如果 devmode 为 false,则无法连接到 corda 节点
Not able to connect to corda nodes if devmode is false
我遵循了这里的指南 https://docs.corda.net/permissioning.html 从节点证书的颁发开始,我将在其中创建密钥和证书并签署根 -> 中间 -> 节点 -> SSL,并在它们之间链接证书以获得三个 (.jks) 文件。
当网络处于开发模式时,我能够无误地启动一个节点,但由于证书的原因,它不会启动,因为网络地图无法识别我假定的节点。
考虑到这一点,我正在尝试将网络映射和整个网络更改为非开发模式环境,当我启动网络映射时,我似乎在日志中遇到 java.security.cert.CertPathValidatorException: Path does not chain with any of the trust anchors,但是我可以看到网络地图的界面已启动。
当我使用相同的根和中间密钥将另一个节点注册到网络时,我遇到了错误:org.apache.activemq.artemis.api.core.ActiveMQSecurityException: AMQ119031: Unable to validate user
PS:我也试过:
- 复制开发模式创建网络映射证书而不是
网络地图将证书(另一个级别)分配为
corda.simple.notary
- 在此结构中复制网络映射证书:
https://github.com/corda/corda/blob/master/docs/source/permissioning.rst
其中 root 签名并绕过中间 CA
关于如何在非开发环境中启动网络的任何提示?
编辑:我正在使用 keytool 来执行这些功能
stacktrace 网络图:
WARN ] 2018-03-12T09:55:54,358Z [Thread-2 (ActiveMQ-server-org.apache.activemq.artemis.core.server.impl.ActiveMQServerImpl@4d22265c)] core.client.createTransportConnection - AMQ212007: connector.create or connectorFactory.createConnector should never throw an exception, implementation is badly behaved, but we will deal with it anyway.
java.security.cert.CertPathValidatorException: Path does not chain with any of the trust anchors
at sun.security.provider.certpath.PKIXCertPathValidator.validate(PKIXCertPathValidator.java:153) ~[?:1.8.0_144]
at sun.security.provider.certpath.PKIXCertPathValidator.engineValidate(PKIXCertPathValidator.java:79) ~[?:1.8.0_144]
at java.security.cert.CertPathValidator.validate(CertPathValidator.java:292) ~[?:1.8.0_144]
at net.corda.node.utilities.X509Utilities.validateCertificateChain(X509Utilities.kt:153) ~[corda-node-2.0.0.jar:?]
at net.corda.node.services.messaging.VerifyingNettyConnector.createConnection(ArtemisMessagingServer.kt:506) ~[corda-node-2.0.0.jar:?]
at org.apache.activemq.artemis.core.client.impl.ClientSessionFactoryImpl.openTransportConnection(ClientSessionFactoryImpl.java:1036) ~[artemis-core-client-2.1.0.jar:2.1.0]
at org.apache.activemq.artemis.core.client.impl.ClientSessionFactoryImpl.createTransportConnection(ClientSessionFactoryImpl.java:1076) [artemis-core-client-2.1.0.jar:2.1.0]
at org.apache.activemq.artemis.core.client.impl.ClientSessionFactoryImpl.establishNewConnection(ClientSessionFactoryImpl.java:1254) [artemis-core-client-2.1.0.jar:2.1.0]
at org.apache.activemq.artemis.core.client.impl.ClientSessionFactoryImpl.getConnection(ClientSessionFactoryImpl.java:891) [artemis-core-client-2.1.0.jar:2.1.0]
at org.apache.activemq.artemis.core.client.impl.ClientSessionFactoryImpl.getConnectionWithRetry(ClientSessionFactoryImpl.java:795) [artemis-core-client-2.1.0.jar:2.1.0]
at org.apache.activemq.artemis.core.client.impl.ClientSessionFactoryImpl.connect(ClientSessionFactoryImpl.java:238) [artemis-core-client-2.1.0.jar:2.1.0]
at org.apache.activemq.artemis.core.client.impl.ServerLocatorImpl.createSessionFactory(ServerLocatorImpl.java:772) [artemis-core-client-2.1.0.jar:2.1.0]
at org.apache.activemq.artemis.core.server.cluster.impl.BridgeImpl.createSessionFactory(BridgeImpl.java:803) [artemis-server-2.1.0.jar:2.1.0]
at org.apache.activemq.artemis.core.server.cluster.impl.BridgeImpl.connect(BridgeImpl.java:860) [artemis-server-2.1.0.jar:2.1.0]
at org.apache.activemq.artemis.core.server.cluster.impl.BridgeImpl$ConnectRunnable.run(BridgeImpl.java:1045) [artemis-server-2.1.0.jar:2.1.0]
at org.apache.activemq.artemis.utils.OrderedExecutorFactory$OrderedExecutor$ExecutorTask.run(OrderedExecutorFactory.java:101) [artemis-commons-2.1.0.jar:2.1.0]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [?:1.8.0_144]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [?:1.8.0_144]
at java.lang.Thread.run(Thread.java:748) [?:1.8.0_144]
[WARN ] 2018-03-12T09:55:54,408Z [Thread-1 (ActiveMQ-server-org.apache.activemq.artemis.core.server.impl.ActiveMQServerImpl@4d22265c)] core.client.createTransportConnection - AMQ212007: connector.create or connectorFactory.createConnector should never throw an exception, implementation is badly behaved, but we will deal with it anyway.
java.security.cert.CertPathValidatorException: Path does not chain with any of the trust anchors
at sun.security.provider.certpath.PKIXCertPathValidator.validate(PKIXCertPathValidator.java:153) ~[?:1.8.0_144]
at sun.security.provider.certpath.PKIXCertPathValidator.engineValidate(PKIXCertPathValidator.java:79) ~[?:1.8.0_144]
at java.security.cert.CertPathValidator.validate(CertPathValidator.java:292) ~[?:1.8.0_144]
at net.corda.node.utilities.X509Utilities.validateCertificateChain(X509Utilities.kt:153) ~[corda-node-2.0.0.jar:?]
at net.corda.node.services.messaging.VerifyingNettyConnector.createConnection(ArtemisMessagingServer.kt:506) ~[corda-node-2.0.0.jar:?]
at org.apache.activemq.artemis.core.client.impl.ClientSessionFactoryImpl.openTransportConnection(ClientSessionFactoryImpl.java:1036) ~[artemis-core-client-2.1.0.jar:2.1.0]
at org.apache.activemq.artemis.core.client.impl.ClientSessionFactoryImpl.createTransportConnection(ClientSessionFactoryImpl.java:1076) [artemis-core-client-2.1.0.jar:2.1.0]
at org.apache.activemq.artemis.core.client.impl.ClientSessionFactoryImpl.establishNewConnection(ClientSessionFactoryImpl.java:1254) [artemis-core-client-2.1.0.jar:2.1.0]
at org.apache.activemq.artemis.core.client.impl.ClientSessionFactoryImpl.getConnection(ClientSessionFactoryImpl.java:891) [artemis-core-client-2.1.0.jar:2.1.0]
at org.apache.activemq.artemis.core.client.impl.ClientSessionFactoryImpl.getConnectionWithRetry(ClientSessionFactoryImpl.java:795) [artemis-core-client-2.1.0.jar:2.1.0]
at org.apache.activemq.artemis.core.client.impl.ClientSessionFactoryImpl.connect(ClientSessionFactoryImpl.java:238) [artemis-core-client-2.1.0.jar:2.1.0]
at org.apache.activemq.artemis.core.client.impl.ServerLocatorImpl.createSessionFactory(ServerLocatorImpl.java:772) [artemis-core-client-2.1.0.jar:2.1.0]
at org.apache.activemq.artemis.core.server.cluster.impl.BridgeImpl.createSessionFactory(BridgeImpl.java:803) [artemis-server-2.1.0.jar:2.1.0]
at org.apache.activemq.artemis.core.server.cluster.impl.BridgeImpl.connect(BridgeImpl.java:860) [artemis-server-2.1.0.jar:2.1.0]
at org.apache.activemq.artemis.core.server.cluster.impl.BridgeImpl$ConnectRunnable.run(BridgeImpl.java:1045) [artemis-server-2.1.0.jar:2.1.0]
at org.apache.activemq.artemis.utils.OrderedExecutorFactory$OrderedExecutor$ExecutorTask.run(OrderedExecutorFactory.java:101) [artemis-commons-2.1.0.jar:2.1.0]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [?:1.8.0_144]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [?:1.8.0_144]
at java.lang.Thread.run(Thread.java:748) [?:1.8.0_144]
[INFO ] 2018-03-12T09:55:54,470Z [main] internal.Node.registerWithNetworkMapIfConfigured - Node successfully loaded network map data from the database.
[INFO ] 2018-03-12T09:55:54,471Z [main] messaging.NodeMessagingClient.invoke - Network map is complete, so removing filter from P2P consumer.
[INFO ] 2018-03-12T09:55:54,490Z [main] BasicInfo.printBasicNodeInfo - Providing network services : corda.notary.simple
[INFO ] 2018-03-12T09:55:54,490Z [main] BasicInfo.printBasicNodeInfo - Loaded CorDapps : corda-finance-2.0.0, mokochu-p2p-0.1, corda-core-2.0.0
[INFO ] 2018-03-12T09:55:54,492Z [main] BasicInfo.printBasicNodeInfo - Node for "NetworkMap" started up and registered in 8.09 sec
[INFO ] 2018-03-12T09:55:54,495Z [main] messaging.RPCServer.start - Starting RPC server with configuration RPCServerConfiguration(rpcThreadPoolSize=4, consumerPoolSize=2, producerPoolBound=4, reapInterval=PT1S)
[INFO ] 2018-03-12T09:55:54,833Z [Node thread] plugin.PluginManager.getPlugins - Loaded plugin Plugin[type=CRaSHShellFactory,interface=ShellFactory]
[INFO ] 2018-03-12T09:55:54,834Z [Node thread] plugin.PluginManager.getPlugins - Loaded plugin Plugin[type=GroovyLanguageProxy,interface=Language]
[INFO ] 2018-03-12T09:55:54,835Z [Node thread] plugin.PluginManager.getPlugins - Loaded plugin Plugin[type=JavaLanguage,interface=Language]
[INFO ] 2018-03-12T09:55:54,835Z [Node thread] plugin.PluginManager.getPlugins - Loaded plugin Plugin[type=ScriptLanguage,interface=Language]
[INFO ] 2018-03-12T09:55:54,836Z [Node thread] plugin.PluginManager.getPlugins - Loaded plugin Plugin[type=JaasAuthenticationPlugin,interface=AuthenticationPlugin]
[INFO ] 2018-03-12T09:55:54,836Z [Node thread] plugin.PluginManager.getPlugins - Loaded plugin Plugin[type=SimpleAuthenticationPlugin,interface=AuthenticationPlugin]
[INFO ] 2018-03-12T09:55:54,845Z [Node thread] plugin.PluginManager.getPlugins - Initialized plugin Plugin[type=GroovyLanguageProxy,interface=Language]
[INFO ] 2018-03-12T09:55:54,845Z [Node thread] plugin.PluginManager.getPlugins - Initialized plugin Plugin[type=ScriptLanguage,interface=Language]
[INFO ] 2018-03-12T09:55:54,848Z [Node thread] plugin.PluginManager.getPlugins - Initialized plugin Plugin[type=CRaSHShellFactory,interface=ShellFactory]
[INFO ] 2018-03-12T09:55:54,848Z [Node thread] plugin.PluginManager.getPlugins - Initialized plugin Plugin[type=JaasAuthenticationPlugin,interface=AuthenticationPlugin]
[INFO ] 2018-03-12T09:55:54,849Z [Node thread] plugin.PluginManager.getPlugins - Initialized plugin Plugin[type=SimpleAuthenticationPlugin,interface=AuthenticationPlugin]
[WARN ] 2018-03-12T09:56:01,942Z [Thread-0 (ActiveMQ-server-org.apache.activemq.artemis.core.server.impl.ActiveMQServerImpl@4d22265c)] core.client.createTransportConnection - AMQ212007: connector.create or connectorFactory.createConnector should never throw an exception, implementation is badly behaved, but we will deal with it anyway.
java.security.cert.CertPathValidatorException: Path does not chain with any of the trust anchors
at sun.security.provider.certpath.PKIXCertPathValidator.validate(PKIXCertPathValidator.java:153) ~[?:1.8.0_144]
at sun.security.provider.certpath.PKIXCertPathValidator.engineValidate(PKIXCertPathValidator.java:79) ~[?:1.8.0_144]
at java.security.cert.CertPathValidator.validate(CertPathValidator.java:292) ~[?:1.8.0_144]
at net.corda.node.utilities.X509Utilities.validateCertificateChain(X509Utilities.kt:153) ~[corda-node-2.0.0.jar:?]
at net.corda.node.services.messaging.VerifyingNettyConnector.createConnection(ArtemisMessagingServer.kt:506) ~[corda-node-2.0.0.jar:?]
at org.apache.activemq.artemis.core.client.impl.ClientSessionFactoryImpl.openTransportConnection(ClientSessionFactoryImpl.java:1036) ~[artemis-core-client-2.1.0.jar:2.1.0]
at org.apache.activemq.artemis.core.client.impl.ClientSessionFactoryImpl.createTransportConnection(ClientSessionFactoryImpl.java:1076) [artemis-core-client-2.1.0.jar:2.1.0]
at org.apache.activemq.artemis.core.client.impl.ClientSessionFactoryImpl.establishNewConnection(ClientSessionFactoryImpl.java:1254) [artemis-core-client-2.1.0.jar:2.1.0]
at org.apache.activemq.artemis.core.client.impl.ClientSessionFactoryImpl.getConnection(ClientSessionFactoryImpl.java:891) [artemis-core-client-2.1.0.jar:2.1.0]
at org.apache.activemq.artemis.core.client.impl.ClientSessionFactoryImpl.getConnectionWithRetry(ClientSessionFactoryImpl.java:795) [artemis-core-client-2.1.0.jar:2.1.0]
at org.apache.activemq.artemis.core.client.impl.ClientSessionFactoryImpl.connect(ClientSessionFactoryImpl.java:238) [artemis-core-client-2.1.0.jar:2.1.0]
at org.apache.activemq.artemis.core.client.impl.ServerLocatorImpl.createSessionFactory(ServerLocatorImpl.java:772) [artemis-core-client-2.1.0.jar:2.1.0]
at org.apache.activemq.artemis.core.server.cluster.impl.BridgeImpl.createSessionFactory(BridgeImpl.java:803) [artemis-server-2.1.0.jar:2.1.0]
at org.apache.activemq.artemis.core.server.cluster.impl.BridgeImpl.connect(BridgeImpl.java:860) [artemis-server-2.1.0.jar:2.1.0]
at org.apache.activemq.artemis.core.server.cluster.impl.BridgeImpl$ConnectRunnable.run(BridgeImpl.java:1045) [artemis-server-2.1.0.jar:2.1.0]
at org.apache.activemq.artemis.utils.OrderedExecutorFactory$OrderedExecutor$ExecutorTask.run(OrderedExecutorFactory.java:101) [artemis-commons-2.1.0.jar:2.1.0]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [?:1.8.0_144]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [?:1.8.0_144]
at java.lang.Thread.run(Thread.java:748) [?:1.8.0_144]
错误消息来自ArtemisMessagingServer,它使用了节点的TLS 证书。该消息表明 TLS 证书链设置不正确,或者节点信任库中的根证书错误。不幸的是,这是一个 java.security 错误,而不是 Corda 错误,它没有提供有关问题确切原因的信息。
您的 TLS 证书应具有以下链:
TLS 证书 -> 节点 CA 证书 -> 中间 CA 证书 -> 根 CA 证书
所有这些证书的密钥都应该使用 TLS-compatible 算法(不是 EdDSA)。
我遵循了这里的指南 https://docs.corda.net/permissioning.html 从节点证书的颁发开始,我将在其中创建密钥和证书并签署根 -> 中间 -> 节点 -> SSL,并在它们之间链接证书以获得三个 (.jks) 文件。
当网络处于开发模式时,我能够无误地启动一个节点,但由于证书的原因,它不会启动,因为网络地图无法识别我假定的节点。
考虑到这一点,我正在尝试将网络映射和整个网络更改为非开发模式环境,当我启动网络映射时,我似乎在日志中遇到 java.security.cert.CertPathValidatorException: Path does not chain with any of the trust anchors,但是我可以看到网络地图的界面已启动。
当我使用相同的根和中间密钥将另一个节点注册到网络时,我遇到了错误:org.apache.activemq.artemis.api.core.ActiveMQSecurityException: AMQ119031: Unable to validate user
PS:我也试过:
- 复制开发模式创建网络映射证书而不是 网络地图将证书(另一个级别)分配为 corda.simple.notary
- 在此结构中复制网络映射证书: https://github.com/corda/corda/blob/master/docs/source/permissioning.rst 其中 root 签名并绕过中间 CA
关于如何在非开发环境中启动网络的任何提示?
编辑:我正在使用 keytool 来执行这些功能 stacktrace 网络图:
WARN ] 2018-03-12T09:55:54,358Z [Thread-2 (ActiveMQ-server-org.apache.activemq.artemis.core.server.impl.ActiveMQServerImpl@4d22265c)] core.client.createTransportConnection - AMQ212007: connector.create or connectorFactory.createConnector should never throw an exception, implementation is badly behaved, but we will deal with it anyway. java.security.cert.CertPathValidatorException: Path does not chain with any of the trust anchors at sun.security.provider.certpath.PKIXCertPathValidator.validate(PKIXCertPathValidator.java:153) ~[?:1.8.0_144] at sun.security.provider.certpath.PKIXCertPathValidator.engineValidate(PKIXCertPathValidator.java:79) ~[?:1.8.0_144] at java.security.cert.CertPathValidator.validate(CertPathValidator.java:292) ~[?:1.8.0_144] at net.corda.node.utilities.X509Utilities.validateCertificateChain(X509Utilities.kt:153) ~[corda-node-2.0.0.jar:?] at net.corda.node.services.messaging.VerifyingNettyConnector.createConnection(ArtemisMessagingServer.kt:506) ~[corda-node-2.0.0.jar:?] at org.apache.activemq.artemis.core.client.impl.ClientSessionFactoryImpl.openTransportConnection(ClientSessionFactoryImpl.java:1036) ~[artemis-core-client-2.1.0.jar:2.1.0] at org.apache.activemq.artemis.core.client.impl.ClientSessionFactoryImpl.createTransportConnection(ClientSessionFactoryImpl.java:1076) [artemis-core-client-2.1.0.jar:2.1.0] at org.apache.activemq.artemis.core.client.impl.ClientSessionFactoryImpl.establishNewConnection(ClientSessionFactoryImpl.java:1254) [artemis-core-client-2.1.0.jar:2.1.0] at org.apache.activemq.artemis.core.client.impl.ClientSessionFactoryImpl.getConnection(ClientSessionFactoryImpl.java:891) [artemis-core-client-2.1.0.jar:2.1.0] at org.apache.activemq.artemis.core.client.impl.ClientSessionFactoryImpl.getConnectionWithRetry(ClientSessionFactoryImpl.java:795) [artemis-core-client-2.1.0.jar:2.1.0] at org.apache.activemq.artemis.core.client.impl.ClientSessionFactoryImpl.connect(ClientSessionFactoryImpl.java:238) [artemis-core-client-2.1.0.jar:2.1.0] at org.apache.activemq.artemis.core.client.impl.ServerLocatorImpl.createSessionFactory(ServerLocatorImpl.java:772) [artemis-core-client-2.1.0.jar:2.1.0] at org.apache.activemq.artemis.core.server.cluster.impl.BridgeImpl.createSessionFactory(BridgeImpl.java:803) [artemis-server-2.1.0.jar:2.1.0] at org.apache.activemq.artemis.core.server.cluster.impl.BridgeImpl.connect(BridgeImpl.java:860) [artemis-server-2.1.0.jar:2.1.0] at org.apache.activemq.artemis.core.server.cluster.impl.BridgeImpl$ConnectRunnable.run(BridgeImpl.java:1045) [artemis-server-2.1.0.jar:2.1.0] at org.apache.activemq.artemis.utils.OrderedExecutorFactory$OrderedExecutor$ExecutorTask.run(OrderedExecutorFactory.java:101) [artemis-commons-2.1.0.jar:2.1.0] at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [?:1.8.0_144] at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [?:1.8.0_144] at java.lang.Thread.run(Thread.java:748) [?:1.8.0_144] [WARN ] 2018-03-12T09:55:54,408Z [Thread-1 (ActiveMQ-server-org.apache.activemq.artemis.core.server.impl.ActiveMQServerImpl@4d22265c)] core.client.createTransportConnection - AMQ212007: connector.create or connectorFactory.createConnector should never throw an exception, implementation is badly behaved, but we will deal with it anyway. java.security.cert.CertPathValidatorException: Path does not chain with any of the trust anchors at sun.security.provider.certpath.PKIXCertPathValidator.validate(PKIXCertPathValidator.java:153) ~[?:1.8.0_144] at sun.security.provider.certpath.PKIXCertPathValidator.engineValidate(PKIXCertPathValidator.java:79) ~[?:1.8.0_144] at java.security.cert.CertPathValidator.validate(CertPathValidator.java:292) ~[?:1.8.0_144] at net.corda.node.utilities.X509Utilities.validateCertificateChain(X509Utilities.kt:153) ~[corda-node-2.0.0.jar:?] at net.corda.node.services.messaging.VerifyingNettyConnector.createConnection(ArtemisMessagingServer.kt:506) ~[corda-node-2.0.0.jar:?] at org.apache.activemq.artemis.core.client.impl.ClientSessionFactoryImpl.openTransportConnection(ClientSessionFactoryImpl.java:1036) ~[artemis-core-client-2.1.0.jar:2.1.0] at org.apache.activemq.artemis.core.client.impl.ClientSessionFactoryImpl.createTransportConnection(ClientSessionFactoryImpl.java:1076) [artemis-core-client-2.1.0.jar:2.1.0] at org.apache.activemq.artemis.core.client.impl.ClientSessionFactoryImpl.establishNewConnection(ClientSessionFactoryImpl.java:1254) [artemis-core-client-2.1.0.jar:2.1.0] at org.apache.activemq.artemis.core.client.impl.ClientSessionFactoryImpl.getConnection(ClientSessionFactoryImpl.java:891) [artemis-core-client-2.1.0.jar:2.1.0] at org.apache.activemq.artemis.core.client.impl.ClientSessionFactoryImpl.getConnectionWithRetry(ClientSessionFactoryImpl.java:795) [artemis-core-client-2.1.0.jar:2.1.0] at org.apache.activemq.artemis.core.client.impl.ClientSessionFactoryImpl.connect(ClientSessionFactoryImpl.java:238) [artemis-core-client-2.1.0.jar:2.1.0] at org.apache.activemq.artemis.core.client.impl.ServerLocatorImpl.createSessionFactory(ServerLocatorImpl.java:772) [artemis-core-client-2.1.0.jar:2.1.0] at org.apache.activemq.artemis.core.server.cluster.impl.BridgeImpl.createSessionFactory(BridgeImpl.java:803) [artemis-server-2.1.0.jar:2.1.0] at org.apache.activemq.artemis.core.server.cluster.impl.BridgeImpl.connect(BridgeImpl.java:860) [artemis-server-2.1.0.jar:2.1.0] at org.apache.activemq.artemis.core.server.cluster.impl.BridgeImpl$ConnectRunnable.run(BridgeImpl.java:1045) [artemis-server-2.1.0.jar:2.1.0] at org.apache.activemq.artemis.utils.OrderedExecutorFactory$OrderedExecutor$ExecutorTask.run(OrderedExecutorFactory.java:101) [artemis-commons-2.1.0.jar:2.1.0] at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [?:1.8.0_144] at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [?:1.8.0_144] at java.lang.Thread.run(Thread.java:748) [?:1.8.0_144] [INFO ] 2018-03-12T09:55:54,470Z [main] internal.Node.registerWithNetworkMapIfConfigured - Node successfully loaded network map data from the database. [INFO ] 2018-03-12T09:55:54,471Z [main] messaging.NodeMessagingClient.invoke - Network map is complete, so removing filter from P2P consumer. [INFO ] 2018-03-12T09:55:54,490Z [main] BasicInfo.printBasicNodeInfo - Providing network services : corda.notary.simple [INFO ] 2018-03-12T09:55:54,490Z [main] BasicInfo.printBasicNodeInfo - Loaded CorDapps : corda-finance-2.0.0, mokochu-p2p-0.1, corda-core-2.0.0 [INFO ] 2018-03-12T09:55:54,492Z [main] BasicInfo.printBasicNodeInfo - Node for "NetworkMap" started up and registered in 8.09 sec [INFO ] 2018-03-12T09:55:54,495Z [main] messaging.RPCServer.start - Starting RPC server with configuration RPCServerConfiguration(rpcThreadPoolSize=4, consumerPoolSize=2, producerPoolBound=4, reapInterval=PT1S) [INFO ] 2018-03-12T09:55:54,833Z [Node thread] plugin.PluginManager.getPlugins - Loaded plugin Plugin[type=CRaSHShellFactory,interface=ShellFactory] [INFO ] 2018-03-12T09:55:54,834Z [Node thread] plugin.PluginManager.getPlugins - Loaded plugin Plugin[type=GroovyLanguageProxy,interface=Language] [INFO ] 2018-03-12T09:55:54,835Z [Node thread] plugin.PluginManager.getPlugins - Loaded plugin Plugin[type=JavaLanguage,interface=Language] [INFO ] 2018-03-12T09:55:54,835Z [Node thread] plugin.PluginManager.getPlugins - Loaded plugin Plugin[type=ScriptLanguage,interface=Language] [INFO ] 2018-03-12T09:55:54,836Z [Node thread] plugin.PluginManager.getPlugins - Loaded plugin Plugin[type=JaasAuthenticationPlugin,interface=AuthenticationPlugin] [INFO ] 2018-03-12T09:55:54,836Z [Node thread] plugin.PluginManager.getPlugins - Loaded plugin Plugin[type=SimpleAuthenticationPlugin,interface=AuthenticationPlugin] [INFO ] 2018-03-12T09:55:54,845Z [Node thread] plugin.PluginManager.getPlugins - Initialized plugin Plugin[type=GroovyLanguageProxy,interface=Language] [INFO ] 2018-03-12T09:55:54,845Z [Node thread] plugin.PluginManager.getPlugins - Initialized plugin Plugin[type=ScriptLanguage,interface=Language] [INFO ] 2018-03-12T09:55:54,848Z [Node thread] plugin.PluginManager.getPlugins - Initialized plugin Plugin[type=CRaSHShellFactory,interface=ShellFactory] [INFO ] 2018-03-12T09:55:54,848Z [Node thread] plugin.PluginManager.getPlugins - Initialized plugin Plugin[type=JaasAuthenticationPlugin,interface=AuthenticationPlugin] [INFO ] 2018-03-12T09:55:54,849Z [Node thread] plugin.PluginManager.getPlugins - Initialized plugin Plugin[type=SimpleAuthenticationPlugin,interface=AuthenticationPlugin] [WARN ] 2018-03-12T09:56:01,942Z [Thread-0 (ActiveMQ-server-org.apache.activemq.artemis.core.server.impl.ActiveMQServerImpl@4d22265c)] core.client.createTransportConnection - AMQ212007: connector.create or connectorFactory.createConnector should never throw an exception, implementation is badly behaved, but we will deal with it anyway. java.security.cert.CertPathValidatorException: Path does not chain with any of the trust anchors at sun.security.provider.certpath.PKIXCertPathValidator.validate(PKIXCertPathValidator.java:153) ~[?:1.8.0_144] at sun.security.provider.certpath.PKIXCertPathValidator.engineValidate(PKIXCertPathValidator.java:79) ~[?:1.8.0_144] at java.security.cert.CertPathValidator.validate(CertPathValidator.java:292) ~[?:1.8.0_144] at net.corda.node.utilities.X509Utilities.validateCertificateChain(X509Utilities.kt:153) ~[corda-node-2.0.0.jar:?] at net.corda.node.services.messaging.VerifyingNettyConnector.createConnection(ArtemisMessagingServer.kt:506) ~[corda-node-2.0.0.jar:?] at org.apache.activemq.artemis.core.client.impl.ClientSessionFactoryImpl.openTransportConnection(ClientSessionFactoryImpl.java:1036) ~[artemis-core-client-2.1.0.jar:2.1.0] at org.apache.activemq.artemis.core.client.impl.ClientSessionFactoryImpl.createTransportConnection(ClientSessionFactoryImpl.java:1076) [artemis-core-client-2.1.0.jar:2.1.0] at org.apache.activemq.artemis.core.client.impl.ClientSessionFactoryImpl.establishNewConnection(ClientSessionFactoryImpl.java:1254) [artemis-core-client-2.1.0.jar:2.1.0] at org.apache.activemq.artemis.core.client.impl.ClientSessionFactoryImpl.getConnection(ClientSessionFactoryImpl.java:891) [artemis-core-client-2.1.0.jar:2.1.0] at org.apache.activemq.artemis.core.client.impl.ClientSessionFactoryImpl.getConnectionWithRetry(ClientSessionFactoryImpl.java:795) [artemis-core-client-2.1.0.jar:2.1.0] at org.apache.activemq.artemis.core.client.impl.ClientSessionFactoryImpl.connect(ClientSessionFactoryImpl.java:238) [artemis-core-client-2.1.0.jar:2.1.0] at org.apache.activemq.artemis.core.client.impl.ServerLocatorImpl.createSessionFactory(ServerLocatorImpl.java:772) [artemis-core-client-2.1.0.jar:2.1.0] at org.apache.activemq.artemis.core.server.cluster.impl.BridgeImpl.createSessionFactory(BridgeImpl.java:803) [artemis-server-2.1.0.jar:2.1.0] at org.apache.activemq.artemis.core.server.cluster.impl.BridgeImpl.connect(BridgeImpl.java:860) [artemis-server-2.1.0.jar:2.1.0] at org.apache.activemq.artemis.core.server.cluster.impl.BridgeImpl$ConnectRunnable.run(BridgeImpl.java:1045) [artemis-server-2.1.0.jar:2.1.0] at org.apache.activemq.artemis.utils.OrderedExecutorFactory$OrderedExecutor$ExecutorTask.run(OrderedExecutorFactory.java:101) [artemis-commons-2.1.0.jar:2.1.0] at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [?:1.8.0_144] at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [?:1.8.0_144] at java.lang.Thread.run(Thread.java:748) [?:1.8.0_144]
错误消息来自ArtemisMessagingServer,它使用了节点的TLS 证书。该消息表明 TLS 证书链设置不正确,或者节点信任库中的根证书错误。不幸的是,这是一个 java.security 错误,而不是 Corda 错误,它没有提供有关问题确切原因的信息。
您的 TLS 证书应具有以下链:
TLS 证书 -> 节点 CA 证书 -> 中间 CA 证书 -> 根 CA 证书
所有这些证书的密钥都应该使用 TLS-compatible 算法(不是 EdDSA)。