We are using on-prem runtime to run one of our application. The API is currently using a self-signed certificate to achieve HTTPS and the port is 443. The API is deploying successfully on the server but when trying to send request it gives below error. Want to know if I am missing any step? Is keeping the self-signed certificate inside the jar is enough or do we need to place it on server?
All the required ports are open and also the same API is working successfully with http and 8081 port.
ERROR 2023-05-04 10:07:53,342 [pool-9-thread-1] [processor: ; event: ] com.mulesoft.agent.buffer.BufferedHandler: Buffer for IngestTargetMonitorPublisher is configured to discard messn flush failure. Discarding 1 messages.
WARN 2023-05-04 10:08:49,228 [monitoring-application-publisher-0] [processor: ; event: ] com.mulesoft.agent.util.client.DefaultAuthenticationProxyClient: There was an error executingt request to the auth proxy.
WARN 2023-05-04 10:08:49,228 [monitoring-application-publisher-0] [processor: ; event: ] com.mulesoft.agent.monitoring.publisher.ingest.IngestApplicationMonitorPublisher: Could not p application metrics for rrd-pci-orders-qa, cause: java.util.concurrent.ExecutionException: java.net.ConnectException: https://data-authenticator.anypoint.mulesoft.com:443
WARN 2023-05-04 10:08:49,229 [pool-7-thread-1] [processor: ; event: ] com.mulesoft.agent.monitoring.publisher.ingest.IngestApplicationMonitorPublisher: Some metrics for applications not be published.
INFO 2023-05-04 10:08:49,229 [pool-7-thread-1] [processor: ; event: ] com.mulesoft.agent.buffer.BufferedHandler: Trying to retry flushing on buffer for IngestApplicationMonitorPublisemaining attempts: 0
ERROR 2023-05-04 10:08:49,229 [pool-7-thread-1] [processor: ; event: ] com.mulesoft.agent.buffer.BufferedHandler: Buffer for IngestApplicationMonitorPublisher is configured to discardges on flush failure. Discarding 1 messages.
WARN 2023-05-04 10:08:50,550 [http.listener.02 SelectorRunner] [processor: ; event: ] org.glassfish.grizzly.filterchain.DefaultFilterChain: GRIZZLY0013: Exception during FilterChain ion
java.lang.NoClassDefFoundError: org/bouncycastle/asn1/x9/X962NamedCurves
at org.bouncycastle.jce.provider.JDKKeyPairGenerator$EC.initialize(Unknown Source) ~[?:?]
at sun.security.ssl.ECDHKeyExchange$ECDHEPossession.<init>(ECDHKeyExchange.java:111) ~[?:1.8.0_345]
at sun.security.ssl.ECDHKeyExchange$ECDHEPossessionGenerator.createPossession(ECDHKeyExchange.java:230) ~[?:1.8.0_345]
at sun.security.ssl.SSLKeyExchange$T12KeyAgreement.createPossession(SSLKeyExchange.java:376) ~[?:1.8.0_345]
at sun.security.ssl.SSLKeyExchange.createPossessions(SSLKeyExchange.java:89) ~[?:1.8.0_345]
at sun.security.ssl.ServerHello$T12ServerHelloProducer.chooseCipherSuite(ServerHello.java:433) ~[?:1.8.0_345]
at sun.security.ssl.ServerHello$T12ServerHelloProducer.produce(ServerHello.java:296) ~[?:1.8.0_345]
at sun.security.ssl.SSLHandshake.produce(SSLHandshake.java:421) ~[?:1.8.0_345]
at sun.security.ssl.ClientHello$T12ClientHelloConsumer.consume(ClientHello.java:1020) ~[?:1.8.0_345]
at sun.security.ssl.ClientHello$ClientHelloConsumer.onClientHello(ClientHello.java:727) ~[?:1.8.0_345]
at sun.security.ssl.ClientHello$ClientHelloConsumer.consume(ClientHello.java:693) ~[?:1.8.0_345]
at sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:377) ~[?:1.8.0_345]
at sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:444) ~[?:1.8.0_345]
at sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:981) ~[?:1.8.0_345]
at sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:968) ~[?:1.8.0_345]
at java.security.AccessController.doPrivileged(Native Method) ~[?:1.8.0_345]
at sun.security.ssl.SSLEngineImpl$DelegatedTask.run(SSLEngineImpl.java:915) ~[?:1.8.0_345]
at org.glassfish.grizzly.ssl.SSLUtils.executeDelegatedTask(SSLUtils.java:274) ~[grizzly-framework-2.3.36-MULE-024.jar:2.3.36-MULE-024]
at org.glassfish.grizzly.ssl.SSLBaseFilter.doHandshakeStep(SSLBaseFilter.java:735) ~[grizzly-framework-2.3.36-MULE-024.jar:2.3.36-MULE-024]
at org.glassfish.grizzly.ssl.SSLFilter.doHandshakeStep(SSLFilter.java:345) ~[grizzly-framework-2.3.36-MULE-024.jar:2.3.36-MULE-024]
at org.glassfish.grizzly.ssl.SSLBaseFilter.doHandshakeStep(SSLBaseFilter.java:648) ~[grizzly-framework-2.3.36-MULE-024.jar:2.3.36-MULE-024]
at org.glassfish.grizzly.ssl.SSLBaseFilter.handleRead(SSLBaseFilter.java:349) ~[grizzly-framework-2.3.36-MULE-024.jar:2.3.36-MULE-024]
at org.mule.service.http.impl.service.server.grizzly.MuleSslFilter.handleRead(MuleSslFilter.java:43) ~[mule-service-http-1.6.7.jar:1.6.7]
at org.mule.service.http.impl.service.server.grizzly.GrizzlyAddressDelegateFilter.handleRead(GrizzlyAddressDelegateFilter.java:53) ~[mule-service-http-1.6.7.jar:1.6.7]
at org.glassfish.grizzly.filterchain.ExecutorResolver$9.execute(ExecutorResolver.java:119) ~[grizzly-framework-2.3.36-MULE-024.jar:2.3.36-MULE-024]
at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeFilter(DefaultFilterChain.java:284) ~[grizzly-framework-2.3.36-MULE-024.jar:2.3.36-MULE-024]
at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeChainPart(DefaultFilterChain.java:201) ~[grizzly-framework-2.3.36-MULE-024.jar:2.3.36-MULE-024]
at org.glassfish.grizzly.filterchain.DefaultFilterChain.execute(DefaultFilterChain.java:133) [grizzly-framework-2.3.36-MULE-024.jar:2.3.36-MULE-024]
at org.glassfish.grizzly.filterchain.DefaultFilterChain.process(DefaultFilterChain.java:112) [grizzly-framework-2.3.36-MULE-024.jar:2.3.36-MULE-024]
at org.glassfish.grizzly.ProcessorExecutor.execute(ProcessorExecutor.java:77) [grizzly-framework-2.3.36-MULE-024.jar:2.3.36-MULE-024]
at org.glassfish.grizzly.nio.transport.TCPNIOTransport.fireIOEvent(TCPNIOTransport.java:540) [grizzly-framework-2.3.36-MULE-024.jar:2.3.36-MULE-024]
at org.glassfish.grizzly.strategies.AbstractIOStrategy.fireIOEvent(AbstractIOStrategy.java:112) [grizzly-framework-2.3.36-MULE-024.jar:2.3.36-MULE-024]
at org.mule.service.http.impl.service.server.grizzly.ExecutorPerServerAddressIOStrategy.run0(ExecutorPerServerAddressIOStrategy.java:99) [mule-service-http-1.6.7.jar:1.6.7]
at org.mule.service.http.impl.service.server.grizzly.ExecutorPerServerAddressIOStrategy.executeIoEvent(ExecutorPerServerAddressIOStrategy.java:74) [mule-service-http-1.6.7.jar]
at org.glassfish.grizzly.strategies.AbstractIOStrategy.executeIoEvent(AbstractIOStrategy.java:89) [grizzly-framework-2.3.36-MULE-024.jar:2.3.36-MULE-024]
at org.glassfish.grizzly.nio.SelectorRunner.iterateKeyEvents(SelectorRunner.java:415) [grizzly-framework-2.3.36-MULE-024.jar:2.3.36-MULE-024]
at org.glassfish.grizzly.nio.SelectorRunner.iterateKeys(SelectorRunner.java:384) [grizzly-framework-2.3.36-MULE-024.jar:2.3.36-MULE-024]
at org.glassfish.grizzly.nio.SelectorRunner.doSelect(SelectorRunner.java:348) [grizzly-framework-2.3.36-MULE-024.jar:2.3.36-MULE-024]
at org.glassfish.grizzly.nio.SelectorRunner.run(SelectorRunner.java:279) [grizzly-framework-2.3.36-MULE-024.jar:2.3.36-MULE-024]
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) [?:1.8.0_345]
at java.util.concurrent.FutureTask.run(FutureTask.java:266) [?:1.8.0_345]
at org.mule.service.scheduler.internal.AbstractRunnableFutureDecorator.doRun(AbstractRunnableFutureDecorator.java:151) [mule-service-scheduler-1.4.2/:?]
at org.mule.service.scheduler.internal.RunnableFutureDecorator.run(RunnableFutureDecorator.java:54) [mule-service-scheduler-1.4.2/:?]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [?:1.8.0_345]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [?:1.8.0_345]
at java.lang.Thread.run(Thread.java:750) [?:1.8.0_345]
Caused by: org.mule.runtime.module.artifact.api.classloader.exception.CompositeClassNotFoundException: Cannot load class 'org.bouncycastle.asn1.x9.X962NamedCurves': [
org.bouncycastle.asn1.x9.X962NamedCurves,
Cannot load class 'org.bouncycastle.asn1.x9.X962NamedCurves': [
Class 'org.bouncycastle.asn1.x9.X962NamedCurves' has no package mapping for region 'domain/default/app/rrd-pci-orders-qa'.,
Cannot load class 'org.bouncycastle.asn1.x9.X962NamedCurves': [
Class 'org.bouncycastle.asn1.x9.X962NamedCurves' has no package mapping for region '/domain/default'.,
Class 'org.bouncycastle.asn1.x9.X962NamedCurves' not found in classloader for artifact 'container'.]]]
Caused by: java.lang.ClassNotFoundException: org.bouncycastle.asn1.x9.X962NamedCurves
at java.net.URLClassLoader.findClass(URLClassLoader.java:387) ~[?:1.8.0_345]
at org.mule.runtime.module.artifact.api.classloader.FineGrainedControlClassLoader.findLocalClass(FineGrainedControlClassLoader.java:178) ~[mule-module-artifact-4.4.0-20220622.4.0-20220622]
at org.mule.runtime.module.artifact.api.classloader.FineGrainedControlClassLoader.loadClass(FineGrainedControlClassLoader.java:90) ~[mule-module-artifact-4.4.0-20220622.jar:4.220622]
at org.mule.runtime.module.artifact.api.classloader.MuleArtifactClassLoader.loadClass(MuleArtifactClassLoader.java:259) ~[mule-module-artifact-4.4.0-20220622.jar:4.4.0-2022062
at java.lang.ClassLoader.loadClass(ClassLoader.java:351) ~[?:1.8.0_345]
... 46 more
WARN 2023-05-04 10:08:53,407 [pool-9-thread-1] [processor: ; event: ] com.mulesoft.agent.util.client.DefaultAuthenticationProxyClient: There was an error executing a post request to th proxy.
WARN 2023-05-04 10:08:53,408 [pool-9-thread-1] [processor: ; event: ] com.mulesoft.agent.monitoring.publisher.ingest.IngestTargetMonitorPublisher: Could not publish target metrics tot, cause: NullPointerException:
INFO 2023-05-04 10:08:53,408 [pool-9-thread-1] [processor: ; event: ] com.mulesoft.agent.buffer.BufferedHandler: Trying to retry flushing on buffer for IngestTargetMonitorPublisher. ing attempts: 0
ERROR 2023-05-04 10:08:53,408 [pool-9-thread-1] [processor: ; event: ] com.mulesoft.agent.buffer.BufferedHandler: Buffer for IngestTargetMonitorPublisher is configured to discard messn flush failure. Discarding 1 messages.
Edited: Using - mule-ee-distribution-standalone-4.4.0-20220622
Here is the listener configuration
<http:listener-config name="HTTP_Listener_config" doc:name="HTTP Listener config" doc:id="c5b83770-c1b9-4015-942b-44a98dcc6b28">
<http:listener-connection host="0.0.0.0" port="443" protocol="HTTPS">
<tls:context >
<tls:key-store type="jks" keyPassword="${keystore.pass}" password="${keystore.pass}" path="${keystore.path}" alias="${keystore.alias}"/>
</tls:context>
</http:listener-connection>
</http:listener-config>
Thanks in advance
This seems to be caused by an upgrade of the Runtime Manager Agent plugin which removed the Bouncycastle libraries.
The fix is to use version of the Runtime Manager Agent newer than 2.4.27 (the latest one is recommended) and configure the property mule.security.provider=BC
For a standalone server you should set it in the conf/wrapper.conf file:
wrapper.java.additional.<n>=-Dmule.security.provider=BC
Be sure to replace <n> with an unused number.
For more information about this issue see the KB article https://help.mulesoft.com/s/article/Enabling-the-Bouncy-Castle-security-provider