VMware Cloud Community
admin
Immortal
Immortal
‎11-13-2012 04:03 PM

VCO REST API Exception

I have written a program attempting simple communication with a VCO appliance using the REST web services API.  Here is the code I am running:

package com.vmware.vco;

import java.net.URI;
import java.net.URISyntaxException;

import com.vmware.o11n.sdk.rest.client.DefaultVcoSessionFactory;
import com.vmware.o11n.sdk.rest.client.SsoAuthenticator;
import com.vmware.o11n.sdk.rest.client.VcoSession;
import com.vmware.o11n.sdk.rest.client.VcoSessionFactory;
import com.vmware.o11n.sdk.rest.client.authentication.Authentication;
import com.vmware.o11n.sdk.rest.client.authentication.UsernamePasswordAuthentication;
import com.vmware.o11n.sdk.rest.client.examples.AbstractParams;

import com.vmware.o11n.sdk.rest.client.services.ExecutionContextBuilder;
import com.vmware.o11n.sdk.rest.client.services.ExecutionService;
import com.vmware.o11n.sdk.rest.client.services.WorkflowService;
import com.vmware.o11n.sdk.rest.client.stubs.ExecutionContext;
import com.vmware.o11n.sdk.rest.client.stubs.Workflow;

public class ConnectionTest {
    public static void main(String[] args) {
        // TODO Auto-generated method stub
        VcoSession session;
        System.out.println("starting test");
        try {
            session = DefaultVcoSessionFactory.newLdapSession(new URI(
                    "https://10.25.49.38:8281/api/"), "vcoadmin", "vcoadmin");
            // create the services
            WorkflowService workflowService = new WorkflowService(session);
            ExecutionService executionService = new ExecutionService(session);
            // find a workflow by ID
            Workflow workflow = workflowService.getWorkflow("1231235");
            // create an ExecutionContext from the user's input
            ExecutionContext context = new ExecutionContextBuilder()
                    .addParam("name", "Jerry").addParam("age", 18).build();
        } catch (URISyntaxException e) {

            e.printStackTrace();
        }
        System.out.println("Exiting test");

    }
}

When the statement
            Workflow workflow = workflowService.getWorkflow("1231235"); is executed I am getting the following exception:

Exception in thread "main" org.springframework.web.client.ResourceAccessException: I/O error: peer not authenticated; nested exception is javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
    at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:453)
    at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:415)
    at org.springframework.web.client.RestTemplate.getForObject(RestTemplate.java:213)
    at com.vmware.o11n.sdk.rest.client.services.AbstractService.getObjectAppending(AbstractService.java:64)
    at com.vmware.o11n.sdk.rest.client.services.WorkflowService.getWorkflow(WorkflowService.java:40)
    at com.vmware.vco.ConnectionTest.main(ConnectionTest.java:32)

As far as I can tell the creation of the session object worked just fine.  The exception appears to have something to do with the certificate.  I have imported the certificate from the VCO appliance into my cacerts file but I still get the exception.  I cannot find any information in the Developing a Web Services Client for VMware vCenter Orchestrator document relating to this issue.  If anyone has seen this and knows the resolution please let me know.

0 Kudos
5 Replies
MadhuVMwarevClo
Contributor
Contributor
‎02-04-2013 02:38 PM

Hi,

I'm having same issue. Did you figure it out how?

Thanks

0 Kudos
admin
Immortal
Immortal
‎02-04-2013 02:48 PM

I have a solution that ignores an unofficial certificate.

public GenerateVcoConnection(URI vcoServer)
            throws KeyManagementException, NoSuchAlgorithmException {

        session = DefaultVcoSessionFactory.newLdapSession(vcoServer, userId,
                password);

            ClientHttpRequestFactory requestFactory = requestFactory();
            session.getRestTemplate().setRequestFactory(requestFactory);

        }

public static ClientHttpRequestFactory requestFactory()
            throws KeyManagementException, NoSuchAlgorithmException {

        DefaultHttpClient httpClient = new DefaultHttpClient();

        // Disable cert verification.
        SSLContext ctx = SSLContext.getInstance("TLS");
        X509TrustManager tm = new X509TrustManager() {

            public void checkClientTrusted(X509Certificate[] xcs, String string)
                    throws CertificateException {
            }

            public void checkServerTrusted(X509Certificate[] xcs, String string)
                    throws CertificateException {
            }

            public X509Certificate[] getAcceptedIssuers() {
                return null;
            }
        };

        ctx.init(null, new TrustManager[] { tm }, null);
        SSLContext.setDefault(ctx);

        // Disable hostname verification
        X509HostnameVerifier verifier = new X509HostnameVerifier() {

            @Override
            public boolean verify(String arg0, SSLSession arg1) {
                return true;
            }

            @Override
            public void verify(String arg0, SSLSocket arg1) throws IOException {
            }

            @Override
            public void verify(String arg0, X509Certificate arg1)
                    throws SSLException {
            }

            @Override
            public void verify(String arg0, String[] arg1, String[] arg2)
                    throws SSLException {
            }
        };

        SSLSocketFactory ssf = null;
        if (VERIFY_HOST_NAME)
            ssf = new SSLSocketFactory(ctx);
        else
            ssf = new SSLSocketFactory(ctx, verifier);

        ClientConnectionManager ccm = httpClient.getConnectionManager();
        SchemeRegistry sr = ccm.getSchemeRegistry();
        sr.register(new Scheme("https", 443, ssf));

        BasicCredentialsProvider credentialsProvider = new BasicCredentialsProvider();

        credentialsProvider.setCredentials(AuthScope.ANY,
                new UsernamePasswordCredentials(userId, password));

        httpClient.setCredentialsProvider(credentialsProvider);

        // HostnameVerifier verifier = new ApprovingHostnameVerifier();

        ClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory(
                httpClient);

        return requestFactory;
    }

0 Kudos
Vikashtalanki
Contributor
Contributor
‎02-05-2013 12:39 AM

@sbryan, you are super man. I got this worked for me.

Will be greately helpful if you could tell, how you figured this out.

Thanx once again

0 Kudos
admin
Immortal
Immortal
‎02-05-2013 06:10 AM

It was actually another person on my team, @dspringer, that figured it out.  We were working together on some iteration deliverables and he showed me how he was getting around the certificate issue.

0 Kudos
vmkarthic
Contributor
Contributor
‎05-30-2013 06:32 AM

HI Vikashtalanki

I'm unable to use the above logic . Could you please help me out to find out the solution for "peer not authenticated" issue.

Could you please post the full logic for the following logic.

Thanks in Advance.

package com.vmware.vco;

import java.net.URI;
import java.net.URISyntaxException;

import com.vmware.o11n.sdk.rest.client.DefaultVcoSessionFactory;
import com.vmware.o11n.sdk.rest.client.SsoAuthenticator;
import com.vmware.o11n.sdk.rest.client.VcoSession;
import com.vmware.o11n.sdk.rest.client.VcoSessionFactory;
import com.vmware.o11n.sdk.rest.client.authentication.Authentication;
import com.vmware.o11n.sdk.rest.client.authentication.UsernamePasswordAuthentication;
import com.vmware.o11n.sdk.rest.client.examples.AbstractParams;

import com.vmware.o11n.sdk.rest.client.services.ExecutionContextBuilder;
import com.vmware.o11n.sdk.rest.client.services.ExecutionService;
import com.vmware.o11n.sdk.rest.client.services.WorkflowService;
import com.vmware.o11n.sdk.rest.client.stubs.ExecutionContext;
import com.vmware.o11n.sdk.rest.client.stubs.Workflow;

public class ConnectionTest {
    public static void main(String[] args) {
        // TODO Auto-generated method stub
        VcoSession session;
        System.out.println("starting test");
        try {
            session = DefaultVcoSessionFactory.newLdapSession(new URI(
                    "https://10.25.49.38:8281/api/"), "vcoadmin", "vcoadmin");
            // create the services
            WorkflowService workflowService = new WorkflowService(session);
            ExecutionService executionService = new ExecutionService(session);
            // find a workflow by ID
            Workflow workflow = workflowService.getWorkflow("1231235");
            // create an ExecutionContext from the user's input
            ExecutionContext context = new ExecutionContextBuilder()
                    .addParam("name", "Jerry").addParam("age", 18).build();
        } catch (URISyntaxException e) {

            e.printStackTrace();
        }
        System.out.println("Exiting test");

    }
}

0 Kudos