Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

SOLVED

Timeout making connection with Luna HSM-server

Avatar

Level 2

Hi, to be able to put a certificate on our 'legal' documents (PDF-documents are generated with AEM Forms 6.5) we are using a Luna HSM-server in the cloud.

We are able to make a connection with that server and get the certificate working. So far so good, however after a certain time, when we do a new request to the HSM-server we get a timeout error:

[2021-09-27 11:26:26 5232@dev-aemforms-01 default task-18 KG_Signatures_Common.TekenVeldPDF invoke INFO] [CRLID-20210927112626238] Certify PDF (1/5)
[2021-09-27 11:26:26 5232@dev-aemforms-01 default task-18 com.adobe.truststore.crypto.CryptoUtil logImpl INFO] encryptBytes: Building secret key for length: 16
[2021-09-27 11:26:27 5232@dev-aemforms-01 default task-18 com.adobe.livecycle.signatures.client.types.exceptions.SignaturesBaseException logImpl WARN] ALC-DSS-310-007 Could not create transport provider. (in the operation : getTransportManager)
[2021-09-27 11:26:27 5232@dev-aemforms-01 default task-18 com.adobe.livecycle.signatures.client.types.exceptions.SignaturesBaseException logImpl WARN] ALC-DSS-310-002 Transport Error. (in the operation : obtainByURI)
Caused By: ALC-DSS-310-007 Could not create transport provider. (in the operation : getTransportManager)
[2021-09-27 11:26:27 5232@dev-aemforms-01 ProcessResource@4c783e1b(name=java.exe,pid=0) Error Reader stderr write ERROR] Exception in thread "Thread-10" com.safenetinc.luna.exception.LunaCryptokiException: function 'C_OpenSession' returns 0x30 on slot=1 (CKR_DEVICE_ERROR)
[2021-09-27 11:26:27 5232@dev-aemforms-01 ProcessResource@4c783e1b(name=java.exe,pid=0) Error Reader stderr write ERROR] at com.safenetinc.luna.exception.LunaCryptokiException.ThrowNew(LunaCryptokiException.java:91)
[2021-09-27 11:26:27 5232@dev-aemforms-01 ProcessResource@4c783e1b(name=java.exe,pid=0) Error Reader stderr write ERROR] at com.safenetinc.luna.LunaAPI.OpenSession(Native Method)
[2021-09-27 11:26:27 5232@dev-aemforms-01 ProcessResource@4c783e1b(name=java.exe,pid=0) Error Reader stderr write ERROR] at com.safenetinc.luna.LunaSession.<init>(LunaSession.java:44)
[2021-09-27 11:26:27 5232@dev-aemforms-01 ProcessResource@4c783e1b(name=java.exe,pid=0) Error Reader stderr write ERROR] at com.safenetinc.luna.LunaSlot.getMasterSession(LunaSlot.java:390)
[2021-09-27 11:26:27 5232@dev-aemforms-01 ProcessResource@4c783e1b(name=java.exe,pid=0) Error Reader stderr write ERROR] at com.safenetinc.luna.LunaSlot.logout(LunaSlot.java:356)
[2021-09-27 11:26:27 5232@dev-aemforms-01 ProcessResource@4c783e1b(name=java.exe,pid=0) Error Reader stderr write ERROR] at com.safenetinc.luna.LunaSlotManager.freeAllResources(LunaSlotManager.java:236)
[2021-09-27 11:26:27 5232@dev-aemforms-01 ProcessResource@4c783e1b(name=java.exe,pid=0) Error Reader stderr write ERROR] at com.safenetinc.luna.LunaSlotManager.access$000(LunaSlotManager.java:51)
[2021-09-27 11:26:27 5232@dev-aemforms-01 ProcessResource@4c783e1b(name=java.exe,pid=0) Error Reader stderr write ERROR] at com.safenetinc.luna.LunaSlotManager$1.run(LunaSlotManager.java:220)
[2021-09-27 11:26:27 5232@dev-aemforms-01 ProcessResource@4c783e1b(name=java.exe,pid=0) Error Reader com.adobe.service.ProcessResource logImpl WARN] ALC-BMC-001-024: Service HSMBMCMgmtService: Process ProcessResource@4c783e1b(name=java.exe,pid=0) terminated abnormally with error code {3}
[2021-09-27 11:26:27 5232@dev-aemforms-01 default task-18 com.adobe.livecycle.signatures.client.types.exceptions.SignaturesBaseException logImpl WARN] PKI Generic Exception: (in the operation : executeSign)
Caused By: exception obtaining signature: Exception in signing(null-1)
Caused By: Exception in signing(BMCDelegatorJCESigner.java102)
Caused By: (ORBUtilSystemException.java2400)
Caused By: (ORBUtilSystemException.java2484)
Caused By: An existing connection was forcibly closed by the remote host(SocketDispatcher.java-2)

 

When we do the same request immediately after the first request, it works fine.

 

Anybody an idea what could be the cause of this time-out error?

 

 

1 Accepted Solution

Avatar

Correct answer by
Employee Advisor

@dannyd21850928 

Please test the same use-case with the latest AEM Forms 6.5.10.0 and raise a support ticket with us, in case the issue persists.

View solution in original post

3 Replies

Avatar

Employee Advisor

@dannyd21850928 

I don't see any msg pointing to timeout issues in the stack shared. Did you notice a delay in response/error msg after the new request is sent?

Error code reference specifies ALC-DSS-310-007 "Could not create transport provider" as we do not support HTTPs/LDAPs in FIPS mode but as per the stack, this could be an issue with the device (CKR_DEVICE_ERROR) as AEM Forms makes a connection with the device. More information here[0]. What version of AEM Forms 6.5.x you're testing?

 

[2021-09-27 11:26:27 5232@dev-aemforms-01 ProcessResource@4c783e1b(name=java.exe,pid=0) Error Reader stderr write ERROR] Exception in thread "Thread-10" com.safenetinc.luna.exception.LunaCryptokiException: function 'C_OpenSession' returns 0x30 on slot=1 (CKR_DEVICE_ERROR)
[2021-09-27 11:26:27 5232@dev-aemforms-01 ProcessResource@4c783e1b(name=java.exe,pid=0) Error Reader stderr write ERROR] at com.safenetinc.luna.exception.LunaCryptokiException.ThrowNew(LunaCryptokiException.java:91)

 

 

A subsequent connection is working so shouldn't be an issue with the configuration. If you're able to replicate the issue with the latest 6.5.x, at will, then please log a support ticket to get this issue reviewed by the experts.

 

 

[0] - https://stackoverflow.com/questions/22186066/connection-failed-to-hsm-luna-sa-c-initialize-returns-0... 

Avatar

Correct answer by
Employee Advisor

@dannyd21850928 

Please test the same use-case with the latest AEM Forms 6.5.10.0 and raise a support ticket with us, in case the issue persists.