On Wed, Jan 30, 2013 at 7:44 AM, Jäger, Philipp <Philipp.Jaeger@xxxxxxx> wrote: > Hello everybody, > > we want to set up ceph+radosgw to use it with the S3 API. > > So I set it up with this manual: > > http://ceph.com/docs/master/radosgw/manual-install/ > > and this: > http://ceph.com/docs/master/radosgw/config/ > > > At the moment we want to test in our local network, its not published to the internet. > > We make a wildcard cname entry in our dns to forward subdomain calls to the server: *.servername.cgm.ag => servername.cgm.ag > > We have to activate SSL for an encrypted connection. > > Our programmer want to connect and create a bucket like its described here: > http://ceph.com/docs/master/radosgw/s3/java/ > > He gets the following: > > "FAILED: createBucket > com.amazonaws.AmazonClientException: Unable to execute HTTP request: peer not authenticated > at com.amazonaws.http.AmazonHttpClient.executeHelper(AmazonHttpClient.java:328) > at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:165) > at com.amazonaws.services.s3.AmazonS3Client.invoke(AmazonS3Client.java:2949) > at com.amazonaws.services.s3.AmazonS3Client.createBucket(AmazonS3Client.java:616) > at com.amazonaws.services.s3.AmazonS3Client.createBucket(AmazonS3Client.java:538) > at com.cgm.connect.securefiletransfer.hwb.S3Test.createBucket(S3Test.java:64) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:601) > at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:80) > at org.testng.internal.Invoker.invokeMethod(Invoker.java:691) > at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:883) > at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1208) > at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:127) > at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:111) > at org.testng.TestRunner.privateRun(TestRunner.java:753) > at org.testng.TestRunner.run(TestRunner.java:613) > at org.testng.SuiteRunner.runTest(SuiteRunner.java:335) > at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:330) > at org.testng.SuiteRunner.privateRun(SuiteRunner.java:292) > at org.testng.SuiteRunner.run(SuiteRunner.java:241) > at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) > at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) > at org.testng.TestNG.runSuitesSequentially(TestNG.java:1169) > at org.testng.TestNG.runSuitesLocally(TestNG.java:1094) > at org.testng.TestNG.run(TestNG.java:1006) > at org.testng.remote.RemoteTestNG.run(RemoteTestNG.java:107) > at org.testng.remote.RemoteTestNG.initAndRun(RemoteTestNG.java:199) > at org.testng.remote.RemoteTestNG.main(RemoteTestNG.java:170) > Caused by: javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated > at sun.security.ssl.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:397) > at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128) > at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:390) > at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:148) > at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:149) > at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:121) > at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:561) > at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:415) > at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:820) > at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:754) > at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:732) > at com.amazonaws.http.AmazonHttpClient.executeHelper(AmazonHttpClient.java:280) > ... 29 more > > " > > Domain: cgm.ag > Name of the server: sg3cephtstko1 = sg3cephtstko1.cgm.ag(fqdn) > In the /var/www folder is the s3gw.fcgi script with the command described in the manual. > > We have bought a wildcard ssl certificate for our domain, so no problem with self signed certificates I think. > > Radosgw,ceph and apache service is running. > > > So do you have any ideas where the problem is? > > "peer not authenticated" => Is it a problem of SSL or something to do with the radosgw config? > Is there a possibility to test the functionality that you can say there's no problem with the set up in general, for example a script running on the server itself? > Is there something we forget or misconfigured? > > Does it work without https? Do requests reach the gateway? What does the radosgw log show? What does the apache access log show? Yehuda -- To unsubscribe from this list: send the line "unsubscribe ceph-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
