By: Ian Vogel user 18 Sep 2019 at 5:35 a.m. CDT

2 Responses

Hi gluu community, I'm having a strange issue where every couple of weeks oxauth gets into a crashed state and the web services stop responding, but the OS is fine. When I look at logs, I see only this in the identity log recurring from the time of failure: 2019-09-18 09:29:42,542 ERROR [ForkJoinPool.commonPool-worker-3] [org.gluu.oxtrust.ldap.service.StatusCheckerTimer] (StatusCheckerTimer.java:207) - Can not download ssl certificate java.net.ConnectException: Connection refused (Connection refused) at java.net.PlainSocketImpl.socketConnect(Native Method) ~[?:1.8.0_181] at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350) ~[?:1.8.0_181] at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206) ~[?:1.8.0_181] at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188) ~[?:1.8.0_181] at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) ~[?:1.8.0_181] at java.net.Socket.connect(Socket.java:589) ~[?:1.8.0_181] at sun.security.ssl.SSLSocketImpl.connect(SSLSocketImpl.java:673) ~[?:1.8.0_181] at sun.security.ssl.BaseSSLSocketImpl.connect(BaseSSLSocketImpl.java:173) ~[?:1.8.0_181] at sun.net.NetworkClient.doConnect(NetworkClient.java:180) ~[?:1.8.0_181] at sun.net.www.http.HttpClient.openServer(HttpClient.java:463) ~[?:1.8.0_181] at sun.net.www.http.HttpClient.openServer(HttpClient.java:558) ~[?:1.8.0_181] at sun.net.www.protocol.https.HttpsClient.<init>(HttpsClient.java:264) ~[?:1.8.0_181] at sun.net.www.protocol.https.HttpsClient.New(HttpsClient.java:367) ~[?:1.8.0_181] at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.getNewHttpClient(AbstractDelegateHttpsURLConnection.java:191) ~[?:1.8.0_181] at sun.net.www.protocol.http.HttpURLConnection.plainConnect0(HttpURLConnection.java:1156) ~[?:1.8.0_181] at sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:1050) ~[?:1.8.0_181] at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:177) ~[?:1.8.0_181] at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:162) ~[?:1.8.0_181] at org.gluu.oxtrust.ldap.service.StatusCheckerTimer.setCertificateExpiryAttributes(StatusCheckerTimer.java:196) [classes/:?] at org.gluu.oxtrust.ldap.service.StatusCheckerTimer.processInt(StatusCheckerTimer.java:154) [classes/:?] at org.gluu.oxtrust.ldap.service.StatusCheckerTimer.process(StatusCheckerTimer.java:123) [classes/:?] at org.gluu.oxtrust.ldap.service.StatusCheckerTimer$Proxy$_$$_WeldSubclass.process$$super(Unknown Source) [classes/:?] at sun.reflect.GeneratedMethodAccessor347.invoke(Unknown Source) ~[?:?] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_181] at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_181] at org.jboss.weld.interceptor.proxy.TerminalAroundInvokeInvocationContext.proceedInternal(TerminalAroundInvokeInvocationContext.java:51) [weld-core-impl-3.0.5.Final.jar:3.0.5.Final] at org.jboss.weld.interceptor.proxy.AroundInvokeInvocationContext.proceed(AroundInvokeInvocationContext.java:78) [weld-core-impl-3.0.5.Final.jar:3.0.5.Final] at org.xdi.service.cdi.async.AsynchronousInterceptor$1.get(AsynchronousInterceptor.java:36) [oxcore-service-3.1.6.sp1.jar:?] at java.util.concurrent.CompletableFuture$AsyncSupply.run(CompletableFuture.java:1590) [?:1.8.0_181] at java.util.concurrent.CompletableFuture$AsyncSupply.exec(CompletableFuture.java:1582) [?:1.8.0_181] at java.util.concurrent.ForkJoinTask.doExec(ForkJoinTask.java:289) [?:1.8.0_181] at java.util.concurrent.ForkJoinPool$WorkQueue.runTask(ForkJoinPool.java:1056) [?:1.8.0_181] at java.util.concurrent.ForkJoinPool.runWorker(ForkJoinPool.java:1692) [?:1.8.0_181] at java.util.concurrent.ForkJoinWorkerThread.run(ForkJoinWorkerThread.java:157) [?:1.8.0_181] 2019-09-18 09:30:42,169 INFO [ForkJoinPool.commonPool-worker-0] [org.gluu.oxtrust.ldap.service.StatusCheckerTimer] (StatusCheckerTimer.java:146) - Setting FactorAttributes I didn't see anything else. Restarting the server fixes the issue and it runs fine for another couple of weeks - this has happened twice since the end August. Any ideas what this could be? The Let'sEncrypt renewal, perhaps? Or maybe this is this a false positive, and the problem is actually elsewhere. Thanks

CentOS 7.0

closed

By Mohib Zico staff 18 Sep 2019 at 11:13 a.m. CDT

Copy

Hi Ian, I think it's apache which stopping actually, not oxauth. if you face this error `Can not download ssl certificate java.net.ConnectException: Connection refused` again in future, first check status of apache2/httpd ( service httpd/apache2 status ).

By Ian Vogel user 07 Oct 2019 at 3:58 a.m. CDT

Copy

Great, thank you. As it happens, it hasn't crashed in the last 3 weeks.

You need to Login in order to post an answer

oxauth crashes indefinitely with SSL certificate error

By: Ian Vogel user 18 Sep 2019 at 5:35 a.m. CDT

Answers

By Mohib Zico staff 18 Sep 2019 at 11:13 a.m. CDT

By Ian Vogel user 07 Oct 2019 at 3:58 a.m. CDT

Post an answer