Unable to start the gluu server after certificate update - HTTP ERROR: 503

By: sohan bafna user 30 Oct 2017 at 3:01 a.m. CDT

7 Responses
sohan bafna gravatar
Hi, I have installed gluu community edition, **Manifest-Version: 1.0 Implementation-Title: oxAuth Server Implementation-Version: 3.0.2 Archiver-Version: Plexus Archiver Built-By: tomcat Implementation-Build: e8ebf50ab8b9bffcc33c5b5009f449d3eb8f1bab Implementation-Vendor-Id: org.xdi Build-Jdk: 1.7.0_79 Created-By: Apache Maven 3.3.9** I need to update my server with real certificates. So i followed the step mentioned on [Certifcate Management](https://gluu.org/docs/ce/admin-guide/certificate/?query=version) On restart of services it is giving me LDAP related errors, **oxauth logs.** ``` 2017-10-30 03:54:42,984 INFO [main] [org.xdi.oxauth.model.util.SecurityProviderUtility] (SecurityProviderUtility.java:23) - Adding Bouncy Castle Provider 2017-10-30 03:54:43,645 INFO [main] [org.xdi.oxauth.model.config.ConfigurationFactory] (ConfigurationFactory.java:292) - Loading configuration from LDAP... 2017-10-30 03:54:44,018 INFO [main] [org.xdi.oxauth.model.config.ConfigurationFactory] (ConfigurationFactory.java:133) - Configuration loaded successfully. 2017-10-30 03:54:47,852 WARN [main] [org.jboss.seam.security.permission.PersistentPermissionResolver] (PersistentPermissionResolver.java:57) - no permission store available - please install a PermissionStore with the name 'org.jboss.sea m.security.jpaPermissionStore' if persistent permissions are required. 2017-10-30 03:54:47,868 INFO [main] [org.jboss.seam.resteasy.ResteasyBootstrap] (ResteasyBootstrap.java:105) - bootstrapping JAX-RS application 2017-10-30 03:54:47,902 INFO [main] [org.jboss.seam.resteasy.ResteasyBootstrap] (ResteasyBootstrap.java:225) - registering built-in RESTEasy providers 2017-10-30 03:54:48,521 ERROR [pool-2-thread-1] [org.jboss.seam.async.AsynchronousExceptionHandler] (AsynchronousExceptionHandler.java:25) - Exception thrown whilst executing asynchronous call org.gluu.site.ldap.persistence.exception.EntryPersistenceException: Failed to find entries with baseDN: ou=scripts,o=@!7192.77A1.C8CF.D2CE!0001!EC6D.314E,o=gluu, filter: (&(&(objectClass=top)(objectClass=oxCustomScript))(|(oxScriptType=p erson_authentication)(oxScriptType=client_registration)(oxScriptType=id_generator)(oxScriptType=uma_authorization_policy)(oxScriptType=application_session)(oxScriptType=dynamic_scope))) at org.gluu.site.ldap.persistence.LdapEntryManager.findEntries(LdapEntryManager.java:361) ~[oxLdap-3.0.2.jar:?] at org.gluu.site.ldap.persistence.LdapEntryManager.findEntries(LdapEntryManager.java:329) ~[oxLdap-3.0.2.jar:?] at org.gluu.site.ldap.persistence.LdapEntryManager.findEntries(LdapEntryManager.java:321) ~[oxLdap-3.0.2.jar:?] at org.gluu.site.ldap.persistence.LdapEntryManager.findEntries(LdapEntryManager.java:305) ~[oxLdap-3.0.2.jar:?] at org.gluu.site.ldap.persistence.LdapEntryManager.findEntries(LdapEntryManager.java:301) ~[oxLdap-3.0.2.jar:?] at org.xdi.service.custom.script.AbstractCustomScriptService.findCustomScripts(AbstractCustomScriptService.java:81) ~[oxService-3.0.2.jar:?] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_112] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_112] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_112] at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_112] at org.jboss.seam.util.Reflections.invoke(Reflections.java:22) ~[jboss-seam-2.3.1.Final.jar:2.3.1.Final] at org.jboss.seam.intercept.RootInvocationContext.proceed(RootInvocationContext.java:32) ~[jboss-seam-2.3.1.Final.jar:2.3.1.Final] at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:56) ~[jboss-seam-2.3.1.Final.jar:2.3.1.Final] at org.jboss.seam.transaction.RollbackInterceptor.aroundInvoke(RollbackInterceptor.java:28) ~[jboss-seam-2.3.1.Final.jar:2.3.1.Final] at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68) ~[jboss-seam-2.3.1.Final.jar:2.3.1.Final] at org.jboss.seam.core.BijectionInterceptor.aroundInvoke(BijectionInterceptor.java:79) ~[jboss-seam-2.3.1.Final.jar:2.3.1.Final] at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68) ~[jboss-seam-2.3.1.Final.jar:2.3.1.Final] at org.jboss.seam.core.MethodContextInterceptor.aroundInvoke(MethodContextInterceptor.java:44) ~[jboss-seam-2.3.1.Final.jar:2.3.1.Final] at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68) ~[jboss-seam-2.3.1.Final.jar:2.3.1.Final] at org.jboss.seam.intercept.RootInterceptor.invoke(RootInterceptor.java:107) ~[jboss-seam-2.3.1.Final.jar:2.3.1.Final] at org.jboss.seam.intercept.JavaBeanInterceptor.interceptInvocation(JavaBeanInterceptor.java:196) ~[jboss-seam-2.3.1.Final.jar:2.3.1.Final] at org.jboss.seam.intercept.JavaBeanInterceptor.invoke(JavaBeanInterceptor.java:114) ~[jboss-seam-2.3.1.Final.jar:2.3.1.Final] at org.xdi.oxauth.service.custom.CustomScriptService_$$_javassist_seam_34.findCustomScripts(CustomScriptService_$$_javassist_seam_34.java) ~[classes/:?] at org.xdi.service.custom.script.CustomScriptManager.reloadImpl(CustomScriptManager.java:140) ~[oxService-3.0.2.jar:?] at org.xdi.service.custom.script.CustomScriptManager.reload(CustomScriptManager.java:131) ~[oxService-3.0.2.jar:?] at org.xdi.service.custom.script.CustomScriptManager.init(CustomScriptManager.java:90) ~[oxService-3.0.2.jar:?] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_112] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_112] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_112] at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_112] at org.jboss.seam.util.Reflections.invoke(Reflections.java:22) ~[jboss-seam-2.3.1.Final.jar:2.3.1.Final] at org.jboss.seam.intercept.RootInvocationContext.proceed(RootInvocationContext.java:32) ~[jboss-seam-2.3.1.Final.jar:2.3.1.Final] at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:56) ~[jboss-seam-2.3.1.Final.jar:2.3.1.Final] at org.jboss.seam.transaction.RollbackInterceptor.aroundInvoke(RollbackInterceptor.java:28) ~[jboss-seam-2.3.1.Final.jar:2.3.1.Final] at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68) ~[jboss-seam-2.3.1.Final.jar:2.3.1.Final] at org.jboss.seam.core.BijectionInterceptor.aroundInvoke(BijectionInterceptor.java:79) ~[jboss-seam-2.3.1.Final.jar:2.3.1.Final] at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68) ~[jboss-seam-2.3.1.Final.jar:2.3.1.Final] at org.jboss.seam.core.MethodContextInterceptor.aroundInvoke(MethodContextInterceptor.java:44) ~[jboss-seam-2.3.1.Final.jar:2.3.1.Final] at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68) ~[jboss-seam-2.3.1.Final.jar:2.3.1.Final] at org.jboss.seam.async.AsynchronousInterceptor.aroundInvoke(AsynchronousInterceptor.java:52) ~[jboss-seam-2.3.1.Final.jar:2.3.1.Final] at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68) ~[jboss-seam-2.3.1.Final.jar:2.3.1.Final] at org.jboss.seam.intercept.RootInterceptor.invoke(RootInterceptor.java:107) ~[jboss-seam-2.3.1.Final.jar:2.3.1.Final] at org.jboss.seam.intercept.JavaBeanInterceptor.interceptInvocation(JavaBeanInterceptor.java:196) ~[jboss-seam-2.3.1.Final.jar:2.3.1.Final] at org.jboss.seam.intercept.JavaBeanInterceptor.invoke(JavaBeanInterceptor.java:114) ~[jboss-seam-2.3.1.Final.jar:2.3.1.Final] at org.xdi.service.custom.script.CustomScriptManager_$$_javassist_seam_31.init(CustomScriptManager_$$_javassist_seam_31.java) ~[oxService-3.0.2.jar:?] at org.xdi.oxauth.service.AppInitializer.postInitialization(AppInitializer.java:129) ~[classes/:?] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_112] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_112] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_112] at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_112] at org.jboss.seam.util.Reflections.invoke(Reflections.java:22) ~[jboss-seam-2.3.1.Final.jar:2.3.1.Final] at org.jboss.seam.intercept.RootInvocationContext.proceed(RootInvocationContext.java:32) ~[jboss-seam-2.3.1.Final.jar:2.3.1.Final] at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:56) ~[jboss-seam-2.3.1.Final.jar:2.3.1.Final] at org.jboss.seam.transaction.RollbackInterceptor.aroundInvoke(RollbackInterceptor.java:28) ~[jboss-seam-2.3.1.Final.jar:2.3.1.Final] at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68) ~[jboss-seam-2.3.1.Final.jar:2.3.1.Final] at org.jboss.seam.core.BijectionInterceptor.aroundInvoke(BijectionInterceptor.java:79) ~[jboss-seam-2.3.1.Final.jar:2.3.1.Final] at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68) ~[jboss-seam-2.3.1.Final.jar:2.3.1.Final] at org.jboss.seam.core.MethodContextInterceptor.aroundInvoke(MethodContextInterceptor.java:44) ~[jboss-seam-2.3.1.Final.jar:2.3.1.Final] at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68) ~[jboss-seam-2.3.1.Final.jar:2.3.1.Final] at org.jboss.seam.async.AsynchronousInterceptor.aroundInvoke(AsynchronousInterceptor.java:52) ~[jboss-seam-2.3.1.Final.jar:2.3.1.Final] at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68) ~[jboss-seam-2.3.1.Final.jar:2.3.1.Final] at org.jboss.seam.intercept.RootInterceptor.invoke(RootInterceptor.java:107) ~[jboss-seam-2.3.1.Final.jar:2.3.1.Final] at org.jboss.seam.intercept.JavaBeanInterceptor.interceptInvocation(JavaBeanInterceptor.java:196) ~[jboss-seam-2.3.1.Final.jar:2.3.1.Final] at org.jboss.seam.intercept.JavaBeanInterceptor.invoke(JavaBeanInterceptor.java:114) ~[jboss-seam-2.3.1.Final.jar:2.3.1.Final] at org.xdi.oxauth.service.AppInitializer_$$_javassist_seam_1.postInitialization(AppInitializer_$$_javassist_seam_1.java) ~[classes/:?] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_112] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_112] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_112] at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_112] at org.jboss.seam.util.Reflections.invoke(Reflections.java:22) ~[jboss-seam-2.3.1.Final.jar:2.3.1.Final] at org.jboss.seam.util.Reflections.invokeAndWrap(Reflections.java:144) ~[jboss-seam-2.3.1.Final.jar:2.3.1.Final] at org.jboss.seam.async.AsynchronousInvocation$1.process(AsynchronousInvocation.java:62) ~[jboss-seam-2.3.1.Final.jar:2.3.1.Final] at org.jboss.seam.async.Asynchronous$ContextualAsynchronousRequest.run(Asynchronous.java:80) [jboss-seam-2.3.1.Final.jar:2.3.1.Final] at org.jboss.seam.async.AsynchronousInvocation.execute(AsynchronousInvocation.java:44) [jboss-seam-2.3.1.Final.jar:2.3.1.Final] at org.jboss.seam.async.ThreadPoolDispatcher$RunnableAsynchronous.run(ThreadPoolDispatcher.java:142) [jboss-seam-2.3.1.Final.jar:2.3.1.Final] at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) [?:1.8.0_112] at java.util.concurrent.FutureTask.run(FutureTask.java:266) [?:1.8.0_112] at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$201(ScheduledThreadPoolExecutor.java:180) [?:1.8.0_112] at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:293) [?:1.8.0_112] at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [?:1.8.0_112] at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [?:1.8.0_112] at java.lang.Thread.run(Thread.java:745) [?:1.8.0_112] Caused by: com.unboundid.ldap.sdk.LDAPSearchException: no such object at com.unboundid.ldap.sdk.LDAPConnection.search(LDAPConnection.java:3650) ~[unboundid-ldapsdk-3.2.0.jar:3.2.0] at com.unboundid.ldap.sdk.AbstractConnectionPool.search(AbstractConnectionPool.java:2022) ~[unboundid-ldapsdk-3.2.0.jar:3.2.0] at org.gluu.site.ldap.OperationsFacade.search(OperationsFacade.java:280) ~[oxLdap-3.0.2.jar:?] at org.gluu.site.ldap.persistence.LdapEntryManager.findEntries(LdapEntryManager.java:355) ~[oxLdap-3.0.2.jar:?] ... 81 more 2017-10-30 03:54:49,907 INFO [main] [org.jboss.seam.servlet.SeamFilter] (SeamFilter.java:96) - Initializing filter: org.jboss.seam.web.redirectFilter 2017-10-30 03:54:49,907 INFO [main] [org.jboss.seam.servlet.SeamFilter] (SeamFilter.java:96) - Initializing filter: org.jboss.seam.web.exceptionFilter 2017-10-30 03:54:49,907 INFO [main] [org.jboss.seam.servlet.SeamFilter] (SeamFilter.java:96) - Initializing filter: org.jboss.seam.web.multipartFilter 2017-10-30 03:54:49,908 INFO [main] [org.jboss.seam.servlet.SeamFilter] (SeamFilter.java:96) - Initializing filter: org.jboss.seam.web.authenticationFilter 2017-10-30 03:54:49,908 INFO [main] [org.jboss.seam.servlet.SeamFilter] (SeamFilter.java:96) - Initializing filter: org.jboss.seam.web.loggingFilter ``` I can see my connection is secured but on clicking on Url i get 503 Please suggest. Thanks, Sohan
Rhel 7.2
closed

Answers

By Michael Schwartz Account Admin 30 Oct 2017 at 12:38 p.m. CDT

Copy
Michael Schwartz gravatar
``` Exception thrown whilst executing asynchronous call org.gluu.site.ldap.persistence.exception.EntryPersistenceException: Failed to find entries with baseDN: ou=scripts,o=@!7192.77A1.C8CF.D2CE!0001!EC6D.314E,o=gluu, filter: (&(&(objectClass=top)(objectClass=oxCustomScript)) (|(oxScriptType=person_authentication)(oxScriptType=client_registration) (oxScriptType=id_generator) (oxScriptType=uma_authorization_policy)(oxScriptType=application_session) (oxScriptType=dynamic_scope))) ``` I'm closing this issue until more information about why this is related to `certificate update - HTTP ERROR: 503`

By Aliaksandr Samuseu staff 30 Oct 2017 at 3:46 p.m. CDT

Copy
Aliaksandr Samuseu gravatar
Hi, Sohan. In addition to Michael's point, I would also strongly suggest to not use `3.0.2` package, as the current one is `3.1.1`

By sohan bafna user 31 Oct 2017 at 12:53 a.m. CDT

Copy
sohan bafna gravatar
Hi, I see what is happening, I installed domain with hostnameX. Now i want to change the hostname to say hostnameY. To do this as per docs i login into container and run ``` setup.py -f setup.properties ``` Then update the required hostname. Doing this the server failed with above exceptions. I agree it is not related to certificate update, but on doing some update from container it is failing. I need to understand this process or am i do it incorrect way. Please suggest. As @Aliaksandr Samuseu said, i re-installed gluu 3.1.1 with required hostname and did certificate updated and it works as expected.

By Aliaksandr Samuseu staff 01 Nov 2017 at 10:03 a.m. CDT

Copy
Aliaksandr Samuseu gravatar
>Now i want to change the hostname to say hostnameY. To do this as per docs i login into container and run setup.py -f setup.properties Then update the required hostname. Could you refer me to the doc you are talking about? I'm not quite sure changing hostname after installation is well supported at the moment. Please also note that running `setup.py` after initial installation is done will most likely break your instance. In general, it's not recommended to change hostname after the installation at all.

By sohan bafna user 02 Nov 2017 at 12:43 a.m. CDT

Copy
sohan bafna gravatar
After initial installation, i follwed and was trying from here, [Setup Script Options](https://gluu.org/docs/ce/3.0.2/installation-guide/setup_py/)

By Aliaksandr Samuseu staff 02 Nov 2017 at 9:49 a.m. CDT

Copy
Aliaksandr Samuseu gravatar
You can't run `setup.py` second time at the same instance, it will break it. Those options you are referring to are for batch jobs and migration scenarios, they are to be used during the first run of the script only.

By sohan bafna user 03 Nov 2017 at 12:12 a.m. CDT

Copy
sohan bafna gravatar
Understood. Thanks for your support.

Post an answer