute(StageRuntime.java:194)
    at com.streamsets.datacollector.runner.StageRuntime.execute(StageRuntime.java:263)
    at com.streamsets.datacollector.runner.StagePipe.process(StagePipe.java:225)
    at com.streamsets.datacollector.execution.runner.common.ProductionPipelineRunner.processPipe(ProductionPipelineRunner.java:760)
    at com.streamsets.datacollector.execution.runner.common.ProductionPipelineRunner.runPollSource(ProductionPipelineRunner.java:544)
    at com.streamsets.datacollector.execution.runner.common.ProductionPipelineRunner.run(ProductionPipelineRunner.java:379)
    at com.streamsets.datacollector.runner.Pipeline.run(Pipeline.java:510)
    at com.streamsets.datacollector.execution.runner.common.ProductionPipeline.run(ProductionPipeline.java:112)
    at com.streamsets.datacollector.execution.runner.common.ProductionPipelineRunnable.run(ProductionPipelineRunnable.java:74)
    at com.streamsets.datacollector.execution.runner.standalone.StandaloneRunner.start(StandaloneRunner.java:755)
    at com.streamsets.datacollector.execution.runner.common.AsyncRunner.lambda$start$3(AsyncRunner.java:152)
    at com.streamsets.pipeline.lib.executor.SafeScheduledExecutorService$SafeCallable.lambda$call$0(SafeScheduledExecutorService.java:227)
    at com.streamsets.datacollector.security.GroupsInScope.execute(GroupsInScope.java:33)
    at com.streamsets.pipeline.lib.executor.SafeScheduledExecutorService$SafeCallable.call(SafeScheduledExecutorService.java:223)
    at com.streamsets.pipeline.lib.executor.SafeScheduledExecutorService$SafeCallable.lambda$call$0(SafeScheduledExecutorService.java:227)
    at com.streamsets.datacollector.security.GroupsInScope.execute(GroupsInScope.java:33)
    at com.streamsets.pipeline.lib.executor.SafeScheduledExecutorService$SafeCallable.call(SafeScheduledExecutorService.java:223)
    at java.util.concurrent.FutureTask.run(FutureTask.java:266)
    at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$201(ScheduledThreadPoolExecutor.java:180)
    at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:293)
    at com.streamsets.datacollector.metrics.MetricSafeScheduledExecutorService$MetricsTask.run(MetricSafeScheduledExecutorService.java:100)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
    at java.lang.Thread.run(Thread.java:745)
Caused by: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No name matching (SERVER NAME) found
    at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
    at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949)
    at sun.security.ssl ...
(more)
edit retag flag offensive close merge delete

2 Answers

Sort by ยป oldest newest most voted
0

answered 2018-05-24 17:17:04 -0500

metadaddy gravatar image

You can't override this in StreamSets Data Collector, with good reason - it would open up the product to a whole class of security issues. You have three options:

  • Fix the certificate at xxxxx.xxxxxxx.net to have a subjectAltName to match the hostname (proper fix)
  • If the certificate has some other subjectAltName, say yyyyy.yyyyyyy.net, put that in the /etc/hosts file with the IP address for xxxxx.xxxxxxx.net, and use yyyyy.yyyyyyy.net in the HTTP Client configuration (workaround)
  • Grab the Data Collector source code and modify the SSL implementation to disable hostname checking (not recommended!)
edit flag offensive delete link more
0

answered 2018-05-25 07:16:38 -0500

Faiyazy gravatar image

I have gotten the SSL certificate for the web server I am connecting to in my pipeline from the server admin team. Do I need to install the certificate on edge node to get rid of the error? How do I get rid of the error, if I have the certificate?

I am working on proof of concept to capture the results from scheduling software using their API commands that return data by submitting the command that is in body.

The whole thing works for me using restful client.

Any other ideas to capture results using streamsets?

Thank you in advance for your help!!

edit flag offensive delete link more
Login/Signup to Answer

Question Tools

2 followers

Stats

Asked: 2018-05-24 16:15:03 -0500

Seen: 52 times

Last updated: May 25