Expand my Community achievements bar.

Guidelines for the Responsible Use of Generative AI in the Experience Cloud Community.

AEM Author 6.5 cold standby is unable to sync due to invalid certificate

Avatar

Level 2

Hello Team,

 

We are setting up AEM Author Cold Standby with SSL and attempting to configure the certificates. However, we're encountering the following error:
"File does not contain valid certificates: D:\aem-author-sit2-2024\certificate.crt"
This is the certificate referenced in the chain certificate configuration. We have been unable to find any documentation outlining the required certificate format for AEM.

Could you provide the steps or commands necessary to generate a self-signed certificate with Open SSL support that AEM Cold Standby will accept?

 

Error message:

 

26.09.2024 07:42:48.143 *WARN* [primary-2] org.apache.jackrabbit.oak.segment.standby.server.ExceptionHandler Exception caught on the server
javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
at java.base/sun.security.ssl.SSLSessionImpl.getPeerCertificateChain(SSLSessionImpl.java:611)
at org.apache.jackrabbit.oak.segment.standby.netty.SSLSubjectMatcher.userEventTriggered(SSLSubjectMatcher.java:47) [org.apache.jackrabbit.oak-segment-tar:1.22.20]
at io.netty.channel.AbstractChannelHandlerContext.invokeUserEventTriggered(AbstractChannelHandlerContext.java:400) [org.apache.jackrabbit.oak-segment-tar:1.22.20]
at io.netty.channel.AbstractChannelHandlerContext.invokeUserEventTriggered(AbstractChannelHandlerContext.java:376) [org.apache.jackrabbit.oak-segment-tar:1.22.20]
at io.netty.channel.AbstractChannelHandlerContext.fireUserEventTriggered(AbstractChannelHandlerContext.java:368) [org.apache.jackrabbit.oak-segment-tar:1.22.20]
at io.netty.handler.ssl.SslHandler.setHandshakeSuccess(SslHandler.java:1940) [org.apache.jackrabbit.oak-segment-tar:1.22.20]
at io.netty.handler.ssl.SslHandler.wrapNonAppData(SslHandler.java:999) [org.apache.jackrabbit.oak-segment-tar:1.22.20]
at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1511) [org.apache.jackrabbit.oak-segment-tar:1.22.20]
at io.netty.handler.ssl.SslHandler.decodeJdkCompatible(SslHandler.java:1338) [org.apache.jackrabbit.oak-segment-tar:1.22.20]
at io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1387) [org.apache.jackrabbit.oak-segment-tar:1.22.20]
at io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:529) [org.apache.jackrabbit.oak-segment-tar:1.22.20]
at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:468) [org.apache.jackrabbit.oak-segment-tar:1.22.20]
at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:290) [org.apache.jackrabbit.oak-segment-tar:1.22.20]
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:444) [org.apache.jackrabbit.oak-segment-tar:1.22.20]
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420) [org.apache.jackrabbit.oak-segment-tar:1.22.20]
at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:412) [org.apache.jackrabbit.oak-segment-tar:1.22.20]
at io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1410) [org.apache.jackrabbit.oak-segment-tar:1.22.20]
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:440) [org.apache.jackrabbit.oak-segment-tar:1.22.20]
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420) [org.apache.jackrabbit.oak-segment-tar:1.22.20]
at io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:919) [org.apache.jackrabbit.oak-segment-tar:1.22.20]
at io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:166) [org.apache.jackrabbit.oak-segment-tar:1.22.20]
at io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:788) [org.apache.jackrabbit.oak-segment-tar:1.22.20]
at io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:724) [org.apache.jackrabbit.oak-segment-tar:1.22.20]
at io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:650) [org.apache.jackrabbit.oak-segment-tar:1.22.20]
at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:562) [org.apache.jackrabbit.oak-segment-tar:1.22.20]
at io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:997) [org.apache.jackrabbit.oak-segment-tar:1.22.20]
at io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74) [org.apache.jackrabbit.oak-segment-tar:1.22.20]
at java.base/java.lang.Thread.run(Thread.java:834)
26.09.2024 07:42:49.466 *ERROR* [CM Event Dispatcher (Fire ConfigurationEvent: pid=org.apache.jackrabbit.oak.segment.standby.store.StandbyStoreService)] org.apache.jackrabbit.oak.segment.standby.server.StandbyServer Server could not be started.
java.lang.IllegalArgumentException: File does not contain valid certificates: D:\aem-author-sit2-2024\certificate.crt
at io.netty.handler.ssl.SslContextBuilder.keyManager(SslContextBuilder.java:385) [org.apache.jackrabbit.oak-segment-tar:1.22.20]
at io.netty.handler.ssl.SslContextBuilder.forServer(SslContextBuilder.java:120) [org.apache.jackrabbit.oak-segment-tar:1.22.20]
at org.apache.jackrabbit.oak.segment.standby.server.StandbyServer.<init>(StandbyServer.java:221) [org.apache.jackrabbit.oak-segment-tar:1.22.20]
at org.apache.jackrabbit.oak.segment.standby.server.StandbyServer.<init>(StandbyServer.java:60) [org.apache.jackrabbit.oak-segment-tar:1.22.20]
at org.apache.jackrabbit.oak.segment.standby.server.StandbyServer$Builder.build(StandbyServer.java:212) [org.apache.jackrabbit.oak-segment-tar:1.22.20]
at org.apache.jackrabbit.oak.segment.standby.server.StandbyServerSync.start(StandbyServerSync.java:263) [org.apache.jackrabbit.oak-segment-tar:1.22.20]
at org.apache.jackrabbit.oak.segment.standby.store.StandbyStoreService.bootstrapPrimary(StandbyStoreService.java:214) [org.apache.jackrabbit.oak-segment-tar:1.22.20]
at org.apache.jackrabbit.oak.segment.standby.store.StandbyStoreService.activate(StandbyStoreService.java:170) [org.apache.jackrabbit.oak-segment-tar:1.22.20]
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:566)
at org.apache.felix.scr.impl.inject.methods.BaseMethod.invokeMethod(BaseMethod.java:244) [org.apache.felix.scr:2.1.30]
at org.apache.felix.scr.impl.inject.methods.BaseMethod.access$500(BaseMethod.java:41) [org.apache.felix.scr:2.1.30]
at org.apache.felix.scr.impl.inject.methods.BaseMethod$Resolved.invoke(BaseMethod.java:685) [org.apache.felix.scr:2.1.30]
at org.apache.felix.scr.impl.inject.methods.BaseMethod.invoke(BaseMethod.java:529) [org.apache.felix.scr:2.1.30]
at org.apache.felix.scr.impl.inject.methods.ActivateMethod.invoke(ActivateMethod.java:318) [org.apache.felix.scr:2.1.30]
at org.apache.felix.scr.impl.inject.methods.ActivateMethod.invoke(ActivateMethod.java:308) [org.apache.felix.scr:2.1.30]
at org.apache.felix.scr.impl.manager.SingleComponentManager.createImplementationObject(SingleComponentManager.java:354) [org.apache.felix.scr:2.1.30]
at org.apache.felix.scr.impl.manager.SingleComponentManager.createComponent(SingleComponentManager.java:115) [org.apache.felix.scr:2.1.30]
at org.apache.felix.scr.impl.manager.SingleComponentManager.getService(SingleComponentManager.java:1000) [org.apache.felix.scr:2.1.30]
at org.apache.felix.scr.impl.manager.SingleComponentManager.getServiceInternal(SingleComponentManager.java:973) [org.apache.felix.scr:2.1.30]
at org.apache.felix.scr.impl.manager.AbstractComponentManager.activateInternal(AbstractComponentManager.java:785) [org.apache.felix.scr:2.1.30]
at org.apache.felix.scr.impl.manager.SingleComponentManager.reconfigure(SingleComponentManager.java:750) [org.apache.felix.scr:2.1.30]

Topics

Topics help categorize Community content and increase your ability to discover relevant content.

0 Replies