java.lang.ClassCastException: org.bouncycastle.cert.X509CertificateHolder cannot be cast to org.bouncycastle.asn1.x509.SubjectPublicKeyInfo

JIRA | Andrew Kerr | 2 years ago
tip
Click on the to mark the solution that helps you, Samebug will learn from it.
As a community member, you’ll be rewarded for you help.
  1. 0

    I've replaced my hostname with 'hostname', domain with 'domain'. Running puppetserver-0.2.2-1.el6.noarch on the server, puppet-3.6.2-1.el6.noarch on the client. Both on CentOS 6.5. This error occurs when a new client is attempting to connect, and I have auto-signing on. Hundreds of existing clients are having no problem connecting. root@hostname.domain.com~]# puppet agent -t --server=puppetmaster.domain.com Info: csr_attributes file loading from /etc/puppet/csr_attributes.yaml Info: Creating a new SSL certificate request for x.x.x.x Info: Certificate Request fingerprint (SHA256): 85:87:79:1E:E9:84:E7:48:ED:A0:3E:4B:DF:8E:AB:1B:1F:B5:CD:97:FF:A5:C7:A2:61:8D:D5:4C:57:64:0B:F0 Error: Could not request certificate: Error 500 on SERVER: <html> <head> <meta http-equiv="Content-Type" content="text/html;charset=ISO-8859-1"/> <title>Error 500 </title> </head> <body> <h2>HTTP ERROR: 500</h2> <p>Problem accessing /production/certificate_request/hostname.domain.com. Reason: <pre> org.bouncycastle.cert.X509CertificateHolder cannot be cast to org.bouncycastle.asn1.x509.SubjectPublicKeyInfo</pre></p> <hr /><i><small>Powered by Jetty://</small></i> </body> </html> Exiting; failed to retrieve certificate and waitforcert is disabled on the server, in puppetserver.log, this is all I see: 2014-10-20 19:01:02,140 WARN [o.e.j.s.HttpChannel] /production/certificate_request/hostname.domain.com java.lang.ClassCastException: org.bouncycastle.cert.X509CertificateHolder cannot be cast to org.bouncycastle.asn1.x509.SubjectPublicKeyInfo at com.puppetlabs.certificate_authority.CertificateAuthority.pemToPublicKey(CertificateAuthority.java:533) ~[puppet-server-release.jar:na] at puppetlabs.certificate_authority.core$pem__GT_public_key$fn__6957.invoke(core.clj:656) ~[na:na] at puppetlabs.certificate_authority.core$pem__GT_public_key.invoke(core.clj:655) ~[na:na] at puppetlabs.puppetserver.certificate_authority$eval9501$autosign_certificate_request_BANG___9502$fn__9506.invoke(certificate_authority.clj:738) ~[na:na] at puppetlabs.puppetserver.certificate_authority$eval9501$autosign_certificate_request_BANG___9502.invoke(certificate_authority.clj:721) ~[na:na] at puppetlabs.puppetserver.certificate_authority$eval9636$process_csr_submission_BANG___9637$fn__9641.invoke(certificate_authority.clj:825) ~[na:na] at puppetlabs.puppetserver.certificate_authority$eval9636$process_csr_submission_BANG___9637.invoke(certificate_authority.clj:806) ~[na:na] at puppetlabs.services.ca.certificate_authority_core$eval12667$handle_put_certificate_request_BANG___12668$fn__12669.invoke(certificate_authority_core.clj:41) ~[na:na] at puppetlabs.services.ca.certificate_authority_core$eval12667$handle_put_certificate_request_BANG___12668.invoke(certificate_authority_core.clj:36) ~[na:na] at puppetlabs.services.ca.certificate_authority_core$eval12743$routes__12744$fn__12745$fn__12746$fn__12753$fn__12756.invoke(certificate_authority_core.clj:284) ~[na:na] at compojure.core$make_route$fn__10848.invoke(core.clj:99) ~[na:na] at compojure.core$if_route$fn__10832.invoke(core.clj:45) ~[na:na] at compojure.core$if_method$fn__10825.invoke(core.clj:30) ~[na:na] at compojure.core$routing$fn__10854.invoke(core.clj:112) ~[na:na] at clojure.core$some.invoke(core.clj:2443) ~[puppet-server-release.jar:na] at compojure.core$routing.doInvoke(core.clj:112) ~[na:na] at clojure.lang.RestFn.invoke(RestFn.java:439) ~[puppet-server-release.jar:na] at puppetlabs.services.ca.certificate_authority_core$eval12743$routes__12744$fn__12745$fn__12746$fn__12753.invoke(certificate_authority_core.clj:283) ~[na:na] at compojure.core$wrap_context$fn__10909.invoke(core.clj:176) ~[na:na] at compojure.core$if_route$fn__10832.invoke(core.clj:45) ~[na:na] at compojure.core$routing$fn__10854.invoke(core.clj:112) ~[na:na] at clojure.core$some.invoke(core.clj:2443) ~[puppet-server-release.jar:na] at compojure.core$routing.doInvoke(core.clj:112) ~[na:na] at clojure.lang.RestFn.invoke(RestFn.java:486) ~[puppet-server-release.jar:na] at puppetlabs.services.ca.certificate_authority_core$eval12743$routes__12744$fn__12745$fn__12746.invoke(certificate_authority_core.clj:285) ~[na:na] at compojure.core$wrap_context$fn__10909.invoke(core.clj:176) ~[na:na] at compojure.core$if_route$fn__10832.invoke(core.clj:45) ~[na:na] at puppetlabs.services.ca.certificate_authority_core$wrap_with_puppet_version_header$fn__12773.invoke(certificate_authority_core.clj:293) ~[na:na] at puppetlabs.puppetserver.ringutils$wrap_response_logging$fn__9997.invoke(ringutils.clj:34) ~[na:na] at compojure.core$routing$fn__10854.invoke(core.clj:112) ~[na:na] at clojure.core$some.invoke(core.clj:2443) ~[puppet-server-release.jar:na] at compojure.core$routing.doInvoke(core.clj:112) ~[na:na] at clojure.lang.RestFn.invoke(RestFn.java:423) ~[puppet-server-release.jar:na] at puppetlabs.services.ca.certificate_authority_service$reify__12800$service_fnk__5254__auto___positional$reify__12809$fn__12810.invoke(certificate_authority_service.clj:19) ~[na:na] at compojure.core$wrap_context$fn__10909.invoke(core.clj:176) ~[na:na] at compojure.core$if_route$fn__10832.invoke(core.clj:45) ~[na:na] at puppetlabs.trapperkeeper.services.webserver.jetty9_core$ring_handler$fn__7605.invoke(jetty9_core.clj:299) ~[na:na] at puppetlabs.trapperkeeper.services.webserver.jetty9_core.proxy$org.eclipse.jetty.server.handler.AbstractHandler$0.handle(Unknown Source) ~[na:na] at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1112) ~[puppet-server-release.jar:na] at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1048) ~[puppet-server-release.jar:na] at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) ~[puppet-server-release.jar:na] at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:199) ~[puppet-server-release.jar:na] at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:109) ~[puppet-server-release.jar:na] at org.eclipse.jetty.servlets.gzip.GzipHandler.handle(GzipHandler.java:325) ~[puppet-server-release.jar:na] at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:97) ~[puppet-server-release.jar:na] at org.eclipse.jetty.server.Server.handle(Server.java:459) ~[puppet-server-release.jar:na] at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:280) ~[puppet-server-release.jar:na] at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:229) [puppet-server-release.jar:na] at org.eclipse.jetty.io.AbstractConnection$1.run(AbstractConnection.java:505) [puppet-server-release.jar:na] at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:607) [puppet-server-release.jar:na] at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:536) [puppet-server-release.jar:na] at java.lang.Thread.run(Thread.java:745) [na:1.7.0_65]

    JIRA | 2 years ago | Andrew Kerr
    java.lang.ClassCastException: org.bouncycastle.cert.X509CertificateHolder cannot be cast to org.bouncycastle.asn1.x509.SubjectPublicKeyInfo

    Root Cause Analysis

    1. java.lang.ClassCastException

      org.bouncycastle.cert.X509CertificateHolder cannot be cast to org.bouncycastle.asn1.x509.SubjectPublicKeyInfo

      at com.puppetlabs.certificate_authority.CertificateAuthority.pemToPublicKey()
    2. com.puppetlabs.certificate_authority
      CertificateAuthority.pemToPublicKey
      1. com.puppetlabs.certificate_authority.CertificateAuthority.pemToPublicKey(CertificateAuthority.java:533)[puppet-server-release.jar:na]
      1 frame
    3. puppetlabs.certificate_authority
      core$pem__GT_public_key.invoke
      1. puppetlabs.certificate_authority.core$pem__GT_public_key$fn__6957.invoke(core.clj:656)[na:na]
      2. puppetlabs.certificate_authority.core$pem__GT_public_key.invoke(core.clj:655)[na:na]
      2 frames
    4. puppetlabs.puppetserver
      certificate_authority$eval9636$process_csr_submission_BANG___9637.invoke
      1. puppetlabs.puppetserver.certificate_authority$eval9501$autosign_certificate_request_BANG___9502$fn__9506.invoke(certificate_authority.clj:738)[na:na]
      2. puppetlabs.puppetserver.certificate_authority$eval9501$autosign_certificate_request_BANG___9502.invoke(certificate_authority.clj:721)[na:na]
      3. puppetlabs.puppetserver.certificate_authority$eval9636$process_csr_submission_BANG___9637$fn__9641.invoke(certificate_authority.clj:825)[na:na]
      4. puppetlabs.puppetserver.certificate_authority$eval9636$process_csr_submission_BANG___9637.invoke(certificate_authority.clj:806)[na:na]
      4 frames
    5. puppetlabs.services.ca
      certificate_authority_core$eval12743$routes__12744$fn__12745$fn__12746$fn__12753$fn__12756.invoke
      1. puppetlabs.services.ca.certificate_authority_core$eval12667$handle_put_certificate_request_BANG___12668$fn__12669.invoke(certificate_authority_core.clj:41)[na:na]
      2. puppetlabs.services.ca.certificate_authority_core$eval12667$handle_put_certificate_request_BANG___12668.invoke(certificate_authority_core.clj:36)[na:na]
      3. puppetlabs.services.ca.certificate_authority_core$eval12743$routes__12744$fn__12745$fn__12746$fn__12753$fn__12756.invoke(certificate_authority_core.clj:284)[na:na]
      3 frames
    6. kifshare
      core$routing$fn__10854.invoke
      1. compojure.core$make_route$fn__10848.invoke(core.clj:99)[na:na]
      2. compojure.core$if_route$fn__10832.invoke(core.clj:45)[na:na]
      3. compojure.core$if_method$fn__10825.invoke(core.clj:30)[na:na]
      4. compojure.core$routing$fn__10854.invoke(core.clj:112)[na:na]
      4 frames
    7. Clojure
      core$some.invoke
      1. clojure.core$some.invoke(core.clj:2443)[puppet-server-release.jar:na]
      1 frame
    8. kifshare
      core$routing.doInvoke
      1. compojure.core$routing.doInvoke(core.clj:112)[na:na]
      1 frame
    9. Clojure
      RestFn.invoke
      1. clojure.lang.RestFn.invoke(RestFn.java:439)[puppet-server-release.jar:na]
      1 frame
    10. puppetlabs.services.ca
      certificate_authority_core$eval12743$routes__12744$fn__12745$fn__12746$fn__12753.invoke
      1. puppetlabs.services.ca.certificate_authority_core$eval12743$routes__12744$fn__12745$fn__12746$fn__12753.invoke(certificate_authority_core.clj:283)[na:na]
      1 frame
    11. kifshare
      core$routing$fn__10854.invoke
      1. compojure.core$wrap_context$fn__10909.invoke(core.clj:176)[na:na]
      2. compojure.core$if_route$fn__10832.invoke(core.clj:45)[na:na]
      3. compojure.core$routing$fn__10854.invoke(core.clj:112)[na:na]
      3 frames
    12. Clojure
      core$some.invoke
      1. clojure.core$some.invoke(core.clj:2443)[puppet-server-release.jar:na]
      1 frame
    13. kifshare
      core$routing.doInvoke
      1. compojure.core$routing.doInvoke(core.clj:112)[na:na]
      1 frame
    14. Clojure
      RestFn.invoke
      1. clojure.lang.RestFn.invoke(RestFn.java:486)[puppet-server-release.jar:na]
      1 frame
    15. puppetlabs.services.ca
      certificate_authority_core$eval12743$routes__12744$fn__12745$fn__12746.invoke
      1. puppetlabs.services.ca.certificate_authority_core$eval12743$routes__12744$fn__12745$fn__12746.invoke(certificate_authority_core.clj:285)[na:na]
      1 frame
    16. kifshare
      core$if_route$fn__10832.invoke
      1. compojure.core$wrap_context$fn__10909.invoke(core.clj:176)[na:na]
      2. compojure.core$if_route$fn__10832.invoke(core.clj:45)[na:na]
      2 frames
    17. puppetlabs.services.ca
      certificate_authority_core$wrap_with_puppet_version_header$fn__12773.invoke
      1. puppetlabs.services.ca.certificate_authority_core$wrap_with_puppet_version_header$fn__12773.invoke(certificate_authority_core.clj:293)[na:na]
      1 frame
    18. puppetlabs.puppetserver
      ringutils$wrap_response_logging$fn__9997.invoke
      1. puppetlabs.puppetserver.ringutils$wrap_response_logging$fn__9997.invoke(ringutils.clj:34)[na:na]
      1 frame
    19. kifshare
      core$routing$fn__10854.invoke
      1. compojure.core$routing$fn__10854.invoke(core.clj:112)[na:na]
      1 frame
    20. Clojure
      core$some.invoke
      1. clojure.core$some.invoke(core.clj:2443)[puppet-server-release.jar:na]
      1 frame
    21. kifshare
      core$routing.doInvoke
      1. compojure.core$routing.doInvoke(core.clj:112)[na:na]
      1 frame
    22. Clojure
      RestFn.invoke
      1. clojure.lang.RestFn.invoke(RestFn.java:423)[puppet-server-release.jar:na]
      1 frame
    23. puppetlabs.services.ca
      certificate_authority_service$reify__12800$service_fnk__5254__auto___positional$reify__12809$fn__12810.invoke
      1. puppetlabs.services.ca.certificate_authority_service$reify__12800$service_fnk__5254__auto___positional$reify__12809$fn__12810.invoke(certificate_authority_service.clj:19)[na:na]
      1 frame
    24. kifshare
      core$if_route$fn__10832.invoke
      1. compojure.core$wrap_context$fn__10909.invoke(core.clj:176)[na:na]
      2. compojure.core$if_route$fn__10832.invoke(core.clj:45)[na:na]
      2 frames
    25. puppetlabs.trapperkeeper.services
      AbstractHandler$0.handle
      1. puppetlabs.trapperkeeper.services.webserver.jetty9_core$ring_handler$fn__7605.invoke(jetty9_core.clj:299)[na:na]
      2. puppetlabs.trapperkeeper.services.webserver.jetty9_core.proxy$org.eclipse.jetty.server.handler.AbstractHandler$0.handle(Unknown Source)[na:na]
      2 frames
    26. Jetty
      QueuedThreadPool$3.run
      1. org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1112)[puppet-server-release.jar:na]
      2. org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1048)[puppet-server-release.jar:na]
      3. org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)[puppet-server-release.jar:na]
      4. org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:199)[puppet-server-release.jar:na]
      5. org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:109)[puppet-server-release.jar:na]
      6. org.eclipse.jetty.servlets.gzip.GzipHandler.handle(GzipHandler.java:325)[puppet-server-release.jar:na]
      7. org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:97)[puppet-server-release.jar:na]
      8. org.eclipse.jetty.server.Server.handle(Server.java:459)[puppet-server-release.jar:na]
      9. org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:280)[puppet-server-release.jar:na]
      10. org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:229)[puppet-server-release.jar:na]
      11. org.eclipse.jetty.io.AbstractConnection$1.run(AbstractConnection.java:505)[puppet-server-release.jar:na]
      12. org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:607)[puppet-server-release.jar:na]
      13. org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:536)[puppet-server-release.jar:na]
      13 frames
    27. Java RT
      Thread.run
      1. java.lang.Thread.run(Thread.java:745)[na:1.7.0_65]
      1 frame