Menu
▾
▴
Re: [Ejbca-develop] StackoverflowException on certificate enrollment after upgrade from 6.2.0 to 6.10.0
|
From: John R <joh...@gm...> - 2018-10-15 18:32:50
|
We have 2 publishers. One of them is an LDAP publisher which I'm assuming is unrelated. The other is an OCSP publisher. I can see that on EJBCA 6.2 it's publisher type is "Validation Authority Publisher". After the upgrade to 6.10 it has transformed to LegacyValidationAuthorityPublisher. I'm attaching a sceenshot of its configuration. On Mon, Oct 15, 2018 at 6:08 PM Tomas Gustavsson <to...@pr...> wrote: > > What does your publisher configuration look like? Can you give a > screenshot? > > /Tomas > > On 2018-10-15 17:06, Tomas Gustavsson wrote: > > > > Hm, yeah I think I can see why this doesn't work. Strange, as people are > > using this publisher still. > > > > Well have to look later... > > > > /Tomas > > > > On 2018-10-15 17:04, John R wrote: > >> We must have missed each other with the last messages. Like I mentioned > >> there I already tried that but then I end up with an endless recursion > >> due to the storeCertificate method in CustomPublisherContainer. > >> On Mon, Oct 15, 2018 at 6:02 PM Tomas Gustavsson <to...@pr... > >> <mailto:to...@pr...>> wrote: > >> > >> > >> > Did you try hardcoding willPublishCertificate returning true in > >> > LegacyValidationAuthorityPublisher? > >> > >> You can do the same with isFullEntityPublishingSupported, returning > >> false. > >> > >> Cheers, > >> Tomas > >> > >> On 2018-10-15 16:35, Tomas Gustavsson wrote: > >> > > >> > It seems to be: > >> > > >> this.custompublisher.init(getProperties()); > >> > >> > in CustomPublisherContainer.getCustomPublisher() > >> > > >> > getProperties calls getCustomPublisher...causing a recursion I > guess. > >> > > >> > Did you try hardcoding willPublishCertificate returning true in > >> > LegacyValidationAuthorityPublisher? > >> > > >> > /Tomas > >> > > >> > > >> > On 2018-10-15 15:06, John R wrote: > >> >> I made a small mistake. The second error in the log doesn't > >> happen when > >> >> the value of willPublishCertificate is hardcoded to false. When > it's > >> >> hardcoded to false the enrollment passes. When it's hardcoded to > >> true > >> >> the error occurs. > >> >> > >> >> On Mon, Oct 15, 2018 at 3:48 PM John R <joh...@gm... > >> <mailto:joh...@gm...> > >> >> <mailto:joh...@gm... <mailto:joh...@gm...>>> > wrote: > >> >> > >> >> Hi Thomas, thanks for the quick response. > >> >> > >> >> I'm attaching a file with 3 exceptions in it. They all > basically > >> >> come down to the same thing - the use of getCustomPublisher > >> >> in CustomPublisherContainer . The version of ejbca as seen > in the > >> >> log is 6.10.1.2 r27920. > >> >> Also I'm not sure if this is any help but while doing really > >> light > >> >> debugging I saw that the ICustomPublisher that > getCustomPublisher > >> >> returns in our case is LegacyValidationAuthorityPublisher > which I > >> >> think is the reason for the recursion in the first place > since it > >> >> doesn't have it's own implementation of those methods. > >> >> > >> >> On Mon, Oct 15, 2018 at 3:06 PM Tomas Gustavsson > >> <to...@pr... <mailto:to...@pr...> > >> >> <mailto:to...@pr... <mailto:to...@pr...>>> > wrote: > >> >> > >> >> > >> >> This is nothing we have heard before. Can you post the > stack > >> >> trace you > >> >> get in server.log. As well as state the exact version you > >> use. > >> >> > >> >> Regards, > >> >> Tomas > >> >> > >> >> On 2018-10-15 12:48, John R wrote: > >> >> > Hello, > >> >> > > >> >> > We tried upgrading from 6.2.0 to 6.10.0 following the > >> guide on > >> >> the site. > >> >> > Everything seemed to work but now we can't enroll the > >> >> certificate. I did > >> >> > some light digging and the problem seems to be the > method > >> >> > willPublishCertificate in CustomPublisherContainer > which is > >> >> inherited > >> >> > by LegacyValidationAuthorityPublisher which is the > actual > >> >> class returned > >> >> > by getCustomPublisher. It basically always creates a > new > >> >> instance of > >> >> > itself and then calls the willPublishCertificate > method on > >> >> itself and so > >> >> > on forever. > >> >> > > >> >> > I hardcoded it false and the enrollment started > >> working. Then > >> >> I checked > >> >> > how it was in the original 6.2.0 source and saw that > the > >> >> BasePublisher > >> >> > class had the method back then and it was hardcoded to > >> true. > >> >> So I tried > >> >> > that on out 6.10.0 source and then got a > >> >> StackoverflowException from the > >> >> > method isFullEntityPublishingSupported again > >> >> > in CustomPublisherContainer. There it again ask for > >> >> getCustomPublisher, > >> >> > gets a new instance of itself and calls the method on > >> the new > >> >> instance > >> >> > again resulting in an endless recursion. > >> >> > > >> >> > The whole process of ending with these issues is -> > >> create new end > >> >> > entity using our previously existing CAs --> go to > >> public web > >> >> and try to > >> >> > enroll. > >> >> > > >> >> > What are we doing wrong? > >> >> > > >> >> > > >> >> > > >> >> > > >> >> > _______________________________________________ > >> >> > Ejbca-develop mailing list > >> >> > Ejb...@li... > >> <mailto:Ejb...@li...> > >> >> <mailto:Ejb...@li... > >> <mailto:Ejb...@li...>> > >> >> > > https://lists.sourceforge.net/lists/listinfo/ejbca-develop > >> >> > > >> >> > >> >> > >> >> _______________________________________________ > >> >> Ejbca-develop mailing list > >> >> Ejb...@li... > >> <mailto:Ejb...@li...> > >> >> <mailto:Ejb...@li... > >> <mailto:Ejb...@li...>> > >> >> > https://lists.sourceforge.net/lists/listinfo/ejbca-develop > >> >> > >> >> > >> >> > >> >> > >> >> > >> >> _______________________________________________ > >> >> Ejbca-develop mailing list > >> >> Ejb...@li... > >> <mailto:Ejb...@li...> > >> >> https://lists.sourceforge.net/lists/listinfo/ejbca-develop > >> >> > >> > >> > >> _______________________________________________ > >> Ejbca-develop mailing list > >> Ejb...@li... > >> <mailto:Ejb...@li...> > >> https://lists.sourceforge.net/lists/listinfo/ejbca-develop > >> > >> > >> > >> > >> > >> _______________________________________________ > >> Ejbca-develop mailing list > >> Ejb...@li... > >> https://lists.sourceforge.net/lists/listinfo/ejbca-develop > >> > > > > > > _______________________________________________ > > Ejbca-develop mailing list > > Ejb...@li... > > https://lists.sourceforge.net/lists/listinfo/ejbca-develop > > > > > _______________________________________________ > Ejbca-develop mailing list > Ejb...@li... > https://lists.sourceforge.net/lists/listinfo/ejbca-develop > |
