您的位置: 首页  >  技术问答  >  无法连接到Bluemix中的mongodb,未能找到证书路径

无法连接到Bluemix中的mongodb,未能找到证书路径

分类: 技术问答 2022-09-30 23:16:57
问题描述:

我无法从我部署的bluemix应用程序连接到我的Compose MongoDB服务。它似乎无法找到必要的证书。我曾预料它会直接从环境变量VCAP_SERVICES中选择它。无法连接到Bluemix中的mongodb,未能找到证书路径

我可以从我的本地测试环境运行此罚款,因为我将密钥导入到Java中适当的密钥库中。

如果我在bluemix上查看它们的node.js示例,它们实际上是在连接期间传递证书。但是,我无法在Java API的任何位置找到它。

我相信我需要将这个证书添加到bluemix上的虚拟机(看起来不太可能),或者当我不能(看不到)时,我需要通过Java驱动程序传递它。

想法?

根据记录,这是例外,我得到:

com.mongodb.MongoTimeoutException: Timed out after 30000 ms while waiting for a server that matches 
ReadPreferenceServerSelector{readPreference=primary}. Client view of 
cluster state is {type=UNKNOWN, servers=[{address=bluemix-sandbox-dal-9-portal.7.dblayer.com:26123, type=UNKNOWN, state=CONNECTING, exception={com.mongodb.MongoSocketWriteException: Exception sending message}, caused by {javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target}, caused by {sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target}, caused by {sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target}}, {address=bluemix-sandbox-dal-9-portal.6.dblayer.com:26123, type=UNKNOWN, state=CONNECTING, exception={com.mongodb.MongoSocketWriteException: Exception sending message}, caused by {javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target}, caused by {sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target}, caused by {sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target}}] 
com.mongodb.connection.BaseCluster.createTimeoutException(BaseCluster.java:377) 
com.mongodb.connection.BaseCluster.selectServer(BaseCluster.java:104) 
com.mongodb.binding.ClusterBinding$ClusterBindingConnectionSource.<init>(ClusterBinding.java:75) 
com.mongodb.binding.ClusterBinding$ClusterBindingConnectionSource.<init>(ClusterBinding.java:71) 
com.mongodb.binding.ClusterBinding.getReadConnectionSource(ClusterBinding.java:63) 
com.mongodb.operation.OperationHelper.withConnection(OperationHelper.java:402) 
com.mongodb.operation.FindOperation.execute(FindOperation.java:510) 
com.mongodb.operation.FindOperation.execute(FindOperation.java:81) 
com.mongodb.Mongo.execute(Mongo.java:836) 
com.mongodb.Mongo$2.execute(Mongo.java:823) 
com.mongodb.FindIterableImpl$FindOperationIterable.first(FindIterableImpl.java:216) 
com.mongodb.FindIterableImpl.first(FindIterableImpl.java:156) 
com.ibm.smarts.experiment.UserMgr.getUserDetails(UserMgr.java:146) 
com.ibm.smarts.experiment.UserMgr.authenticateUser(UserMgr.java:123) 
com.ibm.smarts.experiment.servlet.LoginServlet.doPost(LoginServlet.java:31) 
javax.servlet.http.HttpServlet.service(HttpServlet.java:648) 
javax.servlet.http.HttpServlet.service(HttpServlet.java:729) 
org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
+0

的自由对Java buildpack应当产生一个为MongoDB数据源和密钥库的server.xml。你能连接这种方式而不是解析VCAP_SERVICES并自己初始化Java客户端吗? – opiethehokie

+0

我使用tomcat而不是自由。有没有类似的server.xml文件? – DungeonTiger

+0

我可以通过解析VCAP从我的本地机器进行连接,获得稳定的bluemix。我将它添加到本地Java keystone中。 – DungeonTiger

有记载here几个选项。例如:

将该证书导入到Java信任库文件,将该文件打包到Java应用程序并通过JAVA_OPTS环境变量指定其路径;信任库文件可以放在资源目录下。这可以被用于单个应用程序:

通过使用 'CF设定-ENV' 命令:

cf set-env <app> JAVA_OPTS '-Djavax.net.ssl.TrustStore=classpath:resources/config/truststore'

通过使用manifest.yml:

--- 
applications: 
- name: java-app 
    ... 
    env: 
    JAVA_OPTS: '-Djavax.net.ssl.TrustStore=classpath:resources/config/truststore'
+0

这看起来很有前途。我会尝试并报告回来。 – DungeonTiger

+0

我似乎无法得到这个工作,我不知道如何调试它实际上。 第一个问题是它是TrustStore还是trustStore。我尝试了两个。 这是我的清单: '应用: - 路径:目标/ RecommenderExperiment.war .... buildpack:java_buildpack ENV: JAVA_OPTS:“-Djavax.net.ssl.trustStore =类路径:/resources/cacert -Djavax.net.ssl.trustStorePassword = changeit'' 现在我在战争文件结构中是这样的: 'target \ WEB-INF \ classes \ cacerts' 我也试过没有'resources'的路径。 我怎么知道有什么问题? – DungeonTiger

+0

您可以尝试创建一个最简单的示例,以便重现该问题吗? –

相关推荐