Skip to main content

Hello everyone,

I've installed my map server on a different machine from my mainframe. The configuration seems fine, but I'm having a problem accessing the map, so I need some help. 

########## Centreon Map server version ##########

   INFO] ii centreon-map-engine 23.10.3-bullseye amd64 Centreon Map service under Spring Boot framework

########## System ##########

   INFO] SELinux is not available
Unit firewalld.service could not be found.
   OK]   Firewall is disabled
   INFO] Physical memory available on the server: 4013032 kb.
   INFO] Number of CPU available on the server: 4 core(s)

########## Java ##########

   OK]   Java 17 installed
   OK]   Optimization found for JVM: JAVA_OPTS="-Xms512m -Xmx4G -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/var/log/centreon-map -Dmanagement.endpoints.enabled-by-default=false -Dmanagement.endpoint.health.enabled=true -Dmanagement.endpoint.metrics.enabled=true"

########## Database connection ##########

   OK]   Connection to centreon
   OK]   Connection to centreon_storage
   OK]   Connection to centreon_map

########## Security ##########

   OK]   Token signing key

########## Broker connection ##########

   OK]   Connection to x.x.100.10 5758 port

########## Authentication ##########

   OK]   Centreon Central authentication using user centreon_map

########## Protocol verification ##########

   WARNING] Centreon Map server configured to use HTTP protocol
   INFO] Centreon Central configured in Map to use https protocol.
   OK]   Centreon Central successfully answered to HTTPS request

Centreon : 

Centron-Map-engine.log


$ cat /var/log/centreon-map/centreon-map-engine.logCaused by: org.springframework.web.client.ResourceAccessException: I/O error on POST request for "https://x.x.100.10/centreon/api/latest/login": Certificate for <x.x.100.10> doesn't match any of the subject alternative names: :centreon-new.x.x.x, centreon.super.x.x]; nested exception is javax.net.ssl.SSLPeerUnverifiedException: Certificate for <x.x.100.10> doesn't match any of the subject alternative names: :centreon-new.x.x, centreon.super.x.x]
        at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:791)
        at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:717)
        at org.springframework.web.client.RestTemplate.postForEntity(RestTemplate.java:474)
        at com.centreon.map.server.service.security.AuthenticationService.authenticate(AuthenticationService.java:96)
        at com.centreon.map.server.service.security.AuthenticationService.authenticate(AuthenticationService.java:63)
        at com.centreon.map.server.service.security.AuthenticationService$$FastClassBySpringCGLIB$$bc5d9fba.invoke(<generated>)
        at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218)
        at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:793)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163)
        at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:763)
        at org.springframework.transaction.interceptor.TransactionInterceptor$1.proceedWithInvocation(TransactionInterceptor.java:123)
        at org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:388)
        at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:119)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
        at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:763)
        at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:708)
        at com.centreon.map.server.service.security.AuthenticationService$$EnhancerBySpringCGLIB$$4118d22.authenticate(<generated>)
        at com.centreon.map.server.service.license.LicenseVerificationService.lambda$refreshLicense$0(LicenseVerificationService.java:133)
        at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
        at java.base/java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:304)
        ... 3 common frames omitted
Caused by: javax.net.ssl.SSLPeerUnverifiedException: Certificate for <x.x.100.10> doesn't match any of the subject alternative names: :centreon-new.x.x, centreon.super.x.x]
        at org.apache.http.conn.ssl.SSLConnectionSocketFactory.verifyHostname(SSLConnectionSocketFactory.java:507)
        at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:437)
        at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:384)
        at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142)
        at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:376)
        at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:393)
        at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236)
        at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:186)
        at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89)
        at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110)
        at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185)
        at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83)
        at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:56)
        at org.springframework.http.client.HttpComponentsClientHttpRequest.executeInternal(HttpComponentsClientHttpRequest.java:87)
        at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48)
        at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:66)
        at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:782)
        ... 22 common frames omitted

 

Hi @ITBD The Centreon Map server detect an invalid certificat on your Centreon central server:

org.springframework.web.client.ResourceAccessException: I/O error on POST request for "https://x.x.100.10/centreon/api/latest/login": Certificate for <x.x.100.10> doesn't match any of the subject alternative names:  centreon-new.x.x.x, centreon.super.x.x]; nested exception is javax.net.ssl.SSLPeerUnverifiedException: Certificate for <x.x.100.10> doesn't match any of the subject alternative names:  centreon-new.x.x, centreon.super.x.x]

it is a self-signed certificate?

These docs could help:

 

https://docs.centreon.com/docs/graph-views/secure-your-map-platform/#configuration-with-a-self-signed-certificate

 

https://docs.centreon.com/docs/administration/secure-platform/#creating-a-self-signed-certificate

@Laurent I managed to correct the problem, I changed the ip to the domain name and it worked. 

but i have this new error in the centreon-map.og

e2023-12-19 17:34:03.774] ]ERROR] ]o.springframework.boot.SpringApplication] ]main] : Application run failed
org.springframework.context.ApplicationContextException: Failed to start bean 'webServerStartStop'; nested exception is org.springframework.boot.web.server.WebServerException: Unable to start embedded Tomcat server
        at org.springframework.context.support.DefaultLifecycleProcessor.doStart(DefaultLifecycleProcessor.java:181)
        at org.springframework.context.support.DefaultLifecycleProcessor.access$200(DefaultLifecycleProcessor.java:54)
        at org.springframework.context.support.DefaultLifecycleProcessor$LifecycleGroup.start(DefaultLifecycleProcessor.java:356)
        at java.base/java.lang.Iterable.forEach(Iterable.java:75)
        at org.springframework.context.support.DefaultLifecycleProcessor.startBeans(DefaultLifecycleProcessor.java:155)
        at org.springframework.context.support.DefaultLifecycleProcessor.onRefresh(DefaultLifecycleProcessor.java:123)
        at org.springframework.context.support.AbstractApplicationContext.finishRefresh(AbstractApplicationContext.java:937)
        at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:586)
        at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.refresh(ServletWebServerApplicationContext.java:145)
        at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:745)
        at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:423)
        at org.springframework.boot.SpringApplication.run(SpringApplication.java:307)
        at org.springframework.boot.SpringApplication.run(SpringApplication.java:1317)
        at org.springframework.boot.SpringApplication.run(SpringApplication.java:1306)
        at com.centreon.map.server.CentreonMapServerApp.main(CentreonMapServerApp.java:10)
        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
        at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.base/java.lang.reflect.Method.invoke(Method.java:568)
        at org.springframework.boot.loader.MainMethodRunner.run(MainMethodRunner.java:49)
        at org.springframework.boot.loader.Launcher.launch(Launcher.java:108)
        at org.springframework.boot.loader.Launcher.launch(Launcher.java:58)
        at org.springframework.boot.loader.JarLauncher.main(JarLauncher.java:88)
Caused by: org.springframework.boot.web.server.WebServerException: Unable to start embedded Tomcat server
        at org.springframework.boot.web.embedded.tomcat.TomcatWebServer.start(TomcatWebServer.java:229)
        at org.springframework.boot.web.servlet.context.WebServerStartStopLifecycle.start(WebServerStartStopLifecycle.java:43)
        at org.springframework.context.support.DefaultLifecycleProcessor.doStart(DefaultLifecycleProcessor.java:178)
        ... 22 common frames omitted
Caused by: java.lang.IllegalArgumentException: standardService.connector.startFailed
        at org.apache.catalina.core.StandardService.addConnector(StandardService.java:235)
        at org.springframework.boot.web.embedded.tomcat.TomcatWebServer.addPreviouslyRemovedConnectors(TomcatWebServer.java:282)
        at org.springframework.boot.web.embedded.tomcat.TomcatWebServer.start(TomcatWebServer.java:213)
        ... 24 common frames omitted
Caused by: org.apache.catalina.LifecycleException: Protocol handler start failed
        at org.apache.catalina.connector.Connector.startInternal(Connector.java:1039)
        at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
        at org.apache.catalina.core.StandardService.addConnector(StandardService.java:232)
        ... 26 common frames omitted
Caused by: java.lang.IllegalArgumentException: /etc/centreon-map/studio.jks (Aucun fichier ou dossier de ce type)
        at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:107)
        at org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:71)
        at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:236)
        at org.apache.tomcat.util.net.AbstractEndpoint.bindWithCleanup(AbstractEndpoint.java:1302)
        at org.apache.tomcat.util.net.AbstractEndpoint.start(AbstractEndpoint.java:1388)
        at org.apache.coyote.AbstractProtocol.start(AbstractProtocol.java:663)
        at org.apache.catalina.connector.Connector.startInternal(Connector.java:1037)
        ... 28 common frames omitted
Caused by: java.io.FileNotFoundException: /etc/centreon-map/studio.jks (Aucun fichier ou dossier de ce type)
        at java.base/java.io.FileInputStream.open0(Native Method)
        at java.base/java.io.FileInputStream.open(FileInputStream.java:216)
        at java.base/java.io.FileInputStream.<init>(FileInputStream.java:157)
        at java.base/java.io.FileInputStream.<init>(FileInputStream.java:111)
        at java.base/sun.net.www.protocol.file.FileURLConnection.connect(FileURLConnection.java:86)
        at java.base/sun.net.www.protocol.file.FileURLConnection.getInputStream(FileURLConnection.java:189)
        at org.apache.catalina.startup.CatalinaBaseConfigurationSource.getResource(CatalinaBaseConfigurationSource.java:118)
        at org.apache.tomcat.util.net.SSLUtilBase.getStore(SSLUtilBase.java:200)
        at org.apache.tomcat.util.net.SSLHostConfigCertificate.getCertificateKeystore(SSLHostConfigCertificate.java:207)
        at org.apache.tomcat.util.net.SSLUtilBase.getKeyManagers(SSLUtilBase.java:282)
        at org.apache.tomcat.util.net.SSLUtilBase.createSSLContext(SSLUtilBase.java:246)
        at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:105)
        ... 34 common frames omitted

the web serveur not start, How can I correct this?

@Laurent @ponchoh  thanks for your help

does the file

 

“ /etc/centreon-map/studio.jks” exist or has enough rights to be used. You might be missing your trust store

 

Caused by: java.lang.IllegalArgumentException: /etc/centreon-map/studio.jks (Aucun fichier ou dossier de ce type) at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:107)

hi @ponchoh ,

The file is indeed missing. How can I correct this? 

Map log 

>2023-12-21 09:40:49.777]  ERROR]  c.c.map.server.broker.BrokerClient]  CentreonBroker-1] : Error occured while communicating with Broker
java.io.IOException: Broker does not have the same options, switching negotiation options ...
        at com.centreon.map.server.broker.BrokerClient.negotiate(BrokerClient.java:99)
        at com.centreon.map.server.broker.bbdo.BrokerEventProducer.readBrokerPackets(BrokerEventProducer.java:66)
        at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136)
        at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635)
        at java.base/java.lang.Thread.run(Thread.java:840)
>2023-12-21 09:40:51.780]  ERROR]  c.c.map.server.broker.BrokerClient]  CentreonBroker-1] : Error occured while communicating with Broker
java.io.IOException: Broker does not have the same options, switching negotiation options ...
        at com.centreon.map.server.broker.BrokerClient.negotiate(BrokerClient.java:99)
        at com.centreon.map.server.broker.bbdo.BrokerEventProducer.readBrokerPackets(BrokerEventProducer.java:66)
        at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136)
        at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635)
        at java.base/java.lang.Thread.run(Thread.java:840)
>2023-12-21 09:40:52.786]  ERROR]  c.c.map.server.broker.BrokerClient]  CentreonBroker-1] : Error occured while communicating with Broker
java.io.IOException: Broker does not have the same options, switching negotiation options ...
        at com.centreon.map.server.broker.BrokerClient.negotiate(BrokerClient.java:99)
        at com.centreon.map.server.broker.bbdo.BrokerEventProducer.readBrokerPackets(BrokerEventProducer.java:66)
        at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136)
        at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635)
        at java.base/java.lang.Thread.run(Thread.java:840)

i swich my centreon-map to HTTPS 

Hi

*resolved*
you must have your configuration files like this

map-config.properties
 

##### DO NOT EDIT THIS FILE. USE SCRIPT INSTEAD #####

###### BROKER CONFIGURATION ######
# you can edit here the broker address and port
broker.address=*******
broker.port=*****

# If Broker activates TLS connection
broker.tls=false

####### CENTREON ######
# centreon url with protocol (http:// or https://)
centreon.url=https://centreon.super.capitol.fr
# the centreon user must have access to all ressources
centreon.user=centreon_map
centreon.pwd=***********
centreon.path=/centreon
centreon.port=**** <------- add this if you want change your port 

####### MAP SERVER ######

# Key-store when Map server provide web services by HTTPS
centreon-map.keystore=/etc/centreon-map/map.jks
centreon-map.keystore-pass=**************

# Trust-store when Map server using TLS to connect Broker
# centreon-map.truststore=
# centreon-map.truststore-pass=

###### GEO ######
# mapbox information for geoloc
mapbox.token=
mapbox.map=

centreon-map.signing-key=********
centreon-map.access-token-validity-seconds=*******
management.endpoints.enabled-by-default=****
management.endpoint.health.enabled=****
management.endpoint.metrics.enabled=*****

###### GATES ######
# indicates whether  resources access should be taken into account when a user sees a view, this may optimize application's performance
# warning: it affects the rendering of the gates, for more information see the documentation (https://documentation.centreon.com)
gate.useResourcesAccess=true

centreon-map.conf

RUN_ARGS="--spring.profiles.active=prod,tls"
JAVA_OPTS="-Djava.net.preferIPv4Stack=true -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/var/log/centreon-map -Dcentreon-map.signing-key=********** -Dcentreon-map.access-token-validity-seconds=15552000 -Xms512m -Xmx4G"

restart map service and configure your web interface centreon central 

 

Finish.

Thank you for sharing the full story. 😁

Hi

*resolved*
you must have your configuration files like this

map-config.properties
 

##### DO NOT EDIT THIS FILE. USE SCRIPT INSTEAD #####

###### BROKER CONFIGURATION ######
# you can edit here the broker address and port
broker.address=*******
broker.port=*****

# If Broker activates TLS connection
broker.tls=false

####### CENTREON ######
# centreon url with protocol (http:// or https://)
centreon.url=https://centreon.super.capitol.fr
# the centreon user must have access to all ressources
centreon.user=centreon_map
centreon.pwd=***********
centreon.path=/centreon
centreon.port=**** <------- add this if you want change your port 

####### MAP SERVER ######

# Key-store when Map server provide web services by HTTPS
centreon-map.keystore=/etc/centreon-map/map.jks
centreon-map.keystore-pass=**************

# Trust-store when Map server using TLS to connect Broker
# centreon-map.truststore=
# centreon-map.truststore-pass=

###### GEO ######
# mapbox information for geoloc
mapbox.token=
mapbox.map=

centreon-map.signing-key=********
centreon-map.access-token-validity-seconds=*******
management.endpoints.enabled-by-default=****
management.endpoint.health.enabled=****
management.endpoint.metrics.enabled=*****

###### GATES ######
# indicates whether  resources access should be taken into account when a user sees a view, this may optimize application's performance
# warning: it affects the rendering of the gates, for more information see the documentation (https://documentation.centreon.com)
gate.useResourcesAccess=true

centreon-map.conf

RUN_ARGS="--spring.profiles.active=prod,tls"
JAVA_OPTS="-Djava.net.preferIPv4Stack=true -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/var/log/centreon-map -Dcentreon-map.signing-key=********** -Dcentreon-map.access-token-validity-seconds=15552000 -Xms512m -Xmx4G"

restart map service and configure your web interface centreon central 

 

Finish.

Hello,

i have this issue too,

i dont understand your configuration file.

it says tls=false

but u enabled it right?

also what part of it did u change it?

Best regards

Hi

*resolved*
you must have your configuration files like this

map-config.properties
 

##### DO NOT EDIT THIS FILE. USE SCRIPT INSTEAD #####

###### BROKER CONFIGURATION ######
# you can edit here the broker address and port
broker.address=*******
broker.port=*****

# If Broker activates TLS connection
broker.tls=false

####### CENTREON ######
# centreon url with protocol (http:// or https://)
centreon.url=https://centreon.super.capitol.fr
# the centreon user must have access to all ressources
centreon.user=centreon_map
centreon.pwd=***********
centreon.path=/centreon
centreon.port=**** <------- add this if you want change your port 

####### MAP SERVER ######

# Key-store when Map server provide web services by HTTPS
centreon-map.keystore=/etc/centreon-map/map.jks
centreon-map.keystore-pass=**************

# Trust-store when Map server using TLS to connect Broker
# centreon-map.truststore=
# centreon-map.truststore-pass=

###### GEO ######
# mapbox information for geoloc
mapbox.token=
mapbox.map=

centreon-map.signing-key=********
centreon-map.access-token-validity-seconds=*******
management.endpoints.enabled-by-default=****
management.endpoint.health.enabled=****
management.endpoint.metrics.enabled=*****

###### GATES ######
# indicates whether  resources access should be taken into account when a user sees a view, this may optimize application's performance
# warning: it affects the rendering of the gates, for more information see the documentation (https://documentation.centreon.com)
gate.useResourcesAccess=true

centreon-map.conf

RUN_ARGS="--spring.profiles.active=prod,tls"
JAVA_OPTS="-Djava.net.preferIPv4Stack=true -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/var/log/centreon-map -Dcentreon-map.signing-key=********** -Dcentreon-map.access-token-validity-seconds=15552000 -Xms512m -Xmx4G"

restart map service and configure your web interface centreon central 

 

Finish.

Hello,

i have this issue too,

i dont understand your configuration file.

it says tls=false

but u enabled it right?

also what part of it did u change it?

Best regards

Hello

tls=true

with the fqdn *https*

Reply


Terms & ConditionsCookie settings